Add on-chain census details to protocol

vocdoni · Mar 26, 2024 · 3aaf35f · 3aaf35f
1 parent 0529c27
commit 3aaf35f
Show file tree

Hide file tree

Showing 7 changed files with 954 additions and 27 deletions.
diff --git a/docs/protocol/anonymity/on-chain.md b/docs/protocol/anonymity/on-chain.md
@@ -1,9 +1,13 @@
 # On-Chain Census Anonymity
 
-On-chain cenuses derive their contents from a public set of holders of a given token (or set of tokens) on the Ethereum blockchain. This information is turned into a census by generating a Merkle Proof on that set of data. This Merkle Proof is similar to that used for a typical off-chain tree census, and the same sort of [ZK Census Proof](/protocol/anonymity/zk-census-proof) can be used to compute voter validation anonymously.
+On-chain cenuses created with the Census3 Service derive their contents from a public set of holders of a given token (or set of tokens) on the Ethereum blockchain. This information is turned into a census by generating a Merkle Proof on that set of data. This Merkle Proof is similar to that used for a typical off-chain tree census, and the same sort of [ZK Census Proof](/protocol/anonymity/zk-census-proof) can be used to compute voter validation anonymously.
 
 Unfortunately a zero-knowledge census itself is not enough to anonymize an on-chain election, because voters are weighted according to their unique token balances, making them easy to identify as the weight of a vote can be correlated with an address. We address this problem by rounding voter weights in order to hide unique token balances.
 
+:::warning ethereum storage proofs
+On-chain censuses created manually with [Ethereum Storage Proofs](/protocol/census/on-chain#erc-20-token-storage-proofs) cannot be anonymized
+:::
+
 ## Rounding Censuses
 To ensure that the balances of token-based censuses remain private, we must alter them in some way. However, any change must meet two requirements:
 
@@ -37,6 +41,6 @@ Evidently, accuracy cannot be maintained under all possible conditions. We've es
 
 ## Anonymity Level
 
-This scheme for token-based census anonymity is not as absolutely anonymous as a zk-merkle-proof. There are potential vulnerabilities to specific attacks. 
+This scheme for token-based census anonymity is not as absolutely anonymous as a zk-merkle-proof. The parameter settings are important- a `privacyThreshold` that is too small could result in a rounded group of voters who all vote for the same result, effectively de-anonymizing every member of the group. If this threshold is too high, however, accuracy is lost.
 
-For example, acquiring a certain amount of a token to manipulate the algorithm into grouping an address with others could theoretically expose that address. However, such strategies are impractical and unlikely to significantly impact election outcomes. This type of attack also requires an analysis of balance distributions, complicating its execution.
+There are also potential vulnerabilities to specific attacks. For example, acquiring a certain amount of a token to manipulate the algorithm into grouping an address with others could theoretically expose that address. However, such strategies are impractical and unlikely to significantly impact election outcomes. This type of attack also requires an analysis of balance distributions, complicating its execution.
diff --git a/docs/protocol/census/census.md b/docs/protocol/census/census.md
@@ -10,13 +10,9 @@ When a voting process is created, the Census Origin is set to signify which type
 
 ## On-Chain Based Census (Ethereum ERC-20)
 
-On-chain census allow the set of eligible voters to be expressed as a weighted census of holders of a specific token on Ethereum. There is only one entity per Ethereum token, where the address of that entity is the contract address of the given token. 
+On-chain census allow the set of eligible voters to be expressed as a weighted census of holders of a specific token on an Ethereum blockchain. This type of census is useful for organizations whose members are represented as token-holders. This is possible with either Ethereum Storage Proofs or the Census3 Service (only the Census3 Service is supported by the Vocdoni SDK). 
 
-To this end, Ethereum Storage Proofs are used. 
-
-Anyone can permissionlessly register a token to the Storage Proof Smart Contract, incurring some gas cost. Then any holder of the token can create a voting process for that token and set the proper census origin value to signal the use of an on-chain census. The Census Merkle Root is the Ethereum Root Hash at a given block height, and any user can request a Merkle Proof that their address holds tokens on the target ERC20 smart contract. They can then provide this proof to vote on processes for the entity representing that token address. Weighted processes enable users to employ a voting power that is proportionate to the number of tokens they hold.
-
-Technical details for on-chain census can be found at [On-Chain Census][on-chain].
+Technical details for on-chain censuses can be found at [On-Chain Census][on-chain].
 
 ## Off-Chain CSP Based Census (Credential Service Provider)