NECSS: A Framework for Private Applications (Phase 1)

[yoyoismee]

NECSS: A Framework for Private Applications (Phase 1)

Summary

NECSS (pronounced "nexus") or "Noir Entity Component System and Secret" is a comprehensive framework designed to accelerate the development of private applications using zero-knowledge proofs. By providing templates, code generation tools, out-of-the-box integrated modules, and standardized patterns, NECSS aims to do for ZK applications what MUD has done for fully-on-chain games.

In this first phase, we aim to ship an MVP that supports fundamental ZK design patterns such as commit-claim, signature-claim, note-nullifier schemes, privacy-preserving state transitions, etc. The scope encompasses the entire development stack: Noir for ZK circuits, Solidity for on-chain verification, TypeScript for client applications, and an indexing service for efficient data retrieval.

Motivation

• Building applications with Zero-Knowledge Proofs involves numerous complex components requiring diverse technical skills across cryptography, smart contracts, and frontend development
• Many ZK components are non-trivial to implement or integrate correctly, with complex cryptographic requirements and security considerations
• Critical infrastructure components (e.g., indexing) are repeatedly reimplemented by different teams, resulting in significant duplicated effort
• The current high barrier to entry limits innovation in the private application space
• Standardization would enable the community to focus on application logic rather than infrastructure and supporting components
• We want to lower the barrier to entry and improve overall efficiency of the ZK application ecosystem

Methodology

We plan to build in public and collaborate with the community to refine the direction and scope. While our initial design is heavily inspired by Lattice's MUD framework, we're adapting it specifically for the unique requirements of private applications using ZK proofs.

Core Components

1. NCESS Data Standard (aka components)

A standardized data management system for ZK applications that:

• Provides consistent primitives for handling data
• Enables seamless integration between contracts, apps, circuits, and infrastructures
• Standardizes the representation of private state and state transitions

2. NCESS System Standard

• Standardizes the interaction between apps, contracts, and circuits.
• Code generator

3. Indexer

A specialized indexing service that track relevant data for each design pattern that works out of the box.

• From NECSS config automatically create an indexing service
• Index and serve relevant data supporting others components
• E.g. if there's a merkle tree indexer will keep track of new tx and update trees.

4. Client

• Manage data, state, and prove generation
• The rest of the scope will be up to the community and resources available

5. CLI

• Tied everything together with a CLI

Business Model

• NECSS is committed to being free and open-source software
• We might offer "managed services" for certain infrastructure components (e.g., indexing, proof generation APIs) in the future, but this is not our current focus

Timeline and Deliverables

Phase 1 (6 months)

• Weeks 1-4: Community engagement and requirements refinement

  • Gather feedback from ZK application developers
  • Finalize specifications

• Months 2-4: MVP Development

  • Implement core components
  • Implement first set of ZK template and example

• Months 5-6: Documentation, Examples, and Outreach

  • Documentation and tutorials
  • Sample applications demonstrating framework capabilities
  • Marketing and ecosystem outreach
  • Updates based on community feedback

Team

We are co-founders of Tetration Lab, a research and development lab focused on zero-knowledge proofs, cryptography, and web3 technologies.

We previously developed multiple open-source cryptography libraries, focused on primitive cryptography implementation on smart contract (EVM) and Rust (Arkworks) (Ref: https://github.com/Tetration-Lab)

We also won multiple hackathon building novel privacy applications utilizing ZK and FHE technology, the notable one includes “zkVM”, a simple ZK vm that simplifies the process of turning simple vm into a provable vm with privacy components using ZK through Noir. Another one is “ZTF”, A on-chain ctf with claimable bounty using ZK through Risc-0 by proving malicious state transition of EVM contract state. (More: https://www.tetrationlab.com/)

Additionally, we won Zama bounty to implement the most efficient ECDSA signing in TFHE-rs. (Ref: zama-ai/bounty-program#45)

@yoyoismee - Signal: yoyoismee.48
@yoisha (https://yoisha.dev/) - Signal: @yyyoisha.64

Start Date

1 June 2025

[rishabhtpt]

Smart contract security considerations are all about writing code that can’t be exploited. Since blockchain is permanent and public, one small bug can lead to big losses. Developers need to check for issues like reentrancy, overflows, and access control. It’s not just about making things work—it’s about making sure they work safely and can’t be abused.