Skip to content

Latest commit

 

History

History
122 lines (98 loc) · 11.3 KB

README.md

File metadata and controls

122 lines (98 loc) · 11.3 KB

Summary

The KZG Ceremony is a coordinated public ritual which will provide a cryptographic foundation for Ethereum scaling initiatives. From the specs repo:

The ceremony takes place between participants and the sequencer. Participants are the entities that contribute their secret randomness to the final output 𝜏 s. The role of the sequencer is to act as the common point of interaction for all participants as well as verifying participants' contribution as the ceremony progresses.

The ceremony is designed to have the following characteristics:

  • wide ecosystem participation
  • browser accessible
  • a meaningful narrative in a simple interface
  • easy to audit transcript

The best place to follow along is the KZG Ceremony channel in the Ethereum R&D Discord or the bridged telegram channel - DM one of the contributors to be added to either.

Resources

Audits

Client Implementations

There are a number of independent implementations interested Ceremony participants can try to run locally, will have a variety of different features. (no guarantees on the quality or completeness!)

CLI Interfaces

Implementation BLS Library Language License Author Notes
Chotto blst (jblst) Java Apache 2.0 Stefan Bratanov (@StefanBratanov)
go-kzg-ceremony-client gnark-crypto Go MIT Ignacio Hagopian (@jsign) Features: transcript verification, using additional external sources of entropy, eg. drand network, an arbitrary URL provided by the user. Note: double signing not supported due to lack of hash-to-curve in gnark.
eth-KZG-ceremony-alt kilic Go GPL-3.0 Arnaucube (@arnaucube)
Towers of Pau blst Go MIT Daniel Knopik (@dknopik), Marius van der Wijden (@MariusVanDerWijden) Linux only, no signatures.
cpp-kzg-ceremony-client blst C++ AGPL-3.0 Patrice Vignola (@PatriceVignola) Features: BLS/ECDSA signing, transcript verification, Linux/Windows/MacOS support
czg-keremony noble-curves JavaScript MIT JoonKyo Kim (@rootwarp), HyungGi Kim (@kim201212)
kzg-ceremony-client blst C# MIT Alexey (@flcl42), CheeChyuan (@chee-chyuan), Michal (@mpzajac), Jorge (@jmederosalvarado), Prince (@prix0007)

Browser Interfaces

Interface BLS Library License Author IPFS Repository Notes
ZKParty Frontend Arkworks Several latest.kzgceremony.eth trusted-setup-frontend References the latest version of the interface, which departs from the audited version in minor ways
ZKParty Frontend (Audit Commit) Arkworks Several [1] audit.kzgceremony.eth trusted-setup-frontend The exact interface which Sigma Prime audited in November 2022. May have minor bugs or differences from the latest version above. docker instructions
Doge KZG gnark MIT Andrew Davis (@Savid) [2] dogekzg 🐶
  1. audit: QmevfvaP3nR5iMncWKa55B2f5mUgTAw9oDjFovD3XNrJTV
  2. doge: QmRs83zAU1hEnPHeeSKBUa58kLiWiwkjG3rJCmB8ViTcSU

BLS Libraries

Library Language License Audit
blst C & assembly Apache 2.0 Audit Report, [WIP] Formal Verification
Arkworks Rust Apache 2.0, MIT
gnark-crypto Go & assembly Apache 2.0 Audit Report
kilic Go Apache 2.0
Herumi BLS C++ & assembly modified BSD Technical Assessment
Constantine Nim Apache 2.0
py_ecc Python MIT
matterlabs/EIP1962 Rust Apache 2.0
noble-curves TypeScript/JS MIT

Special Contributions

April 1-16 2023 was the Special Contribution Period for the KZG Ceremony. This allowed participants to contribute in ways that may not have been possible in the Open Contribution period.

While the Ceremony only needs a single honest participant to provide a secure output, Special Contributions provide additional assurances beyond a standard entropy contribution:

  • computing over the entropy in an isolated environment (eg. on an airgapped machine, wiping and physically destroying hardware) means it's unlikely for a malicious entity to have extracted the entropy at any point
  • detailed documentation (explore links below) attached to real reputations are unlikely to all have been coopted or faked by a malicious coordinating entity. The records are available for future observers to explore.
  • different hardware and software limits correlated risk
  • differentiated entropy generation (eg. measuring an explosion) prevents the Ceremony output being compromised by some failure in the regular entropy generation (eg. the hosted interface)
  • contributions involving large groups of people are harder to fake than those with only one person

This post is a public record of the Special Contributions with information on methodology, where to find them in the transcript, and links to documenting media.

Media

Title Venue Participants Release Date
KZG Ceremony Duo Summons The Ethereum Road Map The Defiant Tegan Kline, Carl Beekhuizen, Trent Van Epps April 2023
Episode 262: Ethereum’s KZG Ceremony with Trent & Carl Zero Knowledge Anna Rose, Kobi Gurkan, Carl Beekhuizen, Trent Van Epps Feb 2023
Ethereum's KZG Ceremony Bankless David Hoffman, Trent Van Epps, Carl Beekhuizen Jan 2023
Peep an EIP - KZG Ceremony EthCatHerders Pooja Ranjan, Carl Beekhuizen Jan 2023
Ethereum Foundation – EIP-4844 & KZG Ceremony Epicenter Friederike Ernst, Trent Van Epps, Carl Beekhuizen Jan 2023
Building the KZG Ceremony PSE Learn and Share Nico Serrano, Geoff Lamperd Dec 2022
The KZG Ceremony - or How I Learnt to Stop Worrying and Love Trusted Setups Devcon Carl Beekhuizen Oct 2022

Public Calls

Call # Link Date
1 Agenda/Recording June 9 2022
2 Agenda/Recording June 23 2022
3 Agenda/Recording July 7 2022
4 Agenda/Recording July 21 2022
5 Agenda/Recording Aug 4 2022
6 Agenda/Recording Aug 18 2022
7 Agenda/Recording Sept 1 2022
8 Agenda/Recording Sept 15 2022
9 Agenda/Recording Sept 29 2022