Anna Rose (00:05): Welcome to Zero Knowledge. I'm your host, Anna Rose. In this podcast, we'll be exploring the latest in zero knowledge research and the decentralized web, as well as new paradigms that promise to change the way we interact and transact online. (00:27): This week I catch up with Hadrien Charlanes from Sismo. We chat about his early experiences; building and DeFi, and how this led him to build Sismo, a decentralized identity product with privacy preserving properties. We cover the ZK badge concept, how they're minted, what is happening under the hood, and then explore some interesting emerging use cases for these. Now, before we kick off, I just want to let you know about the upcoming zkSummit9 event happening on April 4th in Lisbon. Join us once again for our 9th edition of the summit with all the latest research and most cutting edge implementations in the ZK space. You can find out more at zksummit.com, and I hope to see you there. Now, to the builders and hackers among you, I also want to highlight another event called zkHack Lisbon, which will be happening just a few days before the zkSummit also in Lisbon. So this is happening on March 31st through April 2nd. It's our first IRL hackathon focused on cool use cases in ZK. The application is open to potential hackers. I'm also adding this to our show notes. Now, Tanya will share a little bit about this week's sponsor Tanya (01:35): Anoma's first fractal instance. Namada is launching soon! Namada is a proof of stake L1 for interchange asset agnostic privacy, Namada natively interoperates with fast finality chains via IBC and with Ethereum via a trustless two-way bridge. For privacy Namada deploys an upgraded version of a multi-asset shielded pool circuit, otherwise known as MASP, that allows all assets fungible and non-fungible to share a shielded set. The MASP circuit's latest update enables shielded set rewards directly in the shielded set, a novel feature that funds privacy as a public good. Visit namada.net for more information and join the community on discord at discord.gg/namada. So thanks again, Anoma, and now here's our episode. Anna Rose (02:23): So today I want to welcome Hadrien Charlanes, the founder of Sismo. Welcome to the show, Hadrien. Hadrien Charlanes (02:28): Hey, thanks. Thanks for inviting me. Anna Rose (02:31): I am very excited to dig into the topic for today, which is Sismo. So it's actually come up a couple times on the show, but before we dive into Sismo, let's learn a little bit about yourself. What's your background? What were you doing before you jumped into this project? Hadrien Charlanes (02:45): Yeah, so actually I was interested into blockchains when I read about the Bitcoin whitepaper pretty early on in my studies, and I was looking for a reason to be an entrepreneur, having been passionate about startups and things like that since I was very young. And so that was it. I'm from an engineering background, I was looking for a long-term big, changing, industry. And when I read about the Bitcoin whitepaper and this fact that we are able to transact without any in intermediary, that was fascinating to me. And I was thinking, okay, why don't we do more than just money? And then I went to meet ups and I didn't like that much the, you know, the taxes theft stuff. Anna Rose (03:30): Taxes theft? Yeah. Hadrien Charlanes (03:33): Yeah. Yeah. At that time that was it. Like it was, I guess in 2014 or something Anna Rose (03:37): Oh yeah, early. Okay. Hadrien Charlanes (03:39): And then I was very lucky that pretty early on, somebody told me about in a Bitcoin meet up, hey, this thing, the Ethereum, you might like it because you are more into like entrepreneurship part of it. Like a bit more pragmatic, let's say, instead of super, not dogmatic, but like ideologies. So he told me about Ethereum whitepaper that was just being released and then I dig into the Vitalik hole. At that time, I think he was very articulate and was able to gather cool people. So that's when I went all in. I was one of the first employees of Consensus. Anna Rose (04:13): Oh, wow. Hadrien Charlanes (04:14): And then I built a Stablecoin projects there that was called VariabL, so DeFi but timing was a bit too early. Anna Rose (04:21): Early. Darn. Hadrien Charlanes (04:22): Yeah. Anna Rose (04:23): Wow. I didn't actually know there were Stablecoin projects back then. What was that like? Like what kind of Stablecoin was it? Hadrien Charlanes (04:29): Yeah, so I think that we were all pretty convinced that if we wanted to do real world applications, we needed Stablecoins because otherwise, like real users couldn't, like the volatility of the assets is definitely a blocker for any real world applications. So when I started the project, I think it was the early days also of Maker and so my project was close to Maker. Actually, all Stablecoin projects that are algorithmic behaved the same. There are people that wants volatility, the traders, there are others that don't want it, the 'Stablecoiners'. And you find a way in the system to sell the volatility to traders. So Maker is doing this, when you issue DAI, you are taking a bet, depending if you sell them or not, but there are traders that take leverage on the price of the collateral and others that sell this when you exchange against the DAI. (05:23): Anyway, so we're thinking about these things. So it was called VariabL. It was a derivatives exchange close shot to Angle protocol that is a French product that is basically the revamp of VariabL in a way better way and smarter and stuff like that. Very happy to see them doing it. Anna Rose (05:43): Cool. Hadrien Charlanes (05:43): A French team that is doing the Euro Stablecoin. So anyway, so did DeFi early on within Consensus, then there was the Isomania and the incentives were all around. Like, the way for me to keep on building this project was to do a big ICO. Yeah. And that's, I didn't feel comfortable doing this. I didn't like that much, this period. I think it was, you know, I studied like super ideologies. I want to build stuff like with crazy cool people. Like Ethereum didn't exist, there was no price involved. Everybody was like crazy, passionate and smart. And then it was my first time that I anchored to like the euphoria. And so I didn't like that much what it did to the community. So anyway I left the project to Consensus and that's when I thought, okay now it's time to do the things that I never done, like the real cryptography. And that's when I I thought that Zcash at the time, the Zcash community was an amazing community. Anna Rose (06:44): Yeah. Hadrien Charlanes (06:45): I think we met at Zcon one Anna Rose (06:47): Very likely, or Zcon0. Was it in Montreal? Hadrien Charlanes (06:50): I think? No, no. It was the one in Split. Anna Rose (06:52): Okay. Hadrien Charlanes (06:52): Like, like that was the end of my, I spent four months doing all the cryptography from 0 to Anna Rose (06:59): Wow. Hadrien Charlanes (07:00): Pairing. Yeah, it was good to build our pairings. Of course now I've lost it. But one week ago actually, I was moving stuff in my apartment and I found my pile of sheets with like the demonstrations of math, but I don't understand them any longer, but, Anna Rose (07:16): Oh, no. Hadrien Charlanes (07:16): So