Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Docs/release post v1.2 #1211

Merged
merged 9 commits into from
Feb 27, 2024
16 changes: 8 additions & 8 deletions website/blog/2023-01-18-maci-v1.1.1.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
---
slug: maci-v1-1-1-release
title: Maci v1.1.1 Release
title: MACI v1.1.1 Release
authors:
name: ctrlc03 & chao
title: MACI team
Expand All @@ -23,13 +23,13 @@ MACI revolves around the need for a trusted coordinator. The coordinator is in c

| Property | Description |
| -------------------- | ----------------------------------------------------------------------------------------------------------------------- |
| Collusion Resistance | no-one except a trusted coordinator should be certain of the validity of a vote, reducing the effectiveness of bribery. |
| Receipt-freeness | no-one can prove (besides to the coordinator) which way they voted. |
| Privacy | no-one except a trusted coordinator should be able to decrypt a vote. |
| Uncensorability | no-one — not even the trusted coordinator, should be able to censor a vote. |
| Unforgeability | only the owner of a user's private key may cast a vote tied to its corresponding public key. |
| Non-repudiation | no-one may modify or delete a vote after it is cast, although a user may cast another vote to nullify it. |
| Correct execution | no-one, not even the trusted coordinator, should be able to produce a false tally of votes. |
| Collusion Resistance | No one except a trusted coordinator should be certain of the validity of a vote, reducing the effectiveness of bribery. |
| Receipt-freeness | No one can prove (besides to the coordinator) which way they voted. |
| Privacy | No one except a trusted coordinator should be able to decrypt a vote. |
| Uncensorability | No one — not even the trusted coordinator, should be able to censor a vote. |
| Unforgeability | Only the owner of a user's private key may cast a vote tied to its corresponding public key. |
| Non-repudiation | No one may modify or delete a vote after it is cast, although a user may cast another vote to nullify it. |
| Correct execution | No one, not even the trusted coordinator, should be able to produce a false tally of votes. |

Since its inception, MACI has been adopted by different projects, most notably [clr.fund](https://github.com/clrfund) and [QFI](https://github.com/quadratic-funding/qfi/tree/feat/code-freeze). These projects prove how effective MACI can be, especially when integrated with applications that are otherwise prone to collusion, such as funding Public Goods.

Expand Down
119 changes: 119 additions & 0 deletions website/blog/2024-02-28-maci-v1.2.0.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,119 @@
---
slug: maci-v1-2-0-release
title: MACI v1.2.0 Release
authors:
name: ctrlc03
title: MACI team
url: https://pse.dev
image_url: /img/pse-logo-round.png
tags: [release, audit, security, documentation]
---

# MACI v1.2 Release

We are pleased to announce the release of MACI [v1.2.0](https://github.com/privacy-scaling-explorations/maci/releases/tag/v1.2.0)!

This is our first release since [MACI v1.1.1](/blog/maci-v1-1-1-release) just over one year ago. This new release focuses on improved developer experience, security, performance and clearer documentation for users looking to learn and use MACI.

## Background
samajammin marked this conversation as resolved.
Show resolved Hide resolved

MACI - Minimal Anti-Collusion Infrastructure - is an Ethereum application that provides privacy and collusion resistance for on-chain voting. If you're new to MACI, we first recommend reading our [documentation](/docs/introduction) for background information and and technical details.

## Refactoring Work

We prioritized enhancing MACI's developer experience by refactoring its code, fixing bugs, and improving documentation.

Key refactoring activities were:

1. Upgrading libraries to their latest versions and substituting obsolete dependencies with up-to-date and actively maintained alternatives.
2. Making the code standardized, modular, well-documented, and uniformly formatted.
3. Fixing bugs and community-reported issues.

