Home

Awesome

Perpetual Powers of Tau

中文

The Privacy & Scaling Explorations team is conducting phase 1 of a multi-party trusted setup ceremony based on the Zcash Powers of Tau ceremony. The goal is to securely generate zk-SNARK parameters for circuits of up to $2^{28}$ (260+ million) constraints. This means that the process will generate twice as many minus one (530+ million) powers of tau.

As long as one party in the ceremony behaves honestly and is not compromised, the entire setup is trustworthy.

To take part, please get in touch with EF's PSE team via the #ppot Discord channel.


Contents:

Contribution List

Notes on Procedure

Participating

Phase 2 Files


Ceremony progress

Participant IDIdentityGPG keyAttestation
0001Koh Wei JieKeybase0001_weijie_response
0002Kobi GurkanKeybase0002_kobi_response
0003Roman SemenovKeybase0003_roman_response
0004Paul PeregudKeybase0004_paul_response
0005Muhd AmrullahKeybase0005_amrullah_response
0006Zachary WilliamsonKeybase0006_zac_response
0007Youssef El HousniKeybase0007_youssef_response
0008Mike LapinskiKeybase0008_mike_response
0009Brecht DevosKeybase0009_brecht_response
0010Vano NarimanidzeKeybase0010_vano_response
0011Zhiniang PengKeybase0011_zhiniang_response
0012Daniel WangKeybase0012_danielw_response
0013Kevin LacknerKeybase0013_kevin_response
0014Koh Wei JieKeybase0014_weijie_response
0015Anonymous Cryptographer0015_anon0_response
0016Aurélien NicolasKeybase0016_qedit_response
0017Philip StehlikKeybase0017_philip_response
0018Cody & Jennifer BurnsKeybase0018_cody_response
0019Petr KorolevKeybase0019_petr_response
0020Eduardo AntuñaKeybase0020_edu_response
0021Raziel Finkelton0021_rf_response
0022Roman StormKeybase0022_roman_response
0023Shomari PrinceKeybase0023_shomari_response
0024Vitalik ButerinKeybase0024_vb_response
0025Stefan DemlKeybase0025_stefan_response
0026Geoff LamperdKeybase0026_geoff_response
0027Alex SkidanovKeybase0027_alex_response
0028Dimitris ApostolouKeybase0028_dimitris_response
0029Gustavo FredericoKeybase0029_gustavo_response
0030Anant UpadhyayKeybase0030_anant_response
0031Golem Factory0031_golem_response
0032JosephCKeybase0032_josephc_response
0033Oskar ThorénKeybase0033_oskar_response
0034Igor GulamovKeybase0034_igor_response
0035Leonard Tan0035_leonard_response
0036Stefaan PonnetKeybase0036_stefaan_response
0037Chih-Cheng LiangKeybase0037_chihcheng_response
0038James ZakiKeybase0038_james_response
0039Wanseob LimKeybase0039_wanseob_response
0040Wei TangPGP key0040_wei_response
0041Evan Van NessKeybase0041_evan_response
0042Vaibhav ChellaniKeybase0042_vaibhav_response
0043Albert Ni0043_albert_response
0044Ying TongKeybase0044_yingtong_response
0045Ben EdgingtonKeybase0045_ben_response
0046TkorwinPGP0046_tkorwin_response
0047Saravanan VijayakumaranKeybase0047_saravanan_response
0048R. Tyler SmithKeybase0048_tyler_response
0049Jordi BaylinaKeybase0049_jordi_response
0050Koh Wei JieKeybase0050_weijie_response
0051Joseph BebelKeybase0051_joe_response
0052Zaki ManianKeybase0052_zaki_response
0053Juan LeniKeybase0053_juan_response
0054Jarrad HopeKeybase0054_jarrad_response
0055Tyler Blaise SmithKeybase0055_tyler_response
0056Auryn MacmillanKeybase0056_auryn_response
0057Gísli KristjánssonKeybase0057_gisli_response
0058Rasikh MoraniKeybase0058_rasikh_response
Why the gap? See here
0078Soham Zemse0078_soham_response
0079atheartengineerPGP0079_atheartengineer_response
0080Carter FeldmanKeybase0080_carter_response
0081Aayush GuptaKeybase0081_yushg_response
0082Ali ParviziKeybase0082_ali_response
0083Yi SunKeybase0083_yi_response
0084Jonathan P Wang0084_jpwang_response
0085zircuit0085_zircuit_response
0085nebra0086_nebra_response

