Powers of Tau: Cardano Zero-Knowledge Setup Ceremony event | Encoins <> Modulo-p

[GENERAL] Name and surname of main applicant

Agustín Salinas

[GENERAL] Are you delivering this project as an individual or as an entity (whether formally incorporated or not)

Entity (Not Incorporated)

[GENERAL] Please specify how many months you expect your project to last (from 2-12 months)

4

[GENERAL] Please indicate if your proposal has been auto-translated into English from another language

No

[GENERAL] Summarize your solution to the problem (200-character limit including spaces)

To use Groth16 Zero-Knowledge protocol with security reliability a robust trusted setup ceremony must be conducted.

[GENERAL] Does your project have any dependencies on other organizations, technical or otherwise?

No

[GENERAL] If YES, please describe what the dependency is and why you believe it is essential for your project’s delivery. If NO, please write “No dependencies.”

No dependencies

[GENERAL] Will your project’s output/s be fully open source?

Yes

[GENERAL] Please provide here more information on the open source status of your project outputs

The project will be fully open source.

[METADATA] Horizons

Developer Tools

[SOLUTION] Please describe your proposed solution

Introduction

Currently, there are several zk-SNARK schemes available for verifying Zero-Knowledge proofs. The Cardano ecosystem is on a process of developing and integrating these zk-SNARK schemes. One of the most efficient options available today is Groth16. Compared to other schemes like PLONK, Sonic, and Marlin, Groth16 generates small proofs that are both fast and inexpensive to verify. This efficiency makes Groth16 particularly suitable for projects that need to integrate Zero-Knowledge proofs with optimization in mind, this means, considering efficiency constraints such as transaction size, computational budget limitations, or low fees. However, a notable downside of the Groth16 scheme is that it requires a trusted setup to operate securely and reliably. Our proposal will try to ease the effort to integrate Groth16 into the projects by covering some parts of the trusted setup.

What is a trusted setup?

To securely generate proofs using this system, a preliminary step known as a "setup" must be performed. This setup is done through a Multi-Party Computation (MPC) ceremony, which aims to generate two essential cryptographic components: the prover key and the verification key. These keys are critical for ensuring that the proofs created by the protocol are valid and secure.

To complete the trusted setup, multiple parties must participate, each providing a random input in turn. This randomness must remain secret, and once contributed, participants must discard it to avoid compromising the system. This discarded randomness is known as toxic waste. The ceremony's security relies on at least one participant properly disposing of their toxic waste. If all participants collude and retain their inputs, the integrity of the ceremony is compromised, allowing malicious actors to create fraudulent proofs and bypass security measures relying on the Groth-16 scheme. Therefore, a larger number of contributors reduces the risk of collusion, enhancing the setup's trustworthiness.

A trusted setup is accomplished in two phases: The first phase, called Powers of Tau, is a universal setup process that generates reusable parameters for different circuits or applications using zk-SNARKs. Once the Powers of Tau phase is completed, the setup moves to the Circuit-Specific phase. In this phase, the parameters from the Powers of Tau are adapted for a specific circuit or application. The goal is to generate the prover key and verification key.

The proposal

The functioning of zk-SNARK schemes relies on specific elliptic curves, but most existing setups are accomplished for curves not supported by Cardano. Our proposal aims to conduct a Powers of Tau ceremony (Phase 1) specifically for the BLS12-381 curve, which is compatible with Cardano. We plan to engage at least 30 to 40 participants in this Phase 1 ceremony to ensure that projects can more jump directly to the phase 2 of the setup. To achieve this, we will coordinate participants and organize their contributions. The budget will include funding for 40 paid participants to incentivize involvement, while remaining open to voluntary contributions from others. As can be noted, the proposal will just cover the first phase of the ceremony, still projects have to conduct the second phase. This is because the phase 1 is a general phase that can be reused for any ceremony, in the contrary, the phase 2 is circuit-specific, this means that particular circuit must be provided to finally derive the keys.

As mentioned above, still projects have to deal with the phase 2 each time a new application is meant to be implemented. Still there is this difficulty ahead for the projects, to address this, a key aspect of our proposal is to establish a dedicated portal for organizing Phase 2 ceremonies. This portal will serve as a centralized platform where participants can access essential tools and resources necessary for conducting their ceremonies effectively. By streamlining the logistics and providing clear guidance, we aim to reduce the complexity and overhead often associated with these processes. The portal will facilitate communication among participants, allow for the scheduling of ceremonies, and offer support for troubleshooting any issues that may arise. Ultimately, this initiative will significantly ease the burden on projects that need to integrate Groth16, enabling them to focus on their core objectives while ensuring compliance with zk-SNARK requirements.

[IMPACT] Please define the positive impact your project will have on the wider Cardano community

The impact of this proposal will benefit the entire ecosystem focused on developing with Zero-Knowledge proofs. In our experience, managing the setup process is often challenging and complex, that is not so straightforward because it requires collaboration among many people. In this sense, this initiative aims to simplify the integration of Groth16 into future zkDApps, promoting the adoption of Zero-Knowledge cryptography, especially with efficiency considerations in mind. Additionally, we envision the portal as a catalyst for ZK projects by providing essential resources and tools, facilitating smoother development and promoting innovation within the community.

