 I'm Czitor, and I work as a software engineer with a private and scaling exploration team. So I'm going to talk about anonymous signaling on Ethereum, and I would like to start with an important question. Why anonymity is important? I don't know why people are so keen to put the details of their private life in public. They forget that invisibility is a superpower. We cannot be sure if this quote is from Banksy, in, da je to anonimizm, to je zelo vsečen. In poslednje in anonimitaj je izgleda do potreboj, ker je izgleda in ideja od vsej autor, ker je izgleda vsečen, da je zelo vsečen, če bi je zelo vsečen, da je izgleda. Tako, ki je zelo vsečen, je izgleda in autor. Vseč, da je zelo vsečen, je zelo vsečen. And sometimes preserving the identity of the messenger is even more important. So anonymity can therefore become an important tool because it limits power. Those with a lot of power derive much of that power from knowledge, from information. The more someone knows about us, the more power they can have over us. Keeping our data or our identity private, they centralize that power. Anonymity promotes freedom of speech. The first step in censoring an idea is to attack its author. And the fear of suffering repercussions for what we say or write also limits our thinking. So knowing that our data and identity are safe encourages us to think freely. Anonymity safeguards reputation. It is important that people are held accountable for their actions and especially for their mistakes. Particularly when these people have a lot of responsibility. When they have an important role. But it is also important that our ideas are not judged based on who we are, but rather on what we have to say. Anonymity allows an idea to be shared regardless of its author's reputation. Which allows people to consider and evaluate ideas for a more objective perspective. Most of us are aware of the importance of anonymity and privacy. But what about our challenges? What are the main drawbacks right now? And how can we solve them? There are probably many reasons, but two of them deserve particular attention. The first one is complexity of technology. In recent years, we have seen a constant growth in the development and use of cryptographic technologies. Zerenology proofs, for example, are now being used in many applications. Proving you have a certain information without revealing the information itself is a really powerful concept. By the way these technologies work is not trivial for people without a background in mathematics or cryptography. In addition, the availability of simple and practical development tools is still limited. Well, a lot of progress has been made actually, but I believe one more step is needed in order to further abstract some technical concepts. So the second drawback is the indifference of people. One of the reasons why some people don't care enough about privacy and anonymity might be that there is not enough awareness and education about how our data is used and why anonymity is important in healthy society. So what can we do then? There are many solutions, but I would like to focus on three solutions. The first one is privacy by default. The right to privacy is mentioned in most national constitutions, but it has often been neglected in the name of national security issues or to make the applications we use everyday smarter and more efficient. Privacy and cryptography should be the backbone of the internet infrastructure. Protocols and applications should protect all user data by default. And in addition, users should be free to change their settings, not the opposite. Another point is education, explaining to people why privacy is important and how we can build privacy-focused applications are very valuable challenges. It is important to choose the right words, build effective designs and convey information as simply as possible. However, simplify things is not enough. Making people aware of the technological and social complexity of the world we live in is equally important. Because we don't just want users to enjoy an experience, we want new friends helping us build a new web-free. The third point is the developer experience. The growth of a community and the adoption of a technology depends heavily on how clear the goals are and how easily the main values and concepts can be conveyed. However, another extremely important aspect is the quality of the code. The code should be tested, documented, formatted with the app MostCare. It is extremely important to use the right patterns in order to follow the best practices, like dry and kiss. So, developer needs to be able to rely on robust, easy to use tools that allow applications to be built in a short time, while also allowing them to be extended, customized and adapted for specific uses. So, developer experience and education is what we have focused on in the last few months of work with Semaphore. But many of you may be wondering what Semaphore is. We don't launch protocol that allows people to join a group and then to send signals, such as messages, endorsements or votes without revealing the original identity. In addition, it also provides a mechanism to prevent double signaling, which basically means you cannot create the same proof twice or the proof cannot be verified twice. So, what makes Semaphore a powerful tool is the simplicity of the protocol and the flexibility. Semaphore uses to build many applications, like private voting applications, whistleblower applications or zinology doubts. Semaphore is made of three different parts. Here come circuits, solidity contracts and JavaScript libraries. My work has focused more on JavaScript libraries and solidity contracts. So, I would like to show you the main Semaphore concepts and how our libraries and contracts work and how they can be used to build private applications. So, creative and Semaphore identity is the first step to interact with the protocol. Each identity is made up of two secret values, trapdoor and nullifier, and one public value commitment. So, the positive hash of the identity nullifier and trapdoor is called the identity secret, and the hash of the identity secret is the identity commitment. So, although in this case we are not using asymmetric encryption, the identity commitment can be considered something like an Ethereum address. It is a public value used to represent people in the protocol. And in particular, commitments are used in Semaphore groups to represent