Legatus

Legatus is a zero-knowledge proof based privacy protocol tailored for decentralized finance (DeFi) applications. The objective is to enhance confidentiality in DeFi transactions, while also ensuring legal compliance and obstructing criminal/malicious activity.

Conventional privacy protocols allow users to make deposits from one address and withdraw from another address, by submitting a ZK proof of inclusion of the deposit in a merkle tree. But they have been misused by criminals and launderers. In addition to this mechanism, Legatus harnesses the concept of privacy pools, enabling the user to prove that their funds have originated from a legitimate source and dissociate themselves from suspicious deposit transactions. A user demonstrates their affiliation with a more limited association set, which may encompass the entire subset of previously conducted deposits, a set exclusively composed of the user's individual deposit, or any variation in between. An Association Set Provider (ASP) is utilised, which acts a service that selects a subset of trusted deposits from the entire set of deposits, to prove inclusion in. The ASP computes a subset merkle tree and periodically publishes the merkle root on-chain. Each privacy pool can be managed by a Semaphore anonymous group. Members within the group can signal a malicious depositor and notify the ASP to exclude their deposit transactions from the chosen association set.

The protocol is designed for integration with DeFi platforms, enabling users to explore lending, yield farming, and decentralized exchanges while maintaining their privacy. Currently we have built an Aave adapter. A user can make a deposit on Legatus from one address, which is supplied as collateral on Aave. They receive a private note, using which they generate two ZK proofs - one to prove that their withdrawal is linked to the deposit, and the second to prove the inclusion of the deposit in a subset of legitimate-only transactions. Once withdrawal is processed, the second address receives the Aave aToken of the supplied collateral, enabling them to engage with Aave functionalities like earning yield, make borrowings, withdraw etc, while having hidden the origin of their collateral.

Legatus aims to provide users with a secure, privacy-enhanced and compliant DeFi experience. Inspired by "Blockchain Privacy and Regulatory Compliance: Towards a Practical Equilibrium", Vitalik Buterin,Jacob Illum,Matthias Nadler,Fabian Schär,Ameen Soleimani

The project is composed of the following modules:

1. ZK - we have used Noir to develop a Poseidon merkle tree ZK circuit for generation and verification of proofs. The ZK proofs are generated with the help of Sindri as the proving system. Verification is done using a smart contract generated with the Noir codegen-verifier.

2. Smart contracts - The contracts have been developed in Solidity using Foundry. The contracts have been deployed on Scroll Sepolia as well as Eth Sepolia testnets.

3. Backend - We built a custom Association Set Provider (ASP) and a Semaphore group manager backend, using Express and Nodejs. We have made use of Semaphore for anonymous group management and signalling.

4. Frontend - We used the scaffold-eth2 template for bootstrapping. It makes use of Nextjs, TailwindCSS and DaisyUI.