Cybird🦉

It is very common for developers in this ecosystem to grift non-technical community members into believing they have produced useful technology or otherwise fulfilled their obligations when in actuality they just writing non-functional code in a void that is never intended to see use and publishing that code to Github to collect their catalyst milestone rewards with zero intention of actually delivering anything meaningful to the ecosystem or even actually delivering the milestones at all. The below is a great example of an egregious instance of this. Let us walk through each of the proposals that they have said are "completed" and explain the actual status of the proposals in a way that non-technical people can understand. zkFold x zkPass: Bring zkPass to Cardano Problem statement: Implementing data oracles is a critical problem in the blockchain space. Cardano currently lacks a universally accessible, cost-effective, decentralized, and reliable data oracle. Solution: zkPass is a leading cross-chain data oracle solution. Leveraging zkFold's expertise in Cardano smart contracts and ZKPs, we aim to integrate zkPass's robust data verification services on Cardano. By verifying zkPass proofs on-chain, users get an independent, unforgeable attestation of the validity of their private data. Currently, zkPass supports many EVM chains. By implementing zkPass proof verification contracts on Cardano, we enable Cardano users to access zkPass functionality from the comfort of their Cardano wallets. Wow that sounds great! zkPass is a massive oracle provider in the blockchain space, it would be huge for Cardano defi if we could have a means to verify zkPass proofs on Cardano. The proposal talks about how they will be teaming up with the zkPass team to deliver this functionality; that's a huge collaboration! The project was completed! They collected all milestones, a total of 250,000.00 ada. Great work! That must mean that we can verify zkPass oracle attestations on Cardano now! Or at the very least that zkPass team was involved in the delivery of this in some way as promised! Or that zkPass is integrated or used in some form somewhere in whatever they delivered? We should at-least have the following two components that were promised in the proposal right? 1. Onchain smart contract that can verify zkPass proofs 2. A JS library that integrates with zkPass's JS-SDK and contains the off-chain code for building Cardano transactions and querying attestation data from the blockchain. The following outputs were promised in the milestone delivery: 1. Client-side (browser) blockchain querying code 2. Finalized smart contract code (Haskell) 3. Finalized JS/TS library What did they actually deliver? Here is what they gave the in final proof of achievement: Link to Client-side (browser) blockchain querying code: github.com/zkFold/capital… Ah this must be the JS library code that queries the zkPass attestation data from the blockchain right? No. Well then what did they submit? What does this code do? It is a glorified geography trivia game. > This game tests your geography knowledge about countries and their corresponding capitals. A score between 0 and 5 is assigned to each trial. Does it at-least get any information from zkPass or consume zkPass data or have any relation to zkPass at all? No. It is a game that lets you answer questions about what the capital of each country is. What about the smart contract to verify zkPass oracle attestations? Here is what was linked in the final milestone, Link to Finalized smart contract code (Haskell): github.com/zkFold/zkpass-… Okay okay, the querying for zkPass attestations wasn't what we expected but surely the smart contract verifies zkPass attestations right? I mean look at the codebase, it's got a ton of lines of code, lots of super advanced terminology like "Plonk", "NonInteractiveProof" "ZKCircuits", "ZkPassToken"! The smart contract in the link above named `untypedZkPassToken` even says in its documentation that it is a "Plutus script (minting policy) for verifying zkpass computations on-chain." That sounds promising right! Even if we don't have the offchain code to get attestations, at-least we have the smart contract that can do it right? Wrong, this smart contract cannot verify zkPass attestations at all. Not a single one of them. Nada, zip, zilch. This smart contract is a generic verifier for plonk proofs that was copy pasted from another project. Plonk proof verifier! That sounds cool! So even if they didn't actually deliver a contract that can verify zkPass proofs at-least they made some progress on it? Or at the very least they attempted to do it? No. They did not. You see, zkPass oracle attestations come in the form of a JSON blob with ECDSA signatures no zk required, also importantly ZkPass DOESN'T USE PLONK AT ALL. Okay it is completely not related to zkPass in any way shape or form but `untypedZkPassToken` must be doing something right? What zkProof is this contract being used to verify? Prepare yourself for this, you are not ready for how amazing and advanced this is, and how valuable to the ecosystem it is: This is used to verify a zk proof that the number 5 is indeed the number 5. Sorry what? Yes, that is correct. It verify the identity function! This has nothing to do with zkPass or oracles at all. It verifies that if you have a function f(x) = x ie. that takes whatever you give it and gives it back to you without doing anything at all, then if you give it a number you will get that same number. Revolutionary! 250,000 Ada collected for a smart contract that verifies that 5 is equal to 5. Great work from the zkFold team! Okay, okay what about the final output that was promised the JS/TS library for interacting with zkPass JS-SDK. Surely this at-least is something remotely relevant to the proposal or at-least something that does something useful at all right? Unfortunately, no. Here is the link they provided for that output: Finalized JS/TS library: github.com/zkFold/zkpass-… Well what does this do? It is the exact same game that lets you answer questions about what the capital of each country is. Compare it to the repository that was submitted for the other output: github.com/zkFold/capital… You will notice they are exactly the same, except zk-pass-client has one additional commit from the CTO of ZkFold. What does that commit do? Nothing. Since it is the same code as the client code, does that mean it is a fork of the client code? No, instead of forking it, they downloaded the client code and manually pushed it into a new repository. This is a common trick that is used by developers to hide the fact that a project is a direct clone of another project. TLDR what do we have for 250,000 ada: 1. A guessing game 2. A smart contract that is used to verify the proof that 5 is equal to 5. 3. The same guessing game from output one, but in disguise. What does this show? This shows the ZkFold team does not care about actually delivering anything at all. They care about collecting catalyst milestones, and use their position as developers to lie about what work they have delivered in order to collect milestone payments and then let the project die slowly. Maybe they are still working on it? There has not been a single commit in 8 months. Did this project have anything to do with zkPass? No. Did it result in us being able to consume zkPass oracle data? No. Did it produce anything even remotely useful to anyone? No. Did anyone ever use any of this? No. This is fraud. I urge the catalyst team to review this evidence and draw their own conclusions on the above. I also urge all community members to review the above and see if you believe that zkFold is actually making any honest effort at all to deliver a zk rollup L2, or if they are repeating what they have done above, publishing vaporware crap code that does nothing to github repositories and marketing it "super advanced zero-knowledge proofs" to non-technical reviewers to collect milestone payments.