More people should know about the Interfold. It's basically what I've been yelling at people to build with the MACI ideas ( https://ethresear.ch/t/minimal-anti-coll… ) for almost a decade, and now it exists, in a generalized form. The idea is: a privacy protocol optimized for things like voting (and other use cases eg. secret-ballot auctions). The mechanism generates a threshold encryption key, and people send in their votes onchain, using a ZKP to prove eligibility. An arbitrary computation on the votes gets run inside FHE, and then threshold-decrypted. From what I can tell (the docs are good https://docs.theinterfold.com/CRISP/intr… ), it gets pretty optimal security guarantees: * Voter anonymity can be made unconditional if eligibility is proven with ZK-SNARKs * Censorship resistance is guaranteed by ethereum (votes can be posted directly onchain, and there's a proof that all posted votes are taking into account) * The correctness of the outputted result can be ensured via ZK over FHE * Liveness and coercion resistance depend on M-of-N honesty; unavoidable given present-day technology The main limitation is that today "ZK over FHE" is only properly available for additive vote tallying, as it's too expensive for computations that involve multiplication or other more complicated manipulation at the moment. There's work in progress on slashing-based / optimistic computation for such situations. (And of course ideally in the long term we'd figure out obfuscation so you can get rid of the M-of-N committees😃)

too much negativity lately here; so let's get back to technical insight posting because this is much more fun :) yesterday - while verifying an EIP-7002 tx (trigger withdrawals/exits from their execution layer) i was again reminded of the denomination mismatch between the execution & consensus layers: - the execution layer (i.e. EVM) uses _wei_ as its base unit (1 ETH = 10**18 wei) - the consensus layer (i.e. Beacon Chain) uses _gwei_ as its base unit (1 ETH = 10**9 gwei) my understanding is that this is basically a hack to avoid having to use integers wider than 64 bits to store validator balances & while doing calculations but yeah, ngl, it's fucking confusing nonetheless. so whenever you directly interact (eg EIP-7002, EIP-7251) via the execution layer (and must set an amount value) with the consensus layer, you must use gwei and not wei. fun fact is that the beacon deposit contract handles the conversion for you in the deposit function, so no mental overhead there. - https://github.com/ethereum/consensus-sp… - https://github.com/ethereum/consensus-sp…