Transcript files

Note: as each challenge file can be deterministically generated from a prior response file, we have only backed up 34 challenge files on an IPFS node, and if we need to free up space on its storage device, we will delete some challenge files (except, of course, challenge_initial).

IPFSFilename
Qmb1ejQ2uSXJ5AukYEGdm73Lf8q8vg2As2beC2eYENnDtBchallenge_initial
QmePmggNmSmzkJm3W1Kdz73FsUcdDpUGdvj466xTw9gjrgchallenge_0002_kobi
QmSQXLTHVCNQQE2wF7q8n2vhNmLjzKpPXwsGSYkGboKefochallenge_0003
QmZ4qMYTRWKSWce2g2pose7v6maKGrrGG8HvtWPqxXyKxMchallenge_0004
QmZfYvb1eeE1uXvBGQWFXq169Gh79qsdcho169MM2BJ3Z7challenge_0005
QmeNukSckT7gkD354aQfzLh6T7ZGv51gPmQQEi18BmSpiCchallenge_0006
QmQpAUqQ1jx8ABwmvw1kjUhFUcN8JM4D14BkE2roBrYtuxchallenge_0007
QmdRxyVimSRsAJ4HkD9AiMSCCM2qw5nrEAJVzUJXT4VpGTchallenge_0008
QmQ1tzZi7PdHKE8VJczfHNgZbGSUp73viuytBoofcTnW1Cchallenge_0009
Qmd1gtTpWCy4LP1eskdF5jD8daGMvMz7oGVajMoKwHKsWAchallenge_0010
Qmbf4UtTzdy3Cz56nXeom2fecB6ngYcryyitiVmYDTB4Zachallenge_0011
QmYzPUEZ8BPjFMXXcPo1WA6zaHERthXLPGAMR8sPrGajA1challenge_0012
QmY7MKhMN8heRK5Nwe5yhraepArWc5YZJCfarae7R9QuR4challenge_0013
Qmepq4FrnagYp31cT7vKuagfF8vgT6RShnRvTr6zMQswkWchallenge_0014
QmcXfTmYMqLF8iVmsD6phfXBke9DBiVecpbDh3TMfQphkGchallenge_0015
Qmdq2k8TJcKmZbVStqfT95fPc9xc3hJFRd2szFMjYDj2kechallenge_0016
Qma9EftTTUy3d1aARcDJVAbSckEPNi54zUaVaWpFSZmgQZchallenge_0017
QmPBEnbatu5FLuM3jhNbDVTVe6UZsLC12E5f6Puwu9q5g6challenge_0018
QmNWQ5Uhh6MzpgMqGgJm25UCTtRhmDtwFBBLhYFaAAo1DSchallenge_0019
QmekMXZsfBi8DRebYXraSa6r8jSAVo6fBBJeLoirdR7j8Nchallenge_0020
QmdkWnwsM3gHt7A8Gxq2JzhawKRuMvHLdxH4aDHPTt7w3Fchallenge_0021
QmXwig4F7QqdDs8cCRHKZbzyUPxi1TVTrghqs2W28bLeUrchallenge_0022
QmWw14WEH7nokJHatEf7WUmqwrJEoAXjq25io39e4AkuStchallenge_0023
QmQbBwhEBEuMBwtLt5NWxmY8AcjFxvELvmBcb5nHRKf8i8challenge_0024
QmQGwrxQ5voS4nTCRNLtb9SNMThxCuViN2xtM7ffDLCzA6challenge_0025
QmQGwsABWrAaZ2uHpV1jTV7ynnG4xx5qD9aDb15u1oY1rLchallenge_0026
Qmc22ur3YbFLtUS8mxSqqLCX39ksZUDr3PWi6wXUmmFKj4challenge_0027
Qmduu6rvGM15TdGnVoW9zGXDYvtsAK1w8KdG5Jbo28Pompchallenge_0028
QmakEigT1NfyjSJ1kkKZCnWGTnHkinU7u4ezc8dJdipMEKchallenge_0029