anyway, I had like, I felt I needed to see what's the crypto behind all of what we do. And also Zcash was great. I think the community during the Bear market around your zkSummit that you organize, your podcast, the Zcon, the Zcash, even the zkSNARKS applied to Ethereum. All these things like you know, at some point we wanted to do a bridge between Ethereum and Zcash. And I think that was the most interesting part of that time and to be honest, I was less enthusiastic about the Ethereum community that had this, ETH is money meme and that's not my stuff anyway. Anna Rose (07:55): But even the era you're talking about was 2019, had you not felt like that had been cleared out yet by 2019 because like the Zcon you talk about that's 2019. Hadrien Charlanes (08:06): Yeah. Anna Rose (08:06): May or so, May/June. So yeah, like 2019 was like the depths of the Bear market. I felt like ICOs were long gone by then. Hadrien Charlanes (08:15): Yeah. Yeah. Actually, yeah. Maybe I was not clear. So I saw, I didn't like it, of course. Anna Rose (08:19): Yeah. Yeah. Hadrien Charlanes (08:19): But the aftermath of the ICO was Anna Rose (08:21): Was also bad? Hadrien Charlanes (08:23): Was also really bad because then it's the first time that I saw Ethereum community in a defensive mindset. You know, we were like, oh, Bitcoin, they are defensive, they are maximalist, and of all that. And we started to feel the same way about Ethererum. And I was thinking, no, this community is not about this. It's not about like being defensive and saying ETH is money and is better and stack ETH during the Bear market. I didn't like that. Anna Rose (08:44): Yeah. Hadrien Charlanes (08:44): So that's when where I kind of left. And in retrospect, I think that we were missing, the community was still there, but we were missing a substrate. Something to think about instead of the price. Anna Rose (08:56): Yeah. Hadrien Charlanes (08:56): And that's DeFi, like DeFi when it happened, then it went crazy. Like we like a lot of innovation Anna Rose (09:03): Yeah. Hadrien Charlanes (09:03): Was so great and so I had to get back there and that's what the thing that I was building with VariabL, like the cannot DeFi, like that's what my thesis is there, was that we can do so much cool financial stuff. (09:15): Elaborate on Ethereum. So I joined Aave as a smart contractor for a year and that was great. Like right after the DeFi summer, spent a year there. And then we have all, we had all the NFT, ENS, even lot of DAOs, lot of things, lot of diverse data that are starting to be gathered on-chain. For myself as a long-time Ethereum builder and as a contributor, I had a wallet where I get my payments. So that's my professional wallet. I had my private wallet where I do my weird things, bad trades, payments, all these things Anna Rose (09:50): We all have that. Hadrien Charlanes (09:51): Yeah. Anna Rose (09:52): Our shame, our shame wallets Hadrien Charlanes (09:54): Yeah. Shame wallet. Exactly. Maybe I have an anon account. I have also my, Anna Rose (10:00): Have I interacted with your anon? Hadrien Charlanes (10:02): I don't know. Maybe everybody needs to be candid with me because you don't know and I don't have real account. Anna Rose (10:10): Okay. Hadrien Charlanes (10:12): But yeah. And then I think almost everyone has like this public wallet that you put on Twitter where you signal stuff. Like, I'm using the agent that is to signal the project that I like. And it's really like my resume, my on-chain resume. So we realize that, oh, actually now Stablecoins is fixed. Like we have some financial infrastructure that is being built. The second big theme since the beginning of Ethereum was identity. How can I use these wallets to store more than just money, but to store identity? And so I think for the first time in 2021/2020, we had some diverse data. And we had issue with, okay, now that I have data, it's mine, it's not in a Web2 server, how can I leverage them? (10:56): Well, in DeFi, what's great that all applications talk the same language. So let me precite that, whether you are Uniswap or on Aave or on Curve or these things, you cannot use your private wallet, your financial wallet. So there's no privacy constraints be be behind the fact that Uniswap knows that I'm using Curve, I'm using Aave. It's still the same identity. Whereas now I think that since we have several identities, at some point we want to aggregate them. Like let's say that I'm an Aave paid employee with my private wallet where I do trades, I vote on the governance on my vanity address, I maybe vote on the forum. Like on Twitter I participate. So I have three wallets that and I want no link between them. Anna Rose (11:46): Yeah. Hadrien Charlanes (11:46): But the aggregated social capital within the other community is very good. Anna Rose (11:51): Yeah. Hadrien Charlanes (11:52): There's no way today to prove stuff about yourself apart from the fact, I give you my address. Anna Rose (11:57): Yeah. Hadrien Charlanes (11:57): But I don't want to give you my private wallet. I don't want to give you the one I was paid in Aave. So I can only give you my vanity address. And so that's the rise of Sismo is the fact that, okay, what happens with financial assets and financial capital within DeFi, it'll happen on the Web3 social and on the social capital. But for this, we need to be able to unlock all the possibilities. Like let's say create a credit score that takes in a cultural professional reputation, maybe your Uber reputation as a good driver and many things. Now that the data is ours, we can actually do things with them, but we need privacy. Anna Rose (12:34): Yeah. Or you need ways to not link it. Right, like, you need a way that it's not all linked together all the time. This is so, I mean, I really like how you're telling this story because you can see like the problems that you're trying to solve with Sismo emerging very organically. Like you yourself are experiencing them, you're seeing your peers experiencing them. There, you do also have the case of like, they're assuming they have like multiple users when there is actually one. It might actually be really interesting to know that there's like, who are the real power users and yeah, without revealing how they're connected. (13:09): Do you think actually, like was the airdrop farming also a bit of a thing here where you see people kind of just like they're doing actions on-chain to get an airdrop and you see like that's where that reputation or like towards identity, they're trying to do like the most basic thing with a bot that you have to do to get an airdrop. But it's very, because the airdrop issuer doesn't really have that many other ideas to show what engagement looks like, they're just sort of using this very simple metric. But here you could actually maybe show that like yeah, you know, we're doing, I'm doing actions with multiple accounts across, and it actually sums up to something more human than these like stupid bots that all do the same action across a number of wallets. Hadrien Charlanes (13:51): You know, I talked about the Stablecoins and the fact that to have some financial infrastructure, we needed stablecoins. And then DeFi was about the fact that everything was super liquid thanks to the ERC-20 