### Library Updates

MACI has relied on custom code and dependencies since its initial implementation, notably from repositories by one of the original MACI developers, [Koh Wei Jie](https://github.com/weijiekoh). We felt that MACI could benefit from a dependency refresh, so we've shifted towards using actively maintained open-source libraries, such as [circomkit](https://github.com/erhant/circomkit) and [zk-kit](https://github.com/privacy-scaling-explorations/zk-kit).

Circomkit has become our go-to for circuit-related tasks, such as compiling circuits, generating test zkeys, and unit tests.

We've moved reusable circuit logic, like our [Poseidon permutation](https://github.com/privacy-scaling-explorations/zk-kit/tree/main/packages/poseidon-cipher) encryption and decryption code, into zk-kit. This not only benefits MACI through more circuit usage and testing but also supports wider community adoption.

These efforts are part of a broader initiative at [Privacy and Scaling Explorations (PSE)](https://pse.dev/) to foster open-source development and contribute to public goods. By aligning MACI with these values, we aim to enhance its utility and encourage collaborative growth. In the coming months, we're committed to extracting more of our circuit logic for broader use ([track progress here](https://github.com/privacy-scaling-explorations/zk-kit/issues/131)) and contributing to projects that align with [our mission](/roadmap#maci-mission--vision).

### Code Refactor

We've undergone extensive efforts to clean up MACI's code:

- Removed dead and redundant code.
- Split monolithic files into smaller, logically structured ones.
- Improved documentation with detailed code comments and tools like ([TypeDoc](https://typedoc.org/) and [solidity-docgen](https://github.com/OpenZeppelin/solidity-docgen)) for automatic doc generation.
- Enforced strong type safety on the TypeScript components.
- Optimized and modularized the smart contract code.
- Extended the test suites.

These improvements aim to simplify the onboarding process for new developers, ensuring they can easily navigate and effectively utilize MACI.

## New Features

### Flexible Voting Strategies

After years of built-in quadratic voting (QV) in MACI, we now support non-quadratic voting polls. This opens up the door to potential integrations with a wider variety of projects, such as DAO governance applications.

The new version of the Tally circuit (specific for non-QV), has reduced constraints, enabling a quicker proof generation process for vote tallying.

We invite projects interested in leveraging this secure, on-chain voting mechanism to reach out for potential integrations. We hope to continue to expand support for additional voting methodologies, so please let us know your project's needs!

### New Gatekeeper

In our effort to fortify MACI against Sybil attacks, we've integrated an innovative gatekeeper mechanism: [EAS](https://attest.sh/) - you can [view the contract here](https://github.com/privacy-scaling-explorations/maci/blob/v1.2.0/contracts/contracts/gatekeepers/EASGatekeeper.sol).

As part of configuring a MACI deployment, the coordinator sets a user signup gatekeeper contract. This contract dictates the criteria a user must pass in order to participate in a poll. For example, user might need to prove ownership of a certain NFT, or prove that they have passed some sort of proof-of-personhood verification.

With the addition of this new gatekeeper, EAS (and soon™ [Hats Protocol](https://www.hatsprotocol.xyz/), MACI instances could be configured to e.g. only allow Ethereum accounts with a trusted EAS attestation or those designated with a specific role by the Hats Protocol. These modules open up new avenues for access control strategies.

We expect to continue to expand our [gatekeeper capabilities](https://github.com/privacy-scaling-explorations/maci/tree/dev/contracts/contracts/gatekeepers) and welcome the community to come up with new and innovative ways to grant access to MACI's rounds, helping make MACI more customizable and sybil-resilient. The Hats Protocol gatekeeper is [currently in progress](https://github.com/privacy-scaling-explorations/maci/pull/1191) and will be released soon™ (in v1.2.1).

### Documentation Website

We're excited to announce that all MACI documentation has been unified on our new website, [maci.pse.dev](/)!

This platform will serve as the definitive resource for all information related to MACI, including [blog](/blog) releases, [documentation](/docs/introduction) updates, and [roadmap](/roadmap) progress. Please report any inconsistencies you may find. As always, we welcome suggestions on how to make it better.

