Check Project Charter for details about this project

Currently IOG is the only party doing tallying of the votes (meaning checking result of the votes). We would like to see how Hydra could be used to decentralise this process and allow more members (ideally from Cardano community) to tally / count Catalyst votes independently while reaching the same final verdict.

Using Hydra experiment with a distributed Catalyst tally process such that more parties can attest and verify validity of Catalyst Fund results.

• Hydra Voting PoC Kick-Off: https://docs.google.com/presentation/d/1oVB_J3eBKbhWc_yAr5w8cFz2TpL2Zngv8pZjK6Gtruk/edit#slide=id.g124655d21b1_2_509
• Rough Plan and focusing on M1 first: https://docs.google.com/presentation/d/16wnWy9Br0ewTJMZefeGBkNEj3jDyfjif/edit#slide=id.p1
• 2023 M1 Status Updates: https://docs.google.com/presentation/d/1ee7vQLIUcoDfHeU6ln_-_YlKvXM-5WvM/edit#slide=id.g213a58a9c58_1_24

• M1 - Tally ca 1 mln Catalyst votes (as in compatible with Catalyst domain model) with min 3 and max 10 Hydra Head operators, perform distributed tally process and obtain only one result
  • 🟢 Port Merkle Tree from Hydra to Aiken (https://github.com/input-output-hk/hydra/blame/master/plutus-merkle-tree/src/Plutus/MerkleTree.hs) -> https://github.com/aiken-lang/trees/pull/1/files
  • 🟢 Write simple on chain contract that counts votes (https://github.com/cardano-foundation/hydra-voting-poc/blob/master/on-chain/validators/voting.ak)
  • 🟢 Write fake votes generator compatible with Catalyst domain model
  • 🟢 Write and run on chain contract counting unencrypted Catalyst votes with off-chain code (java) without merkle trees on L1
  • 🟢 Use one of Open Source Merkle Trees implementation in offchain infra or port our Merkle Tree to (Java / Scala / Kotlin) on L1
  • 🟢 Spin up and run local dev Hydra Head network (devnet)
  • 🟢 Develop PoC version of Hydra-Java-Client which allows us to easily access Hydra from java code: https://github.com/cardano-foundation/hydra-java-client
  • 🟢 Port and run on chain contract counting unencrypted Catalyst votes with off-chain code on Hydra Dev network
  • 🟢 Integrate merkle trees and vote batch creation and reduction contract on dev Hydra L2 network

Demos:

• M1
  • KW9 status update: https://drive.google.com/file/d/1NTKVCsRI7Teh1lRDTME6qQ5HhTlJuO95/view?usp=sharing
  • KW12 status update: https://drive.google.com/file/d/16W3FB18pDWTqKtoaIzMzN7eL5Gn-wdO0/view?usp=sharing
  • KW15 status update: https://drive.google.com/file/d/1aUwn9lbn0F9SF36XtOXogfYixj5I8Nl2/view?usp=sharing

• M2 - Since Catalyst votes are encrypted on jormungandr sidechain, we will be using Partial Homomorphic Encryption tally the votes in such a way that each Hydra Head Operator cannot tally alone but all operators only can tally together
• M3 - Authentication for Hydra Head Operators via NFTs

While overall goal is that anybody could tally but intially we expect that IOG / Emurgo / CF will tally the votes using Hydra Heads. The idea is that we want to avoid in initial versions having to pay and lock up people funds for slashing (in case cheating by the group was detected).

General Statements:

• M1: Since votes are handled in batches - they only way system can work is that votes are not duplicated, this means that votes votes coming from vote domain / (currently jormungandr sidechain) are already unique and deduplicated (since we won't have one big Merkle Tree but a lot of small ones).
• Security assumptions: the current design of the system has currently security equal to 1 honest Hydra Head operator, meaning only if all Hydra Head Operators form a group and agree to .e.g. drop certain votes system could be compromised. There is an idea to explore in the future to use so called Mithril Committe on L1 that could also verify operation of Hydra Head Operators. Effectively this committee could independently tally the votes and publish their tally result on L1. This could increase security of the system with additional complexity of additional technology (Mithril) and Committe doing the work.
• One of the problematic things mentioned in Problems / Questions section where we rely on one operator performing importing of votes, by extending Hydra and doing atomic transactions we can make sure that all Hydra Operator verify that 1 operator that performed importing of votes imported all votes. This can be enabled thanks to: atomic transactions (meaning that multiple transactions either all happen or all fail) and Hydra extension (to be developed) which allows to sign off and validate transaction by Hydra Head Opererator if and only iff the transactions are containing what they should contain. Note that for this to work fine we require that all Hydra Head operators have access to original Catalyst votes (which should not be a problem at all).

• Election: we would like to anybody could potentially run Hydra Head nodes but we do know that number of these people cannot exceed certain amount, e.g. 10

• M1: if we separate voting from tallying not only from the business domain (which it is separated anyway) but also from technical point of view then votes in an encrypted form need to be imported by one Hydra Head Operator into a new network. Here we want to prevent votes to be ommitted or imported twice.

• General: if jormungandr continues to be run in a private network for now, how will Hydra Head operators obtain access to individual votes (especially if they are outside of 3 founding entities)?

• M2: How split the key in such a way that each operator only gets a part of the key

• M2: How to count the votes together, in Hydra one operator needs to sign a transaction and all need to simply validate (full consensus)

• If we ever submit votes directly to Hydra - how to assure that one operator being temporary offline won't disturb the whole voting session, one idea, hydra can deliver n x m signing, meaning we can configure Hydra such that only ca 80% of operators need to sign. Unless voters directly interact with Hydra network - this is not really a needed feature.

• M2: Since Partial Homomorphic Encryption is CPU intensive, how can we actually run it in smart contract. Regardless of the fact that these are very resource intensitve tasks, right now there are no implementations for this available neither in Aiken nor in PlutusTx (to our knowledge)

• General: Once we open up the tallying to all people, how can we in a decentralised way select Hydra Head Operators doing the tally process? One idea is that we conduct voting on L1 and Hydra Head operators + backup operators receive ca 1 to 2 years licence, such a license such cover operation for a few Catalyst rounds but question is whether people will want to participate in selection of Hydra Head Operators doing the tallying.

• General: Currently Hydra does not support external transaction validation, meaning just like in Cardano transaction is automatically validated. External transaction validation could be useful in scenarios where a Hydra Head operator would also check validity of transaction against their off chain infrastructure.

• Since so far in designs only one operator is doing initial voting import from one operator here are the ways to protect against double votes or omitting votes: Since so far in designs only one operator is doing initial voting import from one operator here are the ways to protect against double votes or omitting votes: a) Use getUTxO request against Hydra node and EACH operator imports votes to smart contract if and only if other operator didn’t import votes yet (risk: can getUTxO return inline datum info so we can connect this to an existing vote, another risk: race condition, diff between getUTxO answer and two operators import the same vote at the same time, let’s not forget that getUTxO response is async) b) Allow only one operator to import and then after the whole voting is done - each operator in the offchain can process all results and check if all votes have been included (check votes). If they find something which is not correct, they can call off results. They can submit fraud proof such hat a certain vote was not included into account c) validate a vote that is being imported by a hydra operator only if and if it has not been imported before (hydra code could be checking this via external validation) d) smart contract on Hydra could have a redeemer step that they “Approved it” meaning we kind of develop full consensus in the application layer (edited)