standard. The tokens stand out, you can stake your token in the protocol, then you get a receipt as tokens too, that you can reuse elsewear. And that's the liquidity and the stability thanks to Stablecoins. That's why I think that's my opinion of why DeFi is great and why it was unlocked during DeFi summer. You had first Stablecoin and second you had this standard to communicate between financial systems. And similarly, I think like for the Web3 social, there's this big thing, it's civil resistance. That's something that we need to solve. To think about sound airdrops, I think you need first to make sure that each claimer is a human, is a unique human meaning that Anna Rose (14:47): Yeah Hadrien Charlanes (14:47): One human can only claim once. (14:50): So that's the civil resistance, that's things that we don't like, we follow closely like Worldcoin, like Proof of Humanity. And there are other things that are working on it. These teams are working on very, very important problem, and Sismo is working more on understand how to make your reputation, your social capital liquid. And so for instance, with Sismo, you could have, okay, prove that I'm a human, a unique human using Worldcoin, for instance, or any other tool. First prove to me, that's a human. So you can only can once and then from all your accounts, you will aggregate, let's say your volume on my exchange and then you get to a job proportional to that. And that way I think our jobs will be way more sound. Basically, we don't have enough tool yet to be smart about reputation, about what it means in engagement. The civil resistance, I think is one of the core thing that will unlock so much more. Anna Rose (15:44): In understanding this concept of like on-chain identity as forged through actions to sort of create the story of a human. I really liked that idea that it was like, it was very, it seems very merit based, right? It's like what you've done, not who you are. I really like that. But I think what we've also seen are just people who write scripts that just do that on multiple addresses. So it just looks like, you know, slightly human activity, but it's just kind of completely automated and they can like just farm that, like you mentioned, Worldcoin has this way of proving your humanity. They scan your iris with an orb and I have some friends that work there, but I've always found that the orb scanning part makes me uncomfortable. I just can't believe that there's not something more creative in trying to determine that somebody is human, that we have to kind of resort to the iris and yeah, I just wonder like if you've thought if there aren't better ways to do this Hadrien Charlanes (16:39): Yeah, totally agree. Like that's actually like I told you about like Stablecoin and civil resistance and how it can relate in my opinion, Worldcoin or Proof of Humanity or KYC solutions that it's yes or no is basically the centralized Stablecoin. Like it's okay, you go outside of crypto and then you get a stamp. So I won't judge the solutions, but it's perfect. Like in the sense it's like the USDC the trust assumption is really on the central party here is the same with Worldcoin with Proof of Humanity, with KYC, they are in charge of it and then they are the algorithmic civil resistance. And of course, I think Gitcoin passport is a great trial at this. I think that there are also teams that are working on your graph, let's say that if you prove that you have a social graph, you know, every human on earth is connected on the risk there is like seven levels. I mean like Anna Rose (17:36): Oh, 6 degrees of separation, something like that. Hadrien Charlanes (17:38): Yeah exactly, something like that Anna Rose (17:39): We just had a chat about that, so apparently in crypto it's probably far fewer degrees of separation. But anyway. Hadrien Charlanes (17:47): Exactly. But if somehow you can measure the closeness of an account, like basically the real attention it gets like the closest it is to real humans and that humans are incentivized to create that could be a way. The other ways I think is, is the attention, like instead of just saying like having an account or not, you can see whether it gets attention or not. It's, it's very likely that bots don't get attention. Actually we don't know with ChatGPT, maybe it'll change. Anna Rose (18:15): Yeah, that's actually as we're talking about it, I'm realizing that too. But yeah, so what you're saying is like a reputation score of some sort. Like, so because they're being followed, like they're doing some actions that people are recognizing as interesting and then they're being tracked or they're being followed or they're being starred or something like that by a community, which suggests it's real. And yeah, I actually, as we were talking through this whole thing, definitely the AI component comes in where you're like that idea of these scripts and these bots doing things that seem kind of like human enough to get an airdrop. Like who's to say that there isn't scripts or bots, like AI bots that actually start to look kind of human. Hadrien Charlanes (18:51): Hopefully. Like there can be ways to think about it, it's just a way to, so that you have a unique account, but it doesn't mean that you have a unique identity. Like that's what Sismo is trying to do. Like Sismo basically it allows from all the accounts that you have and why one might be your welcome account. You can do stuff from all your data. We can sit as a, I didn't spend enough time to think about like all the philosophical consequences but it's not because you do something like welcome, you can just be one more tool for your identity. Sometimes you need to it, sometimes not, but of course right this dystopian stuff can. Yeah, definitely one the feelings it gives Anna Rose (19:33): I think, now let's talk more about what Sismo is doing, because I think what we've just set is like a few of the problem spaces or things that it's trying to solve. Well how does Sismo work? What is it? Hadrien Charlanes (19:44): Yeah. So Sismo works basically there's two sides within Sismo. Like ZK people will know that they are provers and verifiers. That's one of the main things in ZK. And the ZK provers, what's great is that they are privacy preserving, meaning that they just prove a specific fact that is targeted. You build the circuits to allow someone or something to prove one specific fact without proving the core data that you are. So, okay. Once you have verifiers and provers, that's the ZK. It's using ZK scaling, everything that is proved is public and you use that just to say it's legit and you have no privacy reason. So that's interesting. The way we use it, ZK is for privacy and our concerns like, okay, users have data on their wallets and they want to prove stuff from them or even from their Web2 identity. (20:34): By the way, we support Twitter and GitHub for instance, but users have accounts and they want to prove stuff to third parties without revealing their addresses or their accounts. So Sismo allows you to, I have a wallet with like a 10,000 transaction, but I just want to prove that I have this NFT or that I am a big user of Ethereum. I will be able to do that. I will be able to generate a ZKProof within Sismo. And this ZKProof can either be sent