Add nanak and sora's recursive prover ideas

Author: Divide-By-0

README.md

@@ -344,6 +344,8 @@ Ads bring in surprisingly low revenue -- I hope that the bounty makes it worth y
 
 - **FHE for Gene Algorithms** (by Janmajaya and Florent): Use Janmajaya's libraries to build a simple algorithm to match a secret generic algorithm with a users genome to show them their results, without revealing data on either side.
 - **Quantum Proof Keypairs on Ethereum with AA**: Implement ECDSA in a STARK and integrate into EIP 4337 like this [ethresearch post suggests](https://ethresear.ch/t/quantum-proof-keypairs-with-ecdsa-zk/14901), allowing anyone to move their money to a quantum-safe wallet with ECDSA, without having to switch keypair algorithms.
+- **Recursive Verifier for Vole in the Head**: Thanks to Nanak for the idea. Holonym has a very fast [browser prover for circom](https://github.com/holonym-foundation/vole-zk-prover) based on the vole in the head paper, but proofs are 10mb. Write a recursive verifier for these proofs in groth16 so that you can aggregate them efficiently to post on-chain.
+- **Circom -> ZKBoo Compiler**: Thanks to Sora for the idea. It seems zkboo doesn't need to be on binary fields, so you might be able to directly compile circom/BN254 to it for fast browser proving.  
 - **Truly random NFT drops** The problem is that you can predict randomness and mint the best NFTs by simulating the chain. Some solutions [exist](https://www.paradigm.xyz/2021/10/a-guide-to-designing-effective-nft-launches#phase-4-metadata-reveal). However, a better way to do this is, on mint, you generate a 24+ second (2+ block) VRF seeded by the previous blockhash. Minters pay gas upfront for anyone to send a second reveal transaction. MEV searchers calculate the VDF and send the result to the chain for that gas money + a small bonus, in return for updating the NFT values on chain first. More description at this hackmd: https://hackmd.io/xgR6mtWyQYC_SZYtZTdoDA .
 - **Futarchy On-Chain**: Build the first prediction markets for governance, like [MerkleDao](http://www.ralphmerkle.com/papers/DAOdemocracyDraft.pdf)'s plan. Add features like also betting reputation points proportional to money, where higher reputation leads to higher investment limits, which will help institutional players to be long-term aligned with the project instead of financial manipulators. This will also help elect legislators who consistently have high reputation, meaning they accurately predict long term impact of legislation on people.
 - **EVM Bytecode Splitter**: There is a 24kb contract limit on the EVM, and it's a huge pain to cut down contract size. However, taking bytecode or Yul directly, determining memory access patterns, and automatically splitting contracts so that they are deployable on chain would be extremely valuable. Specifically, halo2 cannot be verified on chain right now because the Yul verifier without aggregation is too big.