search

EYBlockchain / nightfall_3

a mono-repo containing an optimistic version of nightfall
Creative Commons Zero v1.0 Universal
259 stars 57 forks source link

Research MPC ceremony required for Mainnet deployment #191

Closed ChaitanyaKonda closed 2 years ago

ChaitanyaKonda commented 2 years ago

Research

ChaitanyaKonda commented 2 years ago

Definition of Done

PS: Effort to be defined in terms of time required

dwebchapey commented 2 years ago

Submitted feature request to Zokrates to integrate MPC ceremony. The integration of Powers of Tau has to be tightly coupled rather than generating MPC based randomness separately and feed that into setup phase because whoever running the setup would see the final randomness and thus have a backdoor.

dwebchapey commented 2 years ago

Alternatively , snarkjs is another js implmentation of zksnark. It supports Groth16 and plonk but not GM17. snarkjs provides tools for conducting trusted setup multi-party ceremonies: including the universal powers of tau ceremony, and the second phase circuit specific ceremonies.

Testing snarkjs Performed MPC phase 1 and phase 2 ceremony and generated keys For 2^21 constraints , each contribution execution took about 16 minutes.

Listing pros and cons of Zokrates and snarkjs for NF3

Zokrates

Pros

  1. Support for GM17
  2. NF3 circuits are built in zokrates currently

Cons

  1. Implementation of setup phase ( initiated feature request in Zokrates)
  2. Browser integration to be tested
  3. Currently does not support Plonk proving scheme

Snarkjs

Pros

  1. Provide tool for Powers of Tau MPC ceremony
  2. Browser integration

Cons

  1. No support for GM17 , only G16 and Plonk
  2. Rebuilt circuits in circom

Also note that moving to Groth16 from GM17 is better for performance if inherent malleability of Groth16 is handled in NF circuits.

Final notes

Best approach for now seem to be integrating MPC setup to Zokrates

ChaitanyaKonda commented 2 years ago

282 will tracks the recommendations suggested here