to a third party that verifies it. This is more of the long term approach, but currently what we do, like this ZKProof is used to generate a ZK batch. So we send the ZKProof to what we call a ZK attester. It's a smart contract that has two roll, three rolls actually. First it verifies that the proof is valid, then installs the unifier like Tornado Cash or Semaphore. Anna Rose (21:26): Yeah. Hadrien Charlanes (21:26): It makes sure that I cannot choose the same source twice. And third, it's issued the ZK badge, that is an SBT, soulbound token basically it's a non-transportable token. And we think as ZK badges as tokenized attestations, basically they are test for something. So very concrete example, during ZK Hack III workshop people that sold the puzzles were offered a ZK badge. And what it means is that we created this group of eligible users. So we have the list of all people that sold the puzzles and within Sismo they were able to generate the ZKProof that they're part of this group. That's the real proof that is generated. I'm part of this group and then the ZKProof is sent to a ZK attester and issues a ZK badge. Okay, I'm a successful submitter of ZK Hack III's workshop. So that's it, that are the core example. Then what it allows to do now you can do our jobs to these people for them. They don't have to reveal who they are, why they exactly are, that's interesting. You can do like privacy preserving votes. If you want to learn, get feedback on ZK Hack III workshop, you can do a vote and now you know that you won't be able to say, Hey guys, where where did you say that, that's interesting. Anna Rose (22:40): Just to clarify though, when you talk about this sort of creation of the badge, what I had not realized when I first kind of was seeing the product was that it gets created anywhere you want. So it's that separation. Like especially if you're trying to track like on-chain activity or a Twitter account or anything like that, the attestation badge can be kind of minted in a very different place. An address that's not connected at all. Right. Hadrien Charlanes (23:06): Yeah. Thanks a lot for precising that. But yeah, that's the point. We have source destinations that allows you to prove stuff about your reputation, your data, your history, and then you can meet the badge on any destination. A bit like sometimes people referrals have as Tornado Cash for data, meaning that you have data on an account and you can transfer it to another without revealing, and it's granular meaning that you can reveal any part of it. And as for app developers, like when you guys created the ZK badge, you went through the factory, you just have to copy paste your whitelist or use some data providers like, okay, I want to create a batch for all my photos or lens. So invite you to take a look at a factory.sismo.io, anyone can create a ZK badge it's permissionless. That's the first entry of a ZK badge. Now we have to find utilities. Since it's a token, it's already integrated in great tools like Gear, like Snapshot, all these things. Anna Rose (23:58): So actually I want to spend time talking about sort of the use cases and the different ways that you're seeing teams use it. But before we do that, I want to sort of look a little bit under the hood at what it is. So you're built on Ethereum, so you had mentioned factory.sismo.io. Yeah, maybe just explain like what is actually, where is Sismo? What is it? And maybe is there anything off-chain happening? Hadrien Charlanes (24:20): Yes. Actually I wouldn't say that it's Ethereum based. I mean it is. So we have circum circuits that allows people to prove they're part of groups. The way it works, that basically we create a group. So let's say that I take all my lens followers, like all addresses that voted on specific DAO have this group of let's say 100 addresses. What will happen is that we turn that into Merkle Tree and in the proving scheme, which will prove it that first you own a source account that is part of the tree. And secondly that you're the owner of the destination account, the one that will receive the badge or the one that will be the destination of the ZK badge. So the proving part is off chain. It's in Sismo frontend. That's the main difference that we have with the ZK scaling team is that our constraint is that all ZKProofs are generated in the front end because what once that only the users has access to that. Yeah. So that's one constraint. Anna Rose (25:15): Ah, do you mean like, so all the proof generation is happening in the browser of the user? Hadrien Charlanes (25:20): Exactly. Anna Rose (25:21): Okay. Hadrien Charlanes (25:21): So we have the proving scheme. You approve your part of the group, then it gets verified on-chain and you get a ZK badge, now Sismo has an infrastructure that creates all these groups. So when you create a group in the factory, you will actually create a PR like the factory. What does is just a no code UI on top of one of the reports that is open source, that is the Sismo hub that does any request. If I can get my followers, it turns that into a Merkle Tree and the Merkle Tree is pushed on-chain so that then the ZK attesters can verify the ZKProofs. Anna Rose (25:55): Interesting. Hadrien Charlanes (25:55): So now just a small nuance. Okay, for now, we verified the ZK proof on-chain and it chooses the ZK badge, but the ZK proof could very well be verified into a backend of any service. (26:08): So in that way, we are using Ethereum as a source of truth for our roots. The roots of our groups and everything is transparent, meaning that we are the central entity that updates this roots, but all these open source, so you can very well see if we, if we cheat basically. So we are trusting, but we are auditable entirely. So anyway, so we have this roots on-chain, then we write attestations as ZK badge on-chain. But we could very well use the ZKProof outside of the blockchain world. And I think this is a big part of Sismo too is that later, I don't know, I'm in a ZK shop. I don't know. I want to, let's say like the ZK Hack people, I want to let them buy a hat. I don't need them to have ZK badge. I just need like that my server checks that they were part of ZK Hack. So with this model, they will prove that they're eligible to this off-chain service. Anna Rose (27:02): Oh, interesting. Hadrien Charlanes (27:03): And the off chain service can verify that off chain. So that's a small nuance that we have is that I think SBTs are the best, and we'll go for this for a long time. Like that will be our main focus for the ZK badges. But it doesn't stop here of course and it's like the ZK is more than blockchain. It's cross-chains like Anna Rose (27:20): And so what you're saying here is it's like, it's not tied to Ethereum, but you're using a property of Ethereum because a lot of the use cases that you're dealing with are also blockchain use cases, but you could use a very similar architecture set up maybe even a lot of what you've already built off chain without a blockchain or on any other blockchain. I guess you just have to recreate the verifier smart contract package there Hadrien Charlanes (27:42): Yeah, exactly. Anna Rose (27:44): I'm kind of curious what proving system you're using and like if you ever had to do a trusted