Our project has two contributions:

1. New crypto primitive implementation: anonymous proxy signatures [AN23]. In arkworks and with WASM bindings for in-browser execution.
2. Toy applications: on-chain company cards and on-chain pocket money. In both cases, an account holder (company or parent) can delegate spending authority to a depending party (employee or child). No external observers, including the verifier, can know that delegation took place. We can also add a private spending policy.

In general, anonymity enables safe proxy delegation in case of targeted attacks. For instance, an Ethereum validator can designate a few other parties as backups to sign on her behalf: for instance, if Alice's machine is down, Bob can sign on Alice’s behalf after a preset timeout. Here, even if Alice is a victim of a targeted attack, Bob can stay anonymous and avoid the attack, and continue to sign for Alice until she recovers.

We wrote the signature verifier in Noir and, if compiled to the Aztec Virtual Machine, can be used to authorise transactions using an account contract.

Unfortunately, as explained in our Challenges, Blake2s does not work in the AVM. Therefore, we couldn't deploy the account contract we were hoping for. Instead we deployed the following proof of concept: a regular smart contract that verifies a proxy signature (but sadly using a not-so-collision-resistant hash function since Blake2 was unavailable).

See the README on GitHub for more info.

Things you can run:

• we have runnable arkworks examples in the repo (explained in the README).
• a proof-of-concept Noir smart contract that you can compile and upload to the Aztec Playground. The contract verifies a proxy signature.