[CAPABILITY & FEASIBILITY] What is your capability to deliver your project with high levels of trust and accountability? How do you intend to validate if your approach is feasible?

Our team has a good mix between technical experience and community management, both skills are key for the execution of the setup. On one hand, we have experience with community management which is crucial for the organizational aspect of the proposal. On the other, we have developed Zero-Knowledge applications which ensures a solid technical execution to this proposal.

[PROJECT MILESTONES] What are the key milestones you need to achieve in order to complete your project successfully?

Ceremony Preparation and Organization

In this step, we will prepare the necessary software for contributing to the ceremony, create informational resources on how to participate, and compile a list of individuals involved in the event.

Milestone Outputs:

•  A program script to facilitate contributions to the repository.
• A document outlining the process and guidelines for participation.
• A document detailing the schedule, contributors, and execution specifics of the ceremony.

Acceptance Criteria:

• The software must enable participants to submit contributions to the organizers.
• The documentation must clearly explain the process and provide detailed instructions for participation.

Evidence of Milestone Completion:

• Document
• GitHub repository

Execution of the ceremony

This step will consist in the execution of the setup ceremony. Here we will schedule and organize the different participants to make their contribution.

Milestone Outputs:

• A transcript of the outputs of the ceremony.
• A document that details how the ceremony was executed.

Acceptance Criteria:

• A minimum of 30 participants must contribute to the ceremony.

Evidence of Milestone Completion:

• A document including above information.
• Social network posts that evidences contributor participation.

Ceremonies portal

We will create a website where educational resources, the ceremony tools and a means to arrange ceremonies in phase 2 is disposed.

Milestone output:

• A website that provides educational resources to accomplish a ceremony, tools to conduct a ceremony and a page where ceremony events can be arranged.

Acceptance criteria:

• The website must comply with above characteristics.

Evidence of Milestone Completion:

• The website itself.

Final milestone

Milestone Outputs:

• Complete project report summarizing all activities, technical findings, and key learnings.
• Final video explaining the document.

Acceptance Criteria:

• Final video explaining the project’s objectives, outcomes, and future potential.

Evidence of Milestone Completion:

• Published close-out report on Github .
• Final project demo video shared on YouTube.

[RESOURCES] Who is in the project team and what are their roles?

Agustín Salinas, Plutus smart contract developer.

• Github: https://github.com/AgustinBadi
• Responsibilities: Agustín is a Cardano developer at Modulo-p. He has pioneered in the ecosystem by writing the smart contracts of early zkDapps in Cardano such as the zk-Mastermind and a port of the Semaphore protocol from Ethereum. He will do a technical assessment of the proposal. 

Agustín Franchella, Project Manager.

• Responsibilities: Agustín is Cardano Ambassador and Encoins Team Member. He is a funded proposer in F12. Agustín will be a project manager, leading the development of the project’s documentation and educational resources. He will collaborate closely with the development team to ensure the accuracy and accessibility of the project's documentation and onboarding materials for contributors. And he will lead the event ensuring that contributors make their contributions and checking that the ceremony develops correctly.

[BUDGET & COSTS] Please provide a cost breakdown of the proposed work and resources

FTE = Full-time equivalent

Project Management: ₳ 28,571

2 * FTE Project manager

Technical assessment: ₳ 14,285

1/2 FTE Developer

Ceremony contributors: ₳ 40,000

40 ceremony contributors (₳1000 per ceremony contributor)

Infrastructure: ₳ 4,285

24 months for hosting the ceremony portal website.

Total budget: ₳ 87,141

[VALUE FOR MONEY] How does the cost of the project represent value for money for the Cardano ecosystem?

Our project represents significant value by addressing a critical challenge in implementing regarding the integration of Groth16 into the Cardano ecosystem. Furthermore, it will be good to explain the criteria behind the construction of the budget. There are several points that justify the cost of the budget.

First, it is worth noting that almost half of the budget will be spent on the contributors, which will imply that 30 to 40 community members will work for the success of the proposal. Such amount of people contributing in a ceremony event that could last a month or more, justify having the requested Ada to support this process and have incentivize participation.

Second, the rest of the budget will be allocated to:

• At least two event organizers (the project managers) that will have to schedule, guide and give support to the contributions.
• At least one developer that will technically asses the proposal, prepare the ceremony software and infrastructures, and manage the website.

In this sense, the funds for the core team for the 4th months of the proposal, is reasonable according to industry-standard costs.

Lastly, in sum, our proposal directly addresses the lack of an established, Cardano-compatible setup for Groth16 by conducting the first phase of the trusted setup. This creates foundational infrastructure that can be reused by other projects, providing a multiplier effect across the ecosystem. Furthermore, by creating a dedicated portal for future setups, we ensure that the upfront investment has long-lasting benefits, not only for this project but for future zk-SNARK implementations in Cardano. Considering these long-term benefits, the cost of our project represents a good investment in the foundational tools needed for efficient Zero-Knowledge proof integration.