setup. If you're saying proof generation happens in a browser, I'm assuming it's like quite a quick proving time, but yeah. What is the actual zkSNARK there? Hadrien Charlanes (27:58): Yeah, so currently we are still on Groth16 using Circum. So we have one trusted set, but for all the groups, so as I told you before, like the ZK scheme for us is prove that you're part of a group and we manage to make the circuits where the size of the group can move, like can update and basically as variables you get the root. So that's why in the factory it's always the same. Like in the factory, if you want to create your ZK badge, you basically select the group of eligible users. But then the ZK scheme is always the same. So we use one ZK scheme, it's called the Hydra-S1 ZK scheme. The trusted setup was done with several people. It's not like entirely like community driven because we're still in Alpha and I think we don't want to hide the fact that we've done everything we can, but we didn't go into like the Anna Rose (28:41): I see, I see. Hadrien Charlanes (28:42): The whole almost yeah Anna Rose (28:43): And that's actually, that's sort of what I realized too is it feels like it's in experimental phase and yet I know that there are people who like want these badges as though it's a finished product but it's an iteration. Right? It's like you wanted to sort of get something out to show it. And this is what's really cool is like, you know, I've been hearing about use cases kind of through other teams where like somebody had created one of these Sismo badges for action on a DeFi product or like action over here. And it's like, it wasn't from you guys. It's like some other team thought, oh, this would be really cool to do. Do you, do you get compared to POAP a lot? Hadrien Charlanes (29:24): Yeah, it's so POAPs are good friends of ours and I think that they are aiming at the mainstream where building infrastructure and I think we can add a privacy layer for them. I think we need these kind of teams that are more towards mainstream. I think they're doing an amazing job. Yeah. I don't have a definite answer for this. I think that there are some similarities, but ours is really centered around the infrastructure part of not tokenizing your events, your life or stuff like that. That I think it's more POAP, but it's more about bringing liquidity to the data you already have. So for instance, like POAP, all these people that are tokenizing reputation, tokenizing facts, real life, we want to tell them, hey guys, we are a tool for you to make your POAP more usable. Because with small, for instance, you could create, okay, I take all the orders of this POAP by the way you can do it today in the factory, no code. You just choose POAP, you put choose the ID of the POAP and it creates a ZK badge. And then you can use the ZK badge to do like your private airdrops. Anna Rose (30:26): Yeah Hadrien Charlanes (30:26): But are also something that we shipped anyway. So yeah, like all people that create data, we want to help them all people that tokenize well to our real world data want to help them to have a good intro to make the best out of it. Anna Rose (30:40): Like, just to kind of riff a little bit on the POAP idea though, like, could you do something where you want to invite everyone who had been to an event that received a POAP in-person events before, let's say 2020. So say like someone had created a ZK badge that just said, if you've been to any of these events, we want to give you a new special badge. You could just submit like, yeah, this address, like I have this POAP on this address, I can submit it and then I can po I can point the badge to an, like a brand new account. Something where it's completely detached from the account that had actually received that POAP so many years ago. It's an account I don't use anymore. I'm super embarrassed by all the terrible DeFi trades I made on there. But like you could still get the benefit, you could have that sort of newer token that signifies that you've actually done this thing. And that would be actually very interesting if people wanted to like tap into like the early community who was there a couple years ago and how to reward them. Just an idea there to throw it out into the world for anyone who might want to do that. Hadrien Charlanes (31:44): Yeah, I'm sorry to tell you, but it does, it already exists Anna Rose (31:47): Oh damn. Okay, what's it called? Hadrien Charlanes (31:49): No, no, no. Since we are permissionless, anybody can create a badge and so some specific badge are created by the governance. So by the community, by the DAO, it's a proto-DAO, it's not a real DAO and they don't have power, but they help us. We consider them on things. Anna Rose (32:04): Okay. Hadrien Charlanes (32:04): So one of the creative badges today is like the proof of attendance ZK badge. and basically we pulled all the cool events that we thought about, like all the DevCons, BitCons, the CC, the DAO Berlin like all these things, maybe some ZK events. I don't know if you, Anna Rose (32:20): Oh we never did POAPs sadly. I'm bummed Hadrien Charlanes (32:25): And so yeah and that was for us a badge that is civil resistant, meaning, you know, we talked about like, we don't like that like the Worldcoin, the KYC, all this thing is centralized and this POAP is, is for us it was making something resistant. If you are part of one of these events before the airdrops existed and everybody was trying to get worse or nothing, it means that you are somehow a human and as you said, you can send it to a virgin address and so then you can prove that you are an OG without proving anything. Yeah. Anna Rose (32:55): Yeah. Have there been any use cases that kind of surprised you? Things that like you actually had not predicted and were quite shocked when people were trying to build something with it? Hadrien Charlanes (33:05): So I guess there are maybe three things. We have this mascarade, I don't know if you know about it Anna Rose (33:08): No Hadrien Charlanes (33:10): It's a privacy preserving party that we do each year at ETHCC. Anna Rose (33:14): Oh cool. Yeah, you told me about that. I haven't been to it yet. Hadrien Charlanes (33:17): So we have the mask and stuff like the Venician vibes. Anna Rose (33:20): Nice. Hadrien Charlanes (33:20): Like in Venice it was great. Next one will will be even greater I think. But, so we didn't know really how to give tickets to these people because it was limited. So we said, okay, let's create a ZK badge for people that follow mascarade on Lens and so that was great. Like many people did this and then they had to apply with the form and give feedback, help us basically. And so we were able to like create the community because we have limited places. But what I think we didn't expect that then it created sort of a trend like with many people creating the ZK badge like, hey, follow your me on Lens. Like, you know, the close to farmer but not farmer. Anna Rose (33:56): Okay. Hadrien Charlanes (33:56): It's fun because some, that's not the best use case for us. (34:00): Like even if it is interesting, it's, yeah, a way to attract followers is to, hey guys, follow me on Lens and you'll get my personal ZK badge and then you, I'll give you access to some stuff with