QmUcSPMVZgUb782zxfSofQvcF66sQbRfb5kWt9kjX61uPhchallenge_0030
QmYivuQ3QwaxZwSqoXWrWiMNdaKQNm96V4mU2VTHZZdjDcchallenge_0031
QmYGPfW1tuJFtBShGKeMbUKuKVe79dAsrjREG1ZceS21Crchallenge_0032
QmU3LoELzGFcMKozE71xZL9gpq2mUnp5qPzE9KaorTfRxjchallenge_0033
QmNwMEu1dLv2XeCqXtVrdiQBVaQFWeNtVP7HdnPP2Xdkfdchallenge_0034
QmcdU9c71mTZGQnUGkkoXTrwtjyoTLPE2qp196VGCVgCuwresponse_0001_weijie
QmPE7QAVRAVdDMMMP9rMbNyhZ8jo9pkZUm5ycRgogsHVADresponse_0002_kobi
QmUcPEstiXAFxYGKxCswXEgky69LvDrCLKamySrugW2Z4iresponse_0003_poma
QmeKL2woTQHoUHpZEu8MKLv6mPdqz9xAwGkdpAAurpAAzVresponse_0004_pepesha
QmQQZYBBbfgGmxLUjcq11bcuUPSQd1JCVkJ3rX8nqGVocUresponse_0005_amrullah
QmS3hMyQ9hworRi27Hkc85eTUXDx6ciw2QzZd8KcUNHb2xresponse_0006_zac
Qmc3yEq5QmckJwaQY8P1qEWSvfBYqCqMzB3q4mHYrZbZEkresponse_0007_youssef
QmQiu9W8nutk8Bkh5yg3aaiCCmYKjbCm48g6B8hWK2KjDwresponse_0008_mike
QmRrkQD44brXuaB9uw4gNvoJ5dHnkS3f2GrEhW9Jtz4Kffresponse_0009_brecht
QmU3Zj589iK67W5pYHMJEiVTzHVCsL9AeGqnBLhq6kU2Wwresponse_0010_vano
QmYtrvaTBn7ro9EBpiaDf4NWMxAKttKXDLww8rP2zbfesHresponse_0011_zhiniang
QmXBJ5d86CJfZzcqSeaqVMuJki8V4wsLsPR5bsSG23QmtCresponse_0012_daniel
QmYSGujwVYCUkQiktdadsC2Dr16EZGstXePhCzHBp6sqL2response_0013_kevin
QmTQ2jJS2rDnZrXXNKM3XcHfWvfJPQy4tAnfKhLThT95YLresponse_0014_weijie
Qme4NoJyfmVqFgUUUounmxtk7C35iXhTCCjroJc4AxrL5Vresponse_0015_anon0
QmaFR9E8sV4o8xijkUwXQdkjS9hHESKPXZ1CerMXTDvvFMresponse_0016_aurel
Qmba1LQXD7gPHzrmjzPpzhX7Xb2oT1k3JQVS9Rqj1taxfpresponse_0017_philip
QmQM5LnyiM4B78k6bA5c1MRDNscG19SBH66A5Txdc8BZ5uresponse_0018_cody
QmZpi6iwSRtBi4HcRAdUMXBVqQAD8RQqat2yz4xtzVDgryresponse_0019_petr
QmWDRdmXy3sWQB6c4hcwBKCdvzCdc6feTJrPyasjRtyyVjresponse_0020_edu
QmTPhwttSdHcafGWnttTaXncT1pVUyjMc7dneNzbvSqcv6response_0021_rf
QmWMFxs6zwocgmGsQQscpaUhAmwkPBjF4nHaXnVNw6pLsPresponse_0022_roman
QmVghB15aA8r4f8kaDGYRPHNtvXpug5xuJy166T5aLjGnwresponse_0023_shomari
QmSNRqBixRjqbaRFxe2G9dV5i7UHiQZLG3y6MQq29CQEJwresponse_0024_vb
QmQzcXktWYsqxeioxyCa6wxQ1FvVoCyDfkAN9TdmmNpdvHresponse_0025_stefan
QmZwshpsydtkRFtV5nuyhzL1yXE5AfacvVmPUNGTyJYYM5response_0026_geoff
QmNeMWxbS7YSEaFEV3X1i3ETsHCyHcsZUQazkTiKZLWGphresponse_0027_alex
