An Update on Umbra's Funding and Future
November 5, 2020 / Ben DiFrancesco
In this post, we’ll give you an overdue update on the funding and development of the Umbra protocol. To start, let’s review what Umbra is.
What is Umbra, again?
Umbra is a protocol for stealth addresses on Ethereum. It was conceived in response to a tweet by Vitalik Buterin earlier this year.
Next step in improving ethereum's privacy (in addition to ongoing improvements to https://t.co/f8JT3wFmD4 and the like): some clean easy-to-use stealth-address-like scheme to send coins to an ENS name without publishing to the world that they got coins.— vitalik.eth (@VitalikButerin) April 1, 2020
Umbra leverages the properties of elliptic curve cryptography to enable payments where only the sender and the receiver know the receiver’s identity. Coupled with decentralized domain systems— like Unstoppable Domains or ENS— it allows anyone to receive stealth payments non-interactively.
Here’s another way to think about what Umbra does: imagine Alice wanted to pay Bob, but neither of them wanted it to be obvious to someone observing the chain that Bob was the one receiving Alice’s payment. How could they do this? Bob could generate a totally fresh address and send this to Alice via an encrypted messaging app. Then Alice could send the funds to Bob at this new address.
Umbra removes the need for the back-and-forth communication in the above flow. Instead, Alice can send a payment using Umbra to bob.eth. On chain, it would look like Alice made a payment to a previously unused address. Thanks to the work Umbra does behind the scenes, the address would in fact be one only Bob could control.
In addition to this, Umbra has some other features which make it easier for users to make privacy-preserving decisions without a headache. To learn more about how Umbra works, check our blog post introducing the protocol to the community.
How It Started
In May 2020, we built an alpha version of Umbra in 23 days for the ETHGlobal hackathon and shipped it to the Ropsten testnet. The project was well received, qualifying as a finalist in the hackathon, winning several sponsor prizes, and garnering interest from the community.
Encouraged by this interest, we asked ourselves: what would it look like, and what would it take, to get Umbra to mainnet in a responsible way? We wanted to follow a process that reflected the awesome responsibility that comes with asking users to entrust their funds and their privacy to Umbra. The conclusion we reached, at a high level, was that Umbra needed two things:
At least two hundred hours of development work
Thorough security audits from at least two reputable firms, per best practices
Given these requirements, we turned to the question of funding.
Estimating Our Funding Needs
We view the core Umbra protocol as a public good. While the final protocol may or may not have a fee, it would be small, and used only as a spam prevention mechanism. Any revenue generated from a fee would be negligible, if not zero. This led us to pursue grant funding for Umbra, and we started by trying to estimate how much funding we’d need.
As a crypto focused dev shop, we have the skills in-house to address development needs. We also have awesome clients eager to pay for our time. To avoid having to choose between building Umbra and generating revenue, we applied a fair market rate to buy that time from ourselves.
We then sought to estimate costs for the security audits. We spoke with five respected firms, communicating the complexity of the system to be audited. The scope of the audit estimates included the on-chain smart contracts and the off-chain library for interacting with the protocol. Because of how Umbra works, much of the cryptographically sensitive code actually executes off-chain.
The range of estimates from these firms was broad, and, as expected, not cheap. Security audits from reputable firms are in high demand, and for good reason. Based on these quotes, we budgeted $45K per audit. Since we wanted two of them, this meant we’d need $90K to cover them.
We began pursuing grant funding almost immediately after the hackathon concluded. We are extremely grateful for the organizations who have come through for us, and want to thank each of them here, in no particular order.
The first organization to step up were the folks at Unstoppable Domains. Not only did they proactively reach out to us about helping fund our work on Umbra, they made the process of applying for and receiving a grant painless. They also opened up a PR on our repo adding Unstoppable Domains support to Umbra— a big win from our perspective.
The Unstoppable Domains grant gave us a base from which to work, allowing us to start buying some of our time for development while we sought additional funding. We’re grateful for their support!
The Matic team launched their mainnet layer 2 solution earlier this year. As we’ve seen Ethereum’s activity skyrocket— along with gas prices and network fees– the need for L2 solutions like Matic has become clear. One of the nicest features of the Matic L2 is its compatibility with existing Ethereum developer tooling. Matic uses the EVM, meaning contracts can be deployed using virtually the same process as on mainnet.
We’re very bullish on Ethereum L2 at ScopeLift, and we knew from the beginning that we wanted to add L2 support to Umbra wherever possible. That made it especially gratifying when Matic generously offered us a grant. While we’re focused on getting to Mainnet first, the EVM compatible nature of Matic makes it an obvious and easy target for Umbra.