it. I think it's, it might seem like farmer stuff or just like trying to get more followers, but maybe it's the revamp of the personal tokens. Anna Rose (34:21): Yeah. Hadrien Charlanes (34:21): Like soon maybe you'll be able to do it with Sismo, hey, I created this group for people that follow me on Twitter or follow me on Lens or I don't know, or I don't know. And that creates your community ZK badge and then you can give those people, I don't know, access to your newsletter and to physical events. That was something that was cool. Anna Rose (34:43): Nice. Hadrien Charlanes (34:43): And then there's this team ZKPay that are building on top of Aztec that gated their community to the holders of the Aztec user ZK badge. (34:54): So they created like a very nice badge that is trying to remove farmers from their badge. Like doing an average of, I don't know open wide deposit in three times or I don't know what. And so that was cool because that was the real vision. We didn't push with it that's gonna be for next year, but we didn't push that much for now. We were more trying to let people understand what the ZK badge is, you prove stuff from the source, you get a badge on the destination. But now they directly use it as access control and that's definitely what we want to do. So that was fascinating to see those and yeah, I guess it's the number of badges that are created. We don't push, we don't have marketing that much. We don't push that much. But in two weeks after the update that we did, we did 2X on these things. So, and now, anyway, now so is those just the beginning? To be honest, but we hope to see weird things. To be honest, I didn't see the weirdest things that I want. Anna Rose (35:47): Okay. You you're saying you're waiting for something weirder. Okay, cool. Hadrien Charlanes (35:50): Yeah, to be honest, like because it's so powerful, because imagine like, let me give you like some things that are possible. Okay, so now it's a group of eligible users, we can get the ZK badge. But now imagine that you say, okay, deposit into this contract ETH, for instance, and then you get the ZK badge that prove that you deposited this contract ETH. And the only way to withdraw your it is to burn your ZK badge. If you do that, it's close to a very known protocol that if you think about it, you manage to deposit from an account Anna Rose (36:28): Yeah. Hadrien Charlanes (36:28): And withdraw from another. Anna Rose (36:29): Interesting. Hadrien Charlanes (36:30): So I think this is what DeFi I did. Like, that's actually in the very first days of Sismo that's what I wanted to do is that DeFi, thanks to the standard ERC-20 and this open source and talking the same language, did really weird stuff. You know, I was building a DeFi project early. I couldn't imagine that you would go this far, like this weird stuff like the Yam stuff, like the liquidity mining, all these things. It was weird because, just because, yeah, it's a freedom for, for innovators and you can do very cool stuff that are new. Anna Rose (37:01): That's so true though. The idea that like these DeFi kind of things were built, a lot of the early ones were experimental, but they were very thought out. And then you'd start to see these people like iterating quickly. And some, a lot of those experiments, most of those experiments failed in fire. Like it just burned everyone to the ground. And like Yam is an example, but like you did have these just sort of, I remember that acceleration of ideas. Like you'd seen a little bit of success and people were like, oh, it's actually easy to do. No one knew the full outcome. You kind of had to play it out. You had to see like, what are these, and, and you needed people sharply looking who maybe even want to maliciously attack it to even be able to figure out like what is the actual outcome of putting this thing out into the world. I want to understand a little bit like the future for the product. There's sort of two ways I want to understand this. One is just like the roadmap you have. So like what's coming for sure and then also just like philosophically if there's something else, but on the roadmap, I also kind of wanted to understand like, who is the team, how many are you now? And yeah. Tell me a little bit about what your plans are. Hadrien Charlanes (38:09): Yeah, so I think that 2022 was about the ZK badges, about educating people, building all the infrastructure, like the group creation, like the Merkle Tree building the team also. So we have a great team. I think that we are 13 today, so the team is in a real good state. So 2022 was about like getting from 0 to 1. Making a lot of partners. I think that we have good relations with people and this year will be about two main things to act on these trends. We have many friends, but we didn't yet build many partnerships because we were still building the infrastructure. And the product that we will sell toward these partners is the prove with Sismo flow. So that's the core thing behind what we want to do is that we want applications to be able to let users import their reputation or their history Anna Rose (38:58): Directly. Hadrien Charlanes (38:59): Directly. So I'm an app developer. My goal is to create a airdrop for a specific set of users. The way it'll work with Sismo is first you choose your group, the people that your whit list, the the people that are allowed to get access to your airdrop. So using the factory, but you don't need to even to create a ZK badge, you just say, okay, I want to create airdrop for my Lens followers. So I choose on the factory, okay, all the people that follow Sismo on Lens. That creates a group and then you will have several integrations that you can do from this group. I want to create a new contract that is gated to this group. So we have a solidity library that allows you to gate specific functions to eligible users. How it works, okay so I'm the ZK drop app. (39:47): I integrated the Solidity library to accept zero knowledge proof from Sismo or to accept the ZK badge. We'll see that later. Okay. So I'm the airdrop app, people to prove that they're eligible usually what we will do today is to connect your wallet. You'll do a sign in with Ethereum to prove that you are the owner. You'll sign a transaction in your wallet to prove that you are owner of the account. Okay, I'm the owner of ETH, I'm part of this group. You can access my wallet, that's how it works today. Today they are central server that checks your credentials. You prove them that your owner of an address, they check in your wallet whether they have what they want to have. And then they will sign a message because they're owner of the NFT contract. So they will say, okay, I mean to token for this person because it proved me, but it's proved me the centralised way with Sismo (40:36): How it would work is that as an app, I don't ask users to sign in with Ethereum to give their wallet address. I just integrate a prover Sismo button. And so when users click on this, they're redirected to Sismo. In Sismo, they already have their accounts in their vault. In Sismo you have the vault, you'll import your accounts in the Sismo vault and that you are able from these accounts to create ZKProof out of it. So you redirect to Sismo. In Sismo, you maybe have