Logo
AboutBlogProjectsResearchGrants

Notes from Deep - lessons learned

Created
Feb 28, 2022 3:00 PM
Tags

Trusted setup

  • The whole nature of a zero knowledge protocol depends on there being secret values that the prover does have full knowledge of
  • "I have a proof" OK TEST WITH RANDOM INPUTS TO PROVE IT
  • Simple ones don't scale at millions
  • Goal is to create a proof once, and anyone can come and test against it
  • This is => N = Noninteractive in sNark
  • Doesn’t require a back and forth
  • Input needs to be treated as random
  • Parameters need to be created in a way that no one should know what they are
  • Process for this is called the trusted set up
  • There is a video on this - ask Porcu about this
  • Circuit is the input to the trusted setup
  • Software that is deterministic for how values will flow through arithmetic operations
  • Circuit needs to be correct
  • THIS is what gets audited
  • First, need a non-circuit proof
  • The thing actually makes sense (to a person?)
  • Without this, we can't then make a circuit that will actually do something useful
  • Then we make a circuit
  • Write the spec, software
  • Internal audit
  • on the spec
  • on the code implementing the spec
  • External audit
  • As above, but additional software considerations
  • Then circuit is good
  • Begin trusted setup
  • Time can force us to start the trusted setup <2 weeks before end of audits
  • Trusted setup process (help Jake (dev) to do this)
  • Recruit people through some means - JV
  • Scheduling them so they know what to do and when
  • Download the bucket (output of the previous person setup)
  • Do verification
  • Perform some operation (an hour+)
  • Create checksums, sign messages saying they did specific operations to make it auditable, traceable, verifiable
  • Send back outputs to coordinator
  • Get rid of any trace of toxic waste
  • Toxic waste = residual randomness that needs to be disposed off
  • Validate that the secret was applied correctly (without knowing the secret)
  • Then send this on to the next person
  • Get parameters
  • Publish parameters
  • If people don't use the same parameters, then it won't work. Consensus will agree these are the right parameters to use.

CryptoNet is a Protocol Labs initiative.