Skip to content

glamperd/small-powers-of-tau

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

46 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Small Powers of Tau

This code has not been audited. Use at your own risk.

This implementation aims to target small non-Groth16 powers of tau ceremonies.

Performance

  • No optimisations have been added, so the code will most likely be very slow. This includes adding rayon and swapping many pairings checks for multi exponentiations and a single pairing check.

Usage

Below we show different uses of the API depending on the actor.

Contributor

In order to contribute to a ceremony, you need to:

  • Receive and deserialise the most recent SRS
  • Create a random private key
  • Use your private key to update the SRS, creating an update proof
  • Send the update proof and the updated SRS.
    // Specify the parameters for the ceremony
   let params = Parameters {
            num_g1_elements_needed: 100,
            num_g2_elements_needed: 2,
    };

    let bytes = // Assuming you received the most recent SRS as a bytes
    
    // Deserialise the bytes received to create the SRS
    // This method will ensure that the first points is in the correct group and that none of the points are zero
    let mut srs = Accumulator::deserialise(bytes, params, SubgroupCheck::Partial);

    // Create your private key
    let private_key = PrivateKey::rand(rng);

    // Update the SRS creating an update proof 
    let update_proof = srs.update(private_key);

    // Send the SRS and update proof to the appropriate party
    update_proof.serialise();
    srs.serialise();

Protocol Verifier

The job of the protocol verifier is to check whether a contribution was valid during the ceremony. If not, the contribution is thrown away like it never existed along with the update proof.

The workflow is as follows:

  • Receive and deserialise the SRS that was sent by a contributor along with the update proof
  • Check that the update proof is valid. This includes checking that the SRS received, does indeed build on the SRS that the verifier currently holds.
  • Signal to the protocol if the update was valid. At this point, one could delete the old SRS keeping the update proof.
    // Specify the parameters for the ceremony
   let params = Parameters {
            num_g1_elements_needed: 100,
            num_g2_elements_needed: 2,
    };

    let bytes = // Assuming you received the most recent SRS and the update proof

    let srs_old = // The verifier will always have an old SRS in memory or on disk

    // Deserialise the bytes received to create the SRS
    // This method will ensure that the points are in the correct group and that none of the points are zero
    let mut srs_new = Accumulator::deserialise(bytes, params, SubgroupCheck::Full);
    // Deserialise the update proof
    let update_proof = UpdateProof::deserialise(bytes)

    let valid_update = Accumulator::verify_update(&srs_old, &srs_new, &update_proof);

    // Do something based on whether the update was valid

Ceremony Integrity Verifier

These are the actors who want to either check that their contributions were included in the SRS or that the SRS was indeed updated according to the update proofs.

    // Specify the parameters for the ceremony
   let params = Parameters {
            num_g1_elements_needed: 100,
            num_g2_elements_needed: 2,
    };

    let bytes = // Assuming you downloaded the starting SRS, the final SRS and the update proofs from some storage location

    let starting_srs = Accumulator::deserialise(bytes, params);
    let final_srs = Accumulator::deserialise(bytes, params, SubgroupCheck::Full);
    let update_proofs = //

    // Verify that these update proofs indeed do correspond to the transition from the starting SRS to the final SRS
    let valid_updates = Ceremony::verify(starting_srs, final_srs, update_proofs);

    // Now lets assume that I have contributed to the ceremony and I want to verify tht my contribution was included.
    // I should have a public key that was included in my update proof
    let public_key = //

    let (valid_updates, position) = Ceremony::verify_and_find_contribution(starting_srs, final_srs, update_proofs, public_key);

    // If position is None/Nil then your contribution was not included. Else the position of your contribution will be returned.

Build for browser-based deployment

wasm-pack build --targe no-modules

The pkg folder will contain the necessary javascript and wasm modules to copy and run in a node.js app.

License

This project is distributed under a dual license. (MIT/APACHE)

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in this crate by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.

Status

This project is a work in progress.

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Rust 100.0%