## Security Audit

Thanks to thorough reviews by PSE's internal Audit team, clr.fund's developer, [yuetloo](https://github.com/yuetloo), and our core development team, we've identified and addressed several bugs during our recent refactoring efforts. Most notably, a critical bug in MACI v1.x discovered by [Kyle](https://github.com/kcharbo3), which could have allowed coordinators to censor votes, has been [fixed](https://github.com/privacy-scaling-explorations/maci/pull/1170).

For more details on our recent audit, please [refer to our audit docs](/docs/audit#pse-audit-2024) or [view the full report](/audit_reports/20240223_PSE_Audit_audit_report.pdf).

After this audit and the resulting fixes, we feel more confident with MACI and its security.

## Trusted Setup Ceremony

Following the successful completion of our [MACI trusted setup ceremony](https://ceremony.pse.dev/projects/Maci%20v1%20Trusted%20Setup%20Ceremony) for [MACI v1.1.1](/blog/maci-v1-1-1-release), we are preparing for a new ceremony to cover the security enhancements added in our v1.2.0 circuits.

To accomplish this, we'll leverage the tooling of [P0tion](https://github.com/privacy-scaling-explorations/p0tion), which helps to streamline and automate Groth16 phase2 ceremonies.

We'll update this page after the ceremony completes to include the production-ready zkey artifacts. In the meantime, the artifacts for v.1.1.1 can be found on our [website](/docs/trusted-setup), and the [`tallyVotes`](https://github.com/privacy-scaling-explorations/maci/blob/dev/circuits/circom/tallyVotes.circom) artifacts can still be used in production.

## Get Involved

MACI is deeply committed to our community, through our open initiatives like [public roadmaps](https://github.com/privacy-scaling-explorations/maci/discussions/859), transparent [repository management](https://github.com/privacy-scaling-explorations/maci/discussions/847), and a [public Discord channel](https://discord.com/invite/sF5CT5rzrR) for interaction with our team.

With every issue, PR, feature and roadmap iteration, we welcome feedback to ensure that the continued development of MACI reflects your and the community's needs. Keep an eye out on our [documentation](/), [GitHub discussions](https://github.com/privacy-scaling-explorations/maci/discussions) and our official [Twitter/X account](https://twitter.com/zkMACI) for updates.

For those looking to contribute directly, report bugs, or offer feedback, our [GitHub repository](https://github.com/privacy-scaling-explorations/maci) is open for issues and discussions. We're eager to assist with your projects or contributions.

For practical implementation insights, review our docs as well as the [clr.fund](https://github.com/clrfund/monorepo/) and [QF](https://github.com/privacy-scaling-explorations/qf) repositories as reference implementations. Both are quadratic funding implementations, a mechanism which otherwise is highly susceptible to collusion and bribery. Most notably, clr.fund is already working on integrating MACI v1.2.0, after having used v0.x until now. You can follow their development effort under this [GitHub branch](https://github.com/clrfund/monorepo/tree/feat/maci-v1).

For any other questions or feedback, please reach out to us via [PSE's Discord](https://discord.com/invite/sF5CT5rzrR), in our [`#🗳️-maci` channel](https://https//discord.com/channels/943612659163602974/1164613809730748507). We're excited to connect and collaborate with you!

## References

- [MACI GitHub repository](https://github.com/privacy-scaling-explorations/maci)
- [MACI documentation](/docs/introduction)
- [A technical introduction to MACI 1.0 - Kyle Charbonnet](/blog/maci-1-0-technical-introduction)
- [Minimal anti-collusion infrastructure - Vitalik](https://ethresear.ch/t/minimal-anti-collusion-infrastructure/5413)
- [PSE Discord server](https://discord.com/invite/sF5CT5rzrR)

## Release

Here's the link to the new release code in GitHub: [v1.2.0 Release](https://github.com/privacy-scaling-explorations/maci/releases/tag/v1.2.0).
Loading
Loading