Trusted setup ceremony

In order to make MACI secure we need to perform a multi-party trusted setup ceremony. @weijiekoh is helping us with that, but the ceremony requires an audit of MACI circuits and some social and technical coordination, so it will not happen soon (maybe only when we reach milestone 4 or later).

For our first production round we will do a simplified trusted setup, where the keys will be generated by a single person. This means we have to trust that person to destroy the secret parameters (“toxic waste”). I think this is acceptable risk because our current configuration requires a trusted owner, the contracts are not audited and the funding round will run on a sidechain. The amount of matching funds in our first production rounds should be limited in accordance with these risks.

Here is a sketch of what’s needed to run a multi-party trusted setup ceremony: https://hackmd.io/uiPTVaFaR8WLsV6w-Pokkw

Necessary pieces:

1. Social media and chat channels for announcements, troubleshooting, and interaction with participants.
2. Technical components required for the ceremony. These are already developed, so clrfund just needs to set them up.
3. A test round! This is very important as it will validate the process.

I suggest trying out the Semaphore trusted ceremony to get a sense of how it works: http://ceremony.semaphore.appliedzkp.org/

Awesome, thanks for the information @weijiekoh.

Should we go ahead and kick start getting this set up? These ceremonies can be quite time consuming, so I don’t want it to be a roadblock to us launching production rounds.

Here it is, a trusted setup done by me https://ipfs.io/ipfs/QmRUG3HpnURtAZphFRdcov2K9AedUVHqJcy3MfQEpnC1FY

Awesome!

This is perfect for the first few real-money rounds, but we should start working on a ceremony for when we want to ramp up the matching pool beyond a few thousand dollars.

Trusted setup for MACI 0.5

Trusted setup for MACI 0.6 (medium circuits)