A Broader Need for Privacy in Web3
Privacy is an often-overlooked need in Web3. While blockchain technology excels at transparency, not all applications thrive on total openness. Imagine a whistleblowing platform where participants fear exposing their identities or a DAO election where voter anonymity is crucial to the outcome.
If you have attended the most recent Devcon in Bangkok, you most likely have used Zupass without even realizing it. Zupass is a Semaphore-based application that allows participants to prove their membership in specific groups or events—like Devcon—without revealing their full identity.
Developed by Privacy & Scaling Explorations (PSE), Semaphore uses zero-knowledge proofs to enable privacy-preserving functionality. The protocol ensures that users can anonymously prove membership in a group and participate in activities without disclosing their identity.
Here are a couple more cool use cases of Semaphore:
-
StealthComms: A private messaging application using zero knowledge to allows users to prove their membership of a group and send messages without revealing their original identity
-
Cicada: A private on-chain voting protocol that uses homomorphic time-lock puzzles to ensure secure, anonymous voting.
Pontential Application in DeSci
As someone passionate about the Decentralized Science movement, I often think about the challenges of collecting and sharing sensitive data while preserving contributors' privacy. Whether it’s anonymous peer reviews for research papers or gathering public health data for scientific studies, maintaining user anonymity is crucial.
Semaphore offers an elegant solution. I’m particularly excited about using it to build a decentralized peer review system, where reviewers can provide feedback anonymously yet credibly. Another potential application is collecting health data while safeguarding user identities. To explore these possibilities, I started experimenting with Semaphore, and in this blog post I share my experience in setting up a Semaphore project with all the core functionality.
Key Concepts
Before diving into development, let's understand some key concepts in Semaphore. At the core of the Semaphore protocol is the circuit logic. On top of that, Semaphore provides Solidity contracts and JavaScript libraries that allow developers to generate zero-knowledge proofs and verify them easily.
-
Identity: A user's Semaphore identity (consisting of public/private key pair and commitment)
-
Group: A Merkle tree containing identity commitments of members. A group is a binary incremental Merkle tree in which each leaf contains an identity commitment for a user. The identity commitment proves that the user is a group member without revealing the StealthComms identity of the user.
-
Proof: Zero-knowledge proof that allows anonymous signaling (e.g. voting, sending messages, etc.)
Step-by-step Guide
Setting Up the Development Environment
There are several ways to set up your initial project, for details see here For this tutorial, we will be setting up a new Semaphore project with all the core functionality using their CLI tools and deploying on Arbitrum Sepolia.
First, ensure your NPM version is 5.2 or higher. Then:
-
Create a new project using Semaphore CLI
npx @semaphore-protocol/cli create my-app --template monorepo-ethers -
Navigate to project directory and install dependencies:
cd my-app yarn install
Deploy Contracts
-
Navigate to your
.envfile in the project root folder and add/update the following environment variables:INFURA_API_KEY=your_infura_key DEFAULT_NETWORK=arbitrum-sepolia ETHEREUM_PRIVATE_KEY=your_private_key REPORT_GAS=false # optional: COINMARKETCAP_API_KEY= ETHERSCAN_API_KEY=Note that you need to add the
INFURA_API_KEYto connect to the Ethereum network. ChangeDEFAULT_NETWORKto the network you want to deploy to (in this case we use Arbitrum Sepolia) and update theETHEREUM_PRIVATE_KEYwith your wallet private key. You need to have some Arbitrium Sepolia ETH in the wallet to deploy the contracts; you can get some here. -
You will later need to know the group ID of your contract to set the group ID for the website. The easiest way to get the group ID is to update the following code to app in
apps/contracts/tasks/deploy.tsto log the group ID when you deploy the contract:if (logs) { console.info(`Feedback contract has been deployed to: ${await feedbackContract.getAddress()}`) console.info(`Group ID: ${await feedbackContract.groupId()}`) } -
Go to the
apps/contractsdirectory and deploy your contract:cd apps/contracts yarn deploy --semaphore 0x06d1530c829366A7fff0069e77c5af6A6FA7db2E --network arbitrum-sepoliaNote that we set the Semaphore address to the one for the Arbitrum Sepolia network, see the list of contract addresses
Output:
Feedback contract has been deployed to: 0xf6f14002e6ffBD2904B8291270F4514e5f9c15DE Group ID: 1
Launch the Web App
-
Update your
apps/web-app/.env.developmentfile with your new contract address and the group id. Add additional environment variables for the Infura API key, Gelato API key, and the Arbitrum Sepolia chain ID.NEXT_PUBLIC_DEFAULT_NETWORK=arbitrum-sepolia NEXT_PUBLIC_INFURA_API_KEY=your_infura_key NEXT_PUBLIC_FEEDBACK_CONTRACT_ADDRESS=your contract address just deployded (found in the logs of the deploy script) NEXT_PUBLIC_GROUP_ID=your group ID (found in the logs of the deploy script) NEXT_PUBLIC_SEMAPHORE_CONTRACT_ADDRESS=0x06d1530c829366A7fff0069e77c5af6A6FA7db2E NEXT_PUBLIC_GELATO_RELAYER_ENDPOINT=https://api.gelato.digital/relays/v2/sponsored-call # Chain ID for Arbitrum Sepolia NEXT_PUBLIC_GELATO_RELAYER_CHAIN_ID=421614 GELATO_RELAYER_API_KEY=your_gelato_API_keyTo get Gelato get API key you need to signup on Gelato, go to Relay, connect your wallet, then click 'Testnet', select Arb. Sepolia network, select 'any contract' to create the app. You can get the API key from clicking on the app you just created and then clicking on 'API Key' in the right corner.
-
Run the web app:
cd ../web-app/ yarn devYou will see the web app running on
http://localhost:3000. screenshots:
Using the Web App
Click 'Next', then 'Send Feedback' to send a feedback message.
You can check the transactions for joining the group and sending feedback on the Arbitrum Sepolia Explorer.
For improved user experience, new users do not need to pay gas for joining a group or sending a feedback message, as the Semaphore demo app uses Gelato Relay to relay user's transactions on-chain, enabling secure gasless transactions for smooth UX.
What's Next?
Next, you can explore using The Graph to query the data from the Semaphore.sol smart contract. The Graph is a protocol for indexing networks like Ethereum and IPFS. Site owners publish subgraphs that expose site data for anyone to query. Semaphore's subgraph allows you to retrieve data from the Semaphore.sol smart contract.
Overall, Semaphore opens up endless possibilities for privacy-preserving applications. From this basic implementation above, you can develope it further for:
-
Building anonymous voting systems
-
Creating whistleblowing platforms
-
Developing private messaging applications
-
Designing anonymous credential systems
Resources to Start Your Own Exploration
If you’re as intrigued by Semaphore as I am, here are some resources to help you get started:
Building a Privacy-Preserving Future Together
The future of Web3 depends on balancing transparency with privacy, and Semaphore is a powerful tool for achieving this balance. As I continue experimenting with it in the context of DeSci, I’d love to hear from others who are using Semaphore to solve real-world problems.
Have you built something interesting with Semaphore? Let’s connect! Please send me a DM, or feel free to share your experience in the Semaphore Discussion Forum or join the conversation in the Telegram group.
