-
Notifications
You must be signed in to change notification settings - Fork 14
Home
DefinitelySetup is an innovative product designed to streamline the process of running Trusted Setup ceremonies for groth16 based SNARKs. By accepting pull requests containing R1CS, wasm, and ceremony config files, and automatically approving and merging requests with constraint sizes less than 1M, DefinitelySetup dramatically simplifies the process of initializing SNARK circuits. It offers a web interface where users can monitor ceremonies and a CLI to enable contributions. At the ceremony's conclusion, finalized zkeys are made available for download, creating an open and verifiable system.
A Trusted Setup ceremony is critical in the world of groth16 based SNARKs as it generates the parameters needed for both the prover and the verifier. These parameters must be generated in a way that no participant knows the entirety of the so-called "toxic waste," a certain piece of information that, if known, would allow someone to create false proofs. By conducting this setup in a multi-party computation (MPC) manner, the risk is spread over all participants - if at least one participant correctly deletes their part of the toxic waste, the system remains secure.
From a first principles perspective, a Trusted Setup is essentially an exercise in distributing trust. We want to create a system (groth16 SNARK) where proofs can be verified quickly and efficiently. However, this system relies on parameters that could potentially undermine its integrity. To mitigate this, we perform a setup process that ensures that as long as one participant remains honest, the entire system's security is upheld.
Turning our attention to Plonk, another established system for zk proofs, we notice similarities and differences between it and groth16 based SNARKs. While both aim to provide succinct, verifiable computation, they differ in their verification times and proof sizes.
Plonk systems tout universality, meaning a single trusted setup can be used for any circuit up to a given size. This advantage over many SNARKs is notable, as the latter usually necessitate a new trusted setup for each distinct circuit.
However, Groth16 based SNARKs are more efficient when we consider the proof size and verification time. Their proofs are smaller and faster to verify than Plonk, making Groth16 the system of choice where scalability and efficiency are paramount.