QmcwjhjzUe5fWKsY21FJE1GdBFR4bxBvDAQbaLPgrUMAEwresponse_0028_dimitris
QmU285xoCQJD17QovgYf41dri8KsVgr9DoN7uDjYAUDBWuresponse_0029_gustavo
QmR6MjUDhqsqG8ALThdzSH1kSdqHg3VgKDXsRzLTPAVhztresponse_0030_anant
QmdKRFAch8rhuFZ7Z7u5AC6qfXgdfWGhBoR4UNmD5yHfwZresponse_0031_witold
QmVj2pziSXbPjSg6wV8YkAcfybhpYFrqugMJxXwNjhtEDGresponse_0032_josephc
QmXokCVS2u7LUopyBMYAVaUjbMgSRU1uxstoSc85fqwssTresponse_0033_oskar
QmWqCbXs5eFzesJ5bSRu2UNYh1UdyWr16Y49DC3BWp1RiTresponse_0034_igor
QmYMzNLijTut9WYWVcCANc2gBN5Q48jGELgAQatujiXyCMresponse_0035_leonard
QmPZr6aQMKxxj5FYW5cA6oYwE5bNLd8ehatRGXuSBkJehpresponse_0036_stefaan
QmP1zXaVbnhUriMhVGnf55VKaZwffYTPwp3jUMj8P6LE24response_0037_chihcheng
QmZPXXidBBiS1Vtx9sw1dBdy4WT4qaJ9291i5vd7GwGDTfresponse_0038_james
QmQrf3YhCqGN1xWgag6ySxtSMzxaLvWEkm2MZFRzrEU2rkresponse_0039_wanseob
QmTrSs9cd1mky6LzzTucE5YccecLZGWxBe39gNkezN6Jiwresponse_0040_weitang
QmbddejirR8TFVo5yDydmHP8TvTFtEg3CTgnDywxbb6xfzresponse_0041_evan
QmWCHp3YivYKWfQ8FbMKn3wMSNyqawRn7zJUP6mjfmvkJjresponse_0042_vaibhav
QmUfSAM1arv3nB5StxMMk4qBYGFpSNEY2BDgz3dqmaYUQxresponse_0043_albert
Qmbuueqz56RXJNniG2fBHzTodbQ5e5mtjGP7UdpNGNXP7Presponse_0044_yingtong
QmSwjgfGupXdPp9YGkjTkS5HEJqduafTvwc2FGceuXuo7Hresponse_0045_ben
QmcxPbWVX1ZNyeoSmtauPSUr2N7TqHnHLA8XVfFbTvmt8Bresponse_0046_tkorwin
QmWWsdJQn8vW7Wpwz5AhgjT8Hx8Zi1dgrMvdaWY6gh8xkNresponse_0047_saravanan
QmNSKeimtsCALSVS2pTaHzr51LQdiQgAwCcVcDG5QPSNqKresponse_0048_tyler
QmcedV8NzSp9kxbYC7Gwwp3kRd3Gbzztm9fBcfX6uXkHTyresponse_0049_jordi
QmfJA4GxM4g422wVaWiLNMwFvNRK4NhF3ZGguBHSVhakceresponse_0050_weijie
QmPw8XM7jBrykitCuDPb3mW8j4U4fj3LJNnFejjDVSCmKGresponse_0051_joe
QmSQMM6NJwZT5JFnm4sd3gyQsGV17PwsvjqZkWmZ6Aeqr9response_0052_zaki
QmUSyF5fzsteBuTUiHfkepsaQeSaD5Xc84RMUXgygtLSL8response_0053_juan
QmSnaPnTfwLeauYEd5ZDBnUePHh4dzxfnAZnC3wVxrQeJnresponse_0054_jarrad
QmTiquUD89xYTtXq27tyFTVQunLadB8fjWe1pofFz2Dtwsresponse_0055_tyler
QmQR8SmRVNmhR4MJzVUwQpeiR34QgAqswYaX5jPBPFv8T7response_0056_auryn
QmaiWt8rm9VGLrMQhJD6n3RzVffjFSHdyC1ZQaDQUNgBuHresponse_0057_gisli
QmVZ9SMbh3ZSpLK2qtHZkqLDsX2Ac7kz9CeeuvAAz1QMLbresponse_0058_rasikh

