✳️ dcposch on daimo
@dcposch.eth
Ok zkp2p.xyz is tremendously impressive. Pay with Venmo, get USDC on Base. Uses a very clever zkemail to prove your venmo transfer. Try it—works best on desktop
17 replies
9 recasts
70 reactions
@
0 reply
0 recast
0 reaction
lucky
@lsankar.eth
there is a fundamental trust assumption on the mail server doing the dkim signing I think but this probably isn’t an issue until size where Venmo is incentivized to forge +sign emails to mint usdc
3 replies
0 recast
2 reactions
✳️ dcposch on daimo
@dcposch.eth
the way that last risk would materialize is not Venmo/Paypal stealing USDC (they would never), but rather some FUD around illegal use of zkp2p > Venmo intentionally starts rotating their DKIM key to avoid being used that way
2 replies
0 recast
4 reactions
bankisan
@bankisan
From the conversation I’ve had with the team, DKIM keys being rotated is baked into the design of zk-email. Are you concerned with the frequency of rotations?
1 reply
0 recast
1 reaction
✳️ dcposch on daimo
@dcposch.eth
Or they start switching up their email format, freezing involved venmo accounts etc Point is just—there is no real risk of Venmo intentionally rugging USDC from zkp2p. only a risk that they’ll eventually try to deny service
2 replies
0 recast
3 reactions
bankisan
@bankisan
I think switching up formats is a tough problem to deal with, so I agree. But yeah, the censorship risk is probably the bigger one.
1 reply
0 recast
0 reaction
Yush
@yush
Hey -- we have a couple clever ways to deal with censorship. For instance, when email templates rotate, if the old template has any valid txes for 7 days, it remains. Similarly with old dkim keys, if it ever rotates then you need to send the private key in plaintext on chain to invalidate it.
0 reply
0 recast
2 reactions
