Can this scheme be made distributed?

arkworks-rs / poly-commit

A Rust library for polynomial commitments

Apache License 2.0

337 stars 131 forks source link

Can this scheme be made distributed? #6

Open Fiono11 opened 4 years ago

Fiono11 commented 4 years ago

Instead of a trusted dealer generating the UniversalParams, can they be generated in a distributed way?

burdges commented 4 years ago

Yes, doing so is a straightforward sequential trusted setup. Each stage proves correctness using E::pairing(params.powers_of*_g[i],params.h) = E::pairing(params.powers_of*_g[i+1],E::G2Affine::prime_subgroup_generator()) etc, although Schnorr DLEQ proofs sound faster.

Fiono11 commented 4 years ago

I'm sorry, I didn't understand. Can you explain in a simpler way, please?

Pratyush commented 4 years ago

Yes, one can essentially just modify the Powers of Tau setup to make this work.

Fiono11 commented 4 years ago

Can you explain it, please?