already imported your 10 accounts, your 5 accounts, your validity address your credit wallet and yeah. Your 5 accounts. Then so in Sismo, you join the ZKProof, then you redirect it back to the app that has the ZKProof. And so then this ZKProof will be sent on-chain and verified on-chain by the NFT contract. They say, okay, this proof is valid. I give you an NFT. Anna Rose (41:26): But somewhere in there you're still printing a badge. It's not direct-direct that they're just like, they're verifying and then they do whatever they want to do. You're always getting the badge that like is also going to be connected to something they want give you Hadrien Charlanes (41:39): For now. Yes. So actually the app bot is available at sismo.io it worked. We allowed all people that contributed to the launch, like all the Ethereum, the clients teams and they created this merger pass NFT that was air dropped in a privacy preserving way to all these people. And the process was, okay, are you eligible? Prove in Sismo, you prove you're eligible. And then you use the ZKProof on-chain to do, first you verify the ZKProof, you get the ZK badge. But it's like a Anna Rose (42:10): It sort of doesn't matter. It's like an Hadrien Charlanes (42:11): Doesn't matter that much. Anna Rose (42:12): Okay. Hadrien Charlanes (42:12): And they get the NFT and our goal will be to be more and more into the serving these applications. Like I think it's very important the ZK badge, but there are some cases that we, yeah, it might not be needed everywhere and we could do exactly the same process, but with enough chain service, like the ZK shop bot that just want to get your physical address and instead of giving you, having you giving the address, prove with Sismo, you get your ZKProof, you redirect to ZK shop. Verify, okay, the ZKProof is valid. So now give me your address, your physical address so that I can ship you the hat and I don't know your wallet and I'm happy about it. Like we had several people that came with us for this solution Anna Rose (42:53): Kind of going on that. And right now a lot of people are talking about like real world assets. Have you thought about Sismo attestations attached to that? Hadrien Charlanes (43:02): Yeah. Actually that's another part of the protocol that is modular like today to create the proof it's part of the group, but actually we can feature several proving schemes. ZK and non-ZK by the way. Anna Rose (43:15): Yeah. Hadrien Charlanes (43:15): For instance, there's a team of students that is building Semaphore for ZK attester. So you'll be able to generate from the Semaphore group ZK badges but maybe tomorrow we can create a new form of proving scheme. And the proving scheme is, it's not a ZKProof, it's just a proof, hey, I have the signature from the French government that I'm ordered at 18. Give me the badge that I'm ordered at 18. It's not privacy-preserving. Anna Rose (43:40): Well the where the badge is, it is I guess. But like yeah. That first part is not Hadrien Charlanes (43:44): So these are like, these are also what we're trying to do. Many different proving schemes. And that's the thing about ZK community that we hope to, to be users of the research, like Semaphore for instance. We want to leverage that. We think we have a good play, we have a good spot to help ZK for privacy, get adoption or get user feedback or see how it can actually be used by real users. So that's why we're trying to be really close to all the ZK researchers and really part of this community. We don't just take, we're trying to be part of the community. Anna Rose (44:17): Do you also think, like don't, you already allow GitHub or Twitter accounts to be used directly into it? So like you don't always have to use on-chain data to prove something. Hadrien Charlanes (44:28): So this is like, this is will be the technical part that the Sismo scheme, the way it works is that it's hard to verify ECGSA in SNARK today. It's costly. It takes time. And even if, if some teams have been able to reduce this time, you have the issue that it's hard, you cannot compute a unifier because ECGSA is malleable. You cannot have any verifier of it. So the way Sismo works is that it will create an onchain commitment, meaning I have the address hadrien.eth I will go to the commitment of an off chain service managed by Sismo where you will be able to associate to hadrien.eth, I associate this commitment. So the hash of a secret and so for Twitter, since we have the commitment, what we do is that in your Sismo vault, so you have the Sismo vault, it's like a password manager where you store all the signatures. Because when you, I import a Web3 account into Sismo, you sign in messages that creates a commitment. Like basically we derive deterministic secret from your signature a bit like Aztec. Anyway, so in your vault you store your signatures and the vault has a key basically a mnemonic and we will associate your Twitter accounts with a secret from this key. Anna Rose (45:52): Okay. How do you do it though? Do you have to get on Twitter? Do you have to do something like how couldn't someone just submit the wrong thing? Couldn't they just be like, yeah, this is me, but it's like not them. Hadrien Charlanes (46:02): Yeah. So that's the part. So the commitment map verifies that you are well owner of the accounts. So in case of Twitter, there's a signing with Twitter. Anna Rose (46:10): Okay. Hadrien Charlanes (46:10): So the commitment purpose is, okay, Anna went through it. So as Sismo, the thing that we can learn is that you are user of Sismo, but we cannot learn anymore because what is stored in the server is the commitment. So the hash of the secret and then you will be able to prove from the knowledge of the secret, we will be able to prove that you are well the Twitter owner of Anna and you'll be able to do proof. So yeah, that's a way for us to, you are able to basically, we return your Twitter account into a secret and we turn also the Ethereum account into secret and then in the ZKProof you proved that you not the secret. Anna Rose (46:47): Have you had the creation of Sismo badges where you needed to have like multiple inputs? Or is it always kind of one-to-one? Like so far almost all the examples that we've talked about have been like, are you part of this group? Yes. No. And if yes, here's your badge somewhere else. But what if it was like, actually you need to be part of this group and this group and this group and like all of those things have to be correct in order for you to pass through. Does that exist or is that Hadrien Charlanes (47:16): Yes. Anna Rose (47:16): Something you're thinking of doing? Hadrien Charlanes (47:17): That's the core value that we bring to the table. You know, before I told you like all people that have great data, like POAPs, like I don't know, people that have great data, they should tokenize in our system and that's the reason why, because one of the core goal of Sismo is to let users aggregate data from multiple accounts and to reuse their reputation for multiple groups and stuff. And we focus only on that, like how data provider can create this groups or create this ability for apps to get the service depending on their data and to use proof stuff on this data. So we have three kind of people, the