Privacy layer for Safe Wallet owners, built using Semaphore and Zodiac.
This project is currently in its early development stages and is not production-ready. It is provided "as-is" with limited functionality and definitely contain bugs or incomplete features. Users must exercise caution when using it, as critical features or optimizations required for production environments are missing.
We encourage testing and experimentation in non-production local environments and welcome feedback to improve the project. However, please refrain from deploying it to live networks until it has reached a stable release version.
Use at your own risk.
We wanted to thank the following entities / persons for their precious help. This project would not exist without their contributions and solutions:
- Safe. This project relies on the Safe Wallet, so it is obvious that they deserve a praise.
- Zodiac. Extra-logic on Safe Wallets can only be achieved via Zodiac Modules.
- Colin Nielsen. We used safe-tools to test Obscurus, and its design is partially inspired by dark-safe. Go ahead and take a look at Colin's projects, they're amazing.
- PSE. Obscurus would have been much more difficult to develop if it was not without Semaphore, the framework built by the PSE team.
As a reminder, a multi-signature wallet such as Safe Wallet is a smart contract that requires multiple approvals (or "signatures") to complete a transaction. For example, when creating a 2/3 Safe, 3 different owners will control the multisig and all the transactions it will execute first need to be approved by at least 2 out of the 3 owners (with 2 being referred to as the "threshold").
Although this provides an amazing security solution to manage assets and perform operations, the mechanism that verifies the approvals leaks the identity of the owners who emitted those: everyone is able to know which ones of the owners approved an operation and by deduction which ones have not.
This is where Obscurus comes into play. It provides a privacy layer on top of Safe in the form of a Zodiac Module - additional logic that can be attached to Safe Wallets and able to bypass the default signatures verification mechanism.
It guarantees the following:
- A set of owners (or "identities") control the Obscurus Module.
- Identities can submit anonymous approvals for operation to be executed by the Safe this Module is attached to.
- A number of anonymous approvals (the "threshold") still needs to be reached prior to execute the operation.
- It is impossible to identify which identity submitted which approval (the "anonymous" property).
- The identities submitting the anonymous approvals are part of the group controlling the Module (as opposed to external - "unauthorized" - identities).
-
A set of owners control a Safe Wallet.
Loadingflowchart TD Alice ---|Control| SW[Safe Wallet] Bob ---|Control| SW[Safe Wallet] Charlie ---|Control| SW[Safe Wallet]
-
Each Safe Wallet owner generates its own Semaphore identity.
Loadingflowchart TD Alice ---|Generates| IA[Identity A] Bob ---|Generates| IB[Identity B] Charlie ---|Generates| IC[Identity C]
-
The Obscurus Module is deployed using the identities.
Loadingflowchart TB Deployer ---|Deploys| OM[Obscurus Module] subgraph Obscurus IA[Identity A] --> OM[Obscurus Module] IB[Identity B] --> OM[Obscurus Module] IC[Identity C] --> OM[Obscurus Module] Threshold --> OM[Obscurus Module] end
-
The Safe Wallet owners attach the Obscurus Module.
Loadingflowchart TB Alice ---|Approve module attachment| SW[Safe Wallet] Bob ---|Approve module attachment| SW[Safe Wallet] Charlie ---|Approve module attachment| SW[Safe Wallet] SW[Safe Wallet] ---|Attach Module| OM[Obscurus Module]
-
The Obscurus identities generate anonymous approvals.
Loadingflowchart TB IA[Identity A] ---|Generates| AAA[Anonymous Approval] IB[Identity B] ---|Generates| AAB[Anonymous Approval] IC[Identity C] ---|Generates| AAC[Anonymous Approval]
-
The anonymous approvals are collected by a Relay. At this point, it is impossible to know which of the identities generated which approval.
Loadingflowchart TB Relay ---|Collects| AAA[Anonymous Approval] Relay ---|Collects| AAB[Anonymous Approval] Relay ---|Collects| AAC[Anonymous Approval]
-
The Relay submits the anonymous approvals to the Obscurus Module, which verifies them onchain and executes the operation via the Safe Wallet.
Loadingflowchart LR Relay ---|Submits anonymous approvals| OM[Obscurus Module] subgraph Verification direction TB OM[Obscurus Module] ---|Verifies approvals| SV[Semaphore Verifier] subgraph Execution direction LR SV[Semaphore Verifier] ---|Approvals are valid| SW[Safe Wallet] end SV[Semaphore Verifier] ---|Approvals are invalid| Revert end
Note: This diagram is not complete, please refer to the code or overview for more up-to-date information about how Obscurus works.
classDiagram
Identity --> Relay : Sends approvals and associated proofs
Relay --> Obscurus : Triggers verification and execution
Obscurus --|> Zodiac Module : Implements
Obscurus --> Safe Wallet : Is attached to
Obscurus --> Semaphore : Uses
Safe Wallet --> EOA: Interacts with
Safe Wallet --> Contract: Interacts with
class Safe Wallet{
+[]Address owners
+Int threshold
+enableModule()
+executeFromModule()
}
class Obscurus{
+[]Int identities
+Int threshold
+setUp()
+obscureExec()
+obscureExecAndReturnData()
}
class Semaphore{
+validateProofs()
}
class Zodiac Module{
+setUp()*
+exec()
+execAndReturnData()
}
class Relay{
}
class Identity{
+Bytes approval
+Byte approvalProof
}
class EOA{
}
class Contract{
}
You can check out the dedicated file to start using Obscurus, from deploying to a local environment to interacting with the contracts.
We welcome all contributions! Please take a look at the dedicated file if you want to learn more.
This project is currently being maintained by the folks at Quartz Technology.