The Company Behind Zcash Announces Proposed Solution to Trusted Setup

Published at: Sept. 13, 2019

Electric Coin Company (ECC), which launched and supports the development of privacy-coin Zcash recently published a paper called: Halo: Recursive Proof Composition without a Trusted Setup.

On Sept. 10, ECC announced in a blog post that engineer and cryptographer Sean Bowe had discovered a way of “creating practical, scalable and trustless cryptographic proving” techniques, which claims to end a 10-year-long pursuit by the cryptography communities. He called the solution Halo.

Halo takes away the need for a ‘trusted setup’

The strategy of Halo reportedly holds the potential of compressing limitless amounts of computation, creating auditable distributed systems, building highly scalable blockchains and protecting privacy. The article reads:

“The concept is a proof that verifies the correctness of another instance of itself, allowing any amount of computational effort and data to produce a short proof that can be checked quickly.

Sean’s discovery involves ‘nested amortization’ — repeatedly collapsing multiple instances of hard problems together over cycles of elliptic curves so that computational proofs can be used to reason about themselves efficiently, which eliminates the need for a trusted setup.”

In cryptography, a trusted setup is when a set of initial parameters are created that at a later stage will be destroyed. It is called a trusted setup because one must trust the person who created the parameters to destroy them rather than keep them for future illicit gains.

The Electrical Coin Company points out that trusted setups are difficult to coordinate, could present a systemic risk and always have to be repeated for each major protocol upgrade. According to ECC, the removal of trusted setups should present a substantial improvement in safety for upgradeable protocols.

The authors of the paper, Sean Bowe, Daira Hopwood and Jack Grigg, claimed that they obtained the first practical example of recursive proof composition without a trusted setup, using only ordinary cycles of elliptic curves. They added:

“Our primary contribution is a novel technique for amortizing away expensive verification procedures from within the proof verification cycle so that we could obtain recursion using a composition of existing protocols and techniques. We devise a technique for amortizing the cost of verifying multiple inner product arguments which may be of independent interest”

Tags
Related Posts
How to Remain Profitable Through the Halving of Zcash
Reward halvings are a common element of many different forms of cryptocurrency, known to typically impact a coin’s supply, difficulty and price. For many cryptocurrencies, these halving mechanisms are embedded into the code in order to lower the generation rates and inflation, which can help extend the life of the coin even amid increased demand. This is what happened with the Bitcoin network back in May when its block reward halved for the third time and was reduced to 6.25 Bitcoin (BTC). Now, it is Zcash’s turn, as the digital asset’s network is set to undergo its first halving sometime …
Blockchain / Aug. 11, 2020
What Are Zk-SNARKs and How Do They Affect Digital Privacy?
At a time when technology can be used as both a mechanism for privacy intrusions and a tool for protecting privacy, the prescient sentiment of cypherpunks in the 1990s of cryptography as the last defense against a digital surveillance dystopia rings truer than ever. And one of the most potent instruments for defending digital privacy has recently gained significant momentum thanks to the advent of cryptocurrencies. An iteration of zero-knowledge proofs, trustless zero-knowledge proof systems that are also referred to as zk-SNARKs are a powerful cryptographic primitive that can sever any tractable piece of data between two parties over a …
Blockchain / March 5, 2020
Why ‘Setup’ Matters for Cryptocurrency Privacy
Privacy is a core characteristic of cryptocurrencies. Despite mainstream conception, however, it is not the primary goal of cryptocurrencies like Bitcoin (BTC) or Ether (ETH), and is more of an ancillary benefit of using cryptography. The situation is altogether different for cryptocurrencies that seek to maximize anonymity when transacting on the network. Networks like Monero (XMR) and ZCash (ZEC) have soared in popularity, making up part of the handful of leading cryptocurrencies by market cap based on strong guarantees of privacy. Both blockchains offer users virtually complete privacy assurances — Monero with the CryptoNote technology suite, and ZCash deploying the …
Blockchain / March 17, 2020
Zero-Knowledge Proofs, Explained
Notable use cases Over the last two to three years, a number of platforms have adopted zero-knowledge proofs in order to bolster their native security/privacy capabilities. ZoKrates is a digital toolbox that can be used by skilled developers to devise and verify zero-knowledge proofs using Solidity — an object-oriented programming language used for creating Ethereum-based smart contracts. Similarly, a couple of years ago, JP Morgan Chase adopted Zcash’s zk-SNARKs-based proof of concept to bolster the privacy of its native blockchain ecosystem called Quorum. Simply put, Quorum is a fork of the Ethereum blockchain that makes use of its very own …
Blockchain / Nov. 18, 2019
‘Tracers in the Dark’ presents a fun crime story — and lesson in privacy
On its surface, Andy Greenburg’s new book, Tracers in the Dark: The Global Hunt for the Crime Lords of Cryptocurrency, is a standard crime story. Fans of true crime podcasts will enjoy the crypto version and get a seat in the Federal Bureau of Investigation van as United States federal agents track down criminals through their crypto transactions. The first story recounted is that of a crooked Drug Enforcement Agency agent who stole funds from the online drug market Silk Road. It also addresses the hunt for Dread Pirate Roberts, aka Ross Ulbricht — Silk Road’s founder. Ross’ operational security …
Blockchain / Jan. 2, 2023