The hypothesis
DAO governance suffers when voters self-censor under public ballot reveal. A Groth16-based nullifier proof on SUI lets eligible voters cast a single ballot without revealing which option they picked, while the contract can still tally results in real time and prevent double-voting.
Stack & architecture
- Circom circuits define the eligibility + nullifier proofs.
- Groth16 is the proving system (small proofs, cheap on-chain verification).
- Move smart contracts on SUI verify proofs and tally.
- TypeScript client wraps proof generation and submission.
What I learned
ZK on SUI is more pleasant than on EVM thanks to Move’s resource model — nullifier registration and ballot tally collapse into a single object update without the gas-and-storage gymnastics. The hard part is keeping the trusted-setup story honest for the eligibility tree.