users that have the data, the data creators that generate this proof, this credit score, this reputation score, these things. Anna Rose (48:00): Yeah. Hadrien Charlanes (48:00): And then you have the apps that consume discourse. So yeah, that's definitely why, that's why we don't go after the civil resistance. That is very important. That's why we don't go about the tokenizing option for on-chain. We focus on making it super modular and interoperable and yeah, that's our focus. That's why we think we build infrastructure and that's our goal Anna Rose (48:19): Ah okay, so you're basically saying someone could do that with what you've built. Yeah, exactly. But right now that's not what you're not like your system that's like people are using to build badges. That's not possible there at this time. Hadrien Charlanes (48:31): For now you can already say it's a small part of it, but you can say, okay, I want to create a badge for people that are eligible to the proof of humanity ZK badge or have the proof of ZK badge that we talked about. Anna Rose (48:45): Yeah. Yeah. But can you do and that was the question. Because I'm wondering like what if you need people to have three different things that they've done in order to go through and if they only have two, they don't get to, can you do that already with your system? Hadrien Charlanes (48:57): Currently? No, but that's being worked on. Like that's needed. if we want to go where we want Anna Rose (49:03): Because I do, I really do think that that combination is gonna be fascinating. Like who gets through that then you can almost like, you can start to refine. If you want to give badges to a very specific group, a subset of your community, you can start to like narrow it down. Like, you know how there's like roles in some, you know, on Discord or whatever where it's like if you've done certain actions, you get a certain level of roles. But if you've done more, you can kind of get higher, you can almost start to do that more on-chain where it's like you can make certain badges only eligible for those who've been like super active in a way that you want on your system. Hadrien Charlanes (49:36): Yeah. So actually let me tell you, I'm sorry, but let me tell you about the current governance of Sismo. I told you that we canceled the community and so we have this badge that is called the Sismo contributor ZK badge. And there are so several lovers to this badge. So small technical notes. The badges are ESC 1155. They're fungible, they are not NFTs, they are fungible tokens. Anna Rose (49:57): Okay. Hadrien Charlanes (49:57): Meaning that and we say that the balance small badge is your level point. So meaning like if I have one Sismo contributor ZK badge, it means that I'm a small contributor level 1. Okay. But like when I told you prove that you're part of the group, it's a bit more complex. It's I approve that I'm part of this group with a specific value. So for instance, the groups are okay, Anna as a level 5, Hadrian as a level 4 (50:25): And so you will be able to meet maximum level 5, but you could prove that to our level 2 if you don't want to read the entireity. So that's the group of the Sismo contributors have several levels, 1 to 3, we have 3 levels. People that helped us the more like help us with like a great PR on GitHub they have the level 3, the core team has the level 3, people that are have used Sismo are level 1 and in between you have people who level 2 and suddenly because to flag these people, we give them POAPs and then, and Anna Rose (50:56): You actually give them POAPs? Hadrien Charlanes (50:57): Yeah. We give them POAPs so that's why. So we give them POAPs and then they are part of this group and then they have these the ZK badge and then they can access different channels depending on their levels and in the Sismo governance, in the Snapshot level 1 have 1 vote, level 2 have 50 votes, level 3 have 500 votes and that allows us to have like reputation based voting system instead of a token based system Anna Rose (51:24): But still anonymous, right? Like it, the actual points and badge can live on a different address than the Hadrien Charlanes (51:30): Exactly. Anna Rose (51:31): Whatever, where the POAP over the, like the exact level is. Interesting. Hadrien Charlanes (51:35): So yeah, I think these are all small experiments about things that will be interesting. we hope to have like for instance, the governance that takes in account your financial capital, but also your contribution capital within the ecosystem and imagine that a product has token virute multiplied that can be increased by your contribution level. I think that's a good thing. So we hope to see this would be the kind of weirdness I'm expecting. Anna Rose (52:02): Interesting. Hadrien Charlanes (52:03): In the next year. Anna Rose (52:04): What I think maybe doesn't come across right away, but the more I dig into what you're doing, the more I realize like there is so much potential for like, experimentation by other organizations who have their own needs with a system like this. That taps into the privacy part of ZK, but in a far more interesting way than I thought. Like a lot of the cases so far have been like sort of singular in what they can accomplish. And this is seems very wide ranging because like you could see it being used for Discord groups, like little, you could see it being used for small communities for events and stuff like that. But I mean, here you get into certification, you get into governance levels. I wonder if there's like ways to do even like delegations somewhere in here. So yeah, there's something really cool going on. Hadrien Charlanes (52:55): That's why I'm not satisfied with the current weirdness. I think that we open with a wide spectrum of innovation. Anna Rose (53:02): Yeah. Hadrien Charlanes (53:02): And we can see more, we hope to incentivize people to do more, Anna Rose (53:07): But I think people still need to understand it and like you said, you're still an alpha, so maybe there's even, maybe it's good that, that there's still like a pretty small community. Although actually, would you call your community small or do you think, is it like it's pretty big? Hadrien Charlanes (53:20): Yes. It's bigger than expected. Let's say that. I think it's, we have a great community. The thing I'm most surprised with is that like the badges are, you need to pay for it. As a badge creators, and we have several badges per day. We didn't even try to market that at all. So we have people that are ready to pay to get their ZK badges that pay for using the factory and the like, very organic people from the community start to take ownership and yeah, we have a lot of opportunities like so it's small, but try to, I think it's great Anna Rose (53:55): Growing fast. Right. Right on. All right. Hadrien, thank you so much for sharing all of this about Sismo and talking with us about some of the kind of initial observations that led to the creation of this and now what's possible with it or will be possible with it as it grows. Hadrien Charlanes (54:13): Yeah. Thank you very much. It was really great. Anna Rose (54:15): Cool. So I want to say big thank you to the podcast team, Henrik, Rachel, Adam, and Tanya. And to our listeners, thanks for listening.