We were also excited to receive a grant from MetaCartel. Not only is the funding a huge help, it also gave us the opportunity to “dogfood” crypto-native capital coordination, by interacting with this global DAO organized with an on-chain treasury. The MetaCartel members were enthusiastic and supportive. We owe them all a great thanks, especially Cooper Turley, who lead the charge in championing Umbra amongst the MetaCartel members.
If you’re involved in the Ethereum ecosystem, you’re almost certainly familiar with the Gitcoin grants program, where small donations from thousands of community members are amplified via quadratic matching pools from organizations in the ecosystem. Hundreds of community members contributed to Umbra during Gitcoin’s 6th and 7th grant matching rounds. We’re humbled and encouraged by this community support!
Last but not least, we are grateful to the Ethereum Foundation for their support of the project. We all know the extremely valuable work the Foundation does in shepherding research and development for the Ethereum ecosystem. We will strive to live up to the high standard of projects that have been funded by the EF over the years.
We want to reiterate that we’re extremely grateful to each and every one of the organizations who even considered us for a grant, let alone for the amazing partners we listed above who are supporting us. We are eager to move Umbra forward with what we’ve raised. In this section, we want to discuss where the project is and the challenges that remain despite this awesome level of support. We’ll then explain how we intend to manage those challenges moving forward to make Umbra a success.
The first challenge is simple to understand: raising grant funding takes time. As mentioned earlier, ScopeLift is primarily a crypto dev shop focused on client work, and we’re lucky to have great clients with interesting projects. What that means, though, is that the many hours we spent applying for grants and having conversations with potential funders came at the expense of billable client work.
We want to be clear: we’re not complaining about the procedures the various organizations we worked with have in place. It makes good sense to appropriately vet the teams and projects to which money will be going. This does make pursuing funding a challenge for us specifically, though, given the opportunity costs involved.
Second, finding funding in the quantities needed to pay for two full audits proved difficult. While we’ve raised a substantial five figure sum— a fact for which we are extremely grateful— we’re still short of the $90K we estimated for two full audits of the on-chain and off-chain components, and thats before development expenses are considered.
Since May, we’ve made progress on a number of important areas. We’ve settled several outstanding architectural questions about our encryption process, and found a number of ways to reduce gas costs significantly. We’ve laid out plans to add extensibility to the protocol, create post-payment withdraw hooks, and enable support for arbitrary meta-transaction systems. We’ve undertaken a rewrite of our frontend, and begun work on a formal spec for review by the community. We also had a number of customer calls that have exposed opportunities for improvement when it comes to user experience.
Despite this progress, we do have a sense internally that we haven’t gotten as far as we’d have liked over the last few months. Somewhat naively, we thought we’d be able to raise enough funding to pay for our time and the audits quickly, and thus focus a substantial portion of our energy on Umbra for a sustained period of time. That reality didn’t materialize, and in hindsight, we should have known it was overly optimistic.
The aforementioned challenges around fundraising also left us a bit paralyzed. Since we weren’t sure how much we’d end up succeeding in raising, we were hesitant to spend too much of we had raised too quickly, hoping we’d still clear the threshold for development and two full audits. It eventually became clear getting to that point would be difficult.
So how do we intend to proceed, given the constraints and opportunities we see? Here’s our plan.
First, we’re going to focus our efforts on pushing the development of Umbra to completion. The funding we’ve raised is enough to buy our own time, and perhaps the time of trusted contractors, to get dev work done. That is our top priority moving forward.
Second, we’re going to finish the protocol specification, and lean on the community for feedback and review. In addition to publishing an open spec, all of our code is open source. We’re hoping the community will step up and help us make sure we’re shipping something people can put their faith in.
Finally, we’re going to pursue more limited audits or security reviews as our budget allows. This might mean doing a single audit, restricting the audit to the on-chain components, and/or doing a less extensive review of the system. Whatever audits we do or don’t end up getting, the scope, nature, and results will be transparent and public.
We believe the Umbra protocol will be valuable to the Ethereum ecosystem. We’re excited about the opportunity to work on it. We look forward to shipping it in the coming months for many reasons, not the least of which is that we want it to use it ourselves.
Funding for public goods in the crypto world is far from a solved problem. There are still challenges and tradeoffs, and we’ve sought to elucidate our experience honestly in this post. Overall, though, we’re humbled and pleased by the support we’ve received. We’ll keep you updated here as things more forward!