Future research / zkp with enigma blockchain

Would contracts be able to use ZKPs as well?
I.e., would the use of a crate like this https://crates.io/crates/zkp-stark be supported by our implementation of cosmwasm? more discussion here https://community.zkproof.org/t/zksnarks-in-webassembly-running-demo-and-discussion/30

This may enable us to store withdrawal receipts encrypted in a secret contract.

If yes, would we be able to also enable a zkp-based mixer that enables you to send funds directly to another user? (note-- this is not a recommendation for Salad, just thinking through a mixer as an example)

Currently, only “self mixing” really makes sense with zkp mixers because:

  • any user you share the tx receipt with can withdraw funds. this introduces friction because the sender could say ” i sent this”, but still withdraw it any time before the recipient does.
  • It also means the sender knows the recipient’s address.

What about a contract/user flow like this:

  1. Alice sends 0.1 SCRT to the mixing contract, and encrypts and sends Bob’s publicly known address as the recipient
  2. Bob is now authorized to set a destination address for this contract
  3. Bob submits a fresh destination address (different from his ID or “pay me here” address) encrypted to the contract
  4. The contract executes, and generates an encrypted withdrawal receipt(note, i am not sure what inputs are required in how this receipt is generated)
  5. Bob is able to view the UI, decide on the anonymity set, and execute withdrawal to his destination address.

Note, we can already do this with salad-- what would be the added benefit of a ZKP mixer?

  • we could avoid “deal” architecture, and easily enable early withdrawals a la tornadocash
  • if a node is compromised, is more or less information exposed about the mix? the encrypted inputs are bob's public address , and possibly Bob’s destination address, which is more sensitive. The key thing which should be obscured is that alice’s payment eventually ended up in Bob’s destination address.

Not proposing a product with this one, i think our current implementation is low risk and has good privacy (i.e., i am not convinced we get an added benefit).
I am more interested in this as an example for adding zkp to secret contracts generally…

  • is it possible,
  • would it convey any additional security…