the identity of a group member. The secret values are like Ethereum private keys, and they are used to generate Semaphore zinology proofs and authenticate signals. Semaphore identities can be generated off-chain with our JavaScript library, and quite simple, and you can generate it in two ways, randomly or deterministically. You can generate a random identity without passing any parameters, and a deterministic identity passing a secret message, like a password or a signed message. Groups are an important concept when we speak about privacy and zinology technologies. They can be thought as anonymity sets, and they are a way to establish a necessary trust among participants. In Semaphore group can be people who have an account on some web-chip platforms with high reputation, employees of a specific company, voters in an election, or people with specific SBTs or NFTs. Essentially, any set of individuals who are eligible to participate in something. So groups can use several types of data structures, but medical trees are particularly efficient since they can prove that a leaf belongs to a tree by using just one portion of that tree. Semaphore uses binary medical trees, in which the leaves are the identity commitments, and all the other nodes in the tree are the ashes of their child nodes. When a user joins a group, their public identity is added to that group's medical tree, which is therefore used to allow users to generate proof of membership and then send anonymous signals. So groups can be created off-chain with our JavaScript library or on-chain with our Semaphore counters. When a group is very large and is updated very frequently, an off-chain group might be a valuable alternative or solution. This solution is cheaper, faster, but tended to be more centralized. On the other hand, if you need correct execution or sensitive resistance, groups can also be created on-chain. Which can be an ethereum address, a smart contract, or a multi-sig world. For example, if you want to create a fully decentralized on-chain group, you could create a group and send your contract as admin or ethereum address, which could be used to allow people to join that group only if they own specific NFTs or SBTs. So after creating the identity and joining a group, we can easily prove that they are members of that group and send signals, such as voice endorsements or any message. Signals are part of a zero-knowledge proof which must be generated by users, preferably in their home device, as they need to use their private identity, so secret values. And it's something like client-side encryption in this case, and it allows proofs to be generated locally. So that proof can then be made public and verified by everyone on-chain or off-chain. To generate a valid proof, we also need an external nullifier and the hash of this value and the identity nullifier is the nullifier hash, which can be used to avoid double signaling. So imagine you have a group you are using to vote on some proposals and you want all members of that group to vote only once. So that is the idea of the group as an external nullifier and when a user votes the first time you can save the hash of their identity nullifier and group ID and afterwards block any double votes by checking if that hash already exists. Also in this case we have a JavaScript library which can be used to generate proofs. Proofs must be generated off-chain and those proofs can be verified on-chain or off-chain. The same library and on-chain with our smart contract. Also in this case the way you use them depends on your application, on your use case. So verifying an off-chain proof allows the verifier, your server or you to be certain of the validity of the proof, so it's more centralized and verifying it on-chain on the other end allows everyone to consider that proof valid because the smart contract is public. So verifying is used by some projects like Unirap. Unirap is a protocol or a reputation system built on top of semaphore where users can anonymously give, receive and prove reputation. It is a great way to allow people to build reputation over time while giving them total control over how much they reveal about themselves in a given interaction. So verifying is a social network where people can post and chat without losing their real-life reputation. Temporary anonymous zone is like an experiment. We have a booth on the first floor. You can try our applications and there are like two applications you can use where you can answer questions and ask questions anonymously with one application but anonymously with the other application. Collective art. It's like an experiment to allow people to learn more about our technologies and about semaphore. So semaphore is still in its early stage and some of the ideas for improving it are the following. Create an infrastructure to manage groups. The idea is to have a cloud or self-hosted dashboard where people can create groups, add members, remove members and they can create many kind of groups like permission at groups or permissionless decentralized groups and also reputation groups similar to prep. So another point is create attestations contracts for decentralized groups. The idea here is quite simple. The idea is to create on-chain contracts, smart contracts where people can join groups directly without any external approval. Based on on-chain attributes like SBTS or NFTs or just the amount of money you have. We will investigate other zero knowledge technologies improving systems, of course and we will continue improving the developer experience and our documentation website. The idea is to create an educational website and last but not least we want to create a strong community. We have many ideas here. We will discuss our grants round. We are launching a semaphore grant round. You can scan the QR code on the left. If you are interested in building privacy preserving applications with semaphore you can scan that QR code. We will be really excited to know more about your ideas and projects. If you want more information about semaphore or if you have any questions please visit our website the link of our Discord server or come to our tubs boots on the first floor. So, I hope my talk has been helpful and I really want to thank you all for listening. Thank you. We have 8 minutes for any questions that you have for Sidor. No questions? So you can go to those QR and continue the conversation on the website at www.sidor.com