Prepared Phase 2 Files

Files have been prepared, ready for use in Phase 2 operations, from contribution 0080. The response file from 0080 was converted to snarkjs .ptau format, had a beacon applied, then prepared for phase 2. Files for each lower power of 2 were extracted from the result. These files are available at the links below.

The complete file with $2^{28}$ powers of tau, in .ptau format, can be found here

Beacon

Randomness for the beacon used the randao_reveal value from slot 7,325,000 of the Ethereum beacon chain. The choice of slot number was announced in advance, as recorded in this transaction

Randao_reveal value: 0xaf941599f6d640b5b4b6116d3ded861b3362a964c390edc270aef45ba17b67148fb3d7ab901a68b1528c9bb3e16721cc000dda5d8466f4aa4a1c8ca9eb57d05e6c2d2e780d6a793df90a1ebd076bb3dd9b7d4075e3e68b36b86c1fb7c4feeded, as per the block summary.

31 iterations were used in calculating the beacon hash.

The beacon file has been saved here

Prepared and Truncated Files

A phase-2-ready .ptau file is available for each power of 2 up to 28. When choosing a file, the best choice is generally the smallest file with a number of points > the number of constraints in the circuit.

DegreeLink to FileNumber of PointsSize
1ppot_0080_01.ptau193kb
2ppot_0080_02.ptau495.6kb
3ppot_0080_03.ptau8100kb
4ppot_0080_04.ptau16109kb
5ppot_0080_05.ptau32127kb
6ppot_0080_06.ptau64163kb
7ppot_0080_07.ptau128235kb
8ppot_0080_08.ptau256379kb
9ppot_0080_09.ptau512667kb
10ppot_0080_10.ptau1,0241.2mb
11ppot_0080_11.ptau2,0482.3mb
12ppot_0080_12.ptau4,0964.6mb
13ppot_0080_13.ptau8,1929.1mb
14ppot_0080_14.ptau16,38418.1mb
15ppot_0080_15.ptau32,76836mb
16ppot_0080_16.ptau65,53672mb
17ppot_0080_17.ptau131,072144mb
18ppot_0080_18.ptau262,144288mb
19ppot_0080_19.ptau524,288576mb
20ppot_0080_20.ptau1,048,5761.1gb
21ppot_0080_21.ptau2,097,1522.3gb
22ppot_0080_22.ptau4,194,3044.5gb
23ppot_0080_23.ptau8,388,6089gb
24ppot_0080_24.ptau16,777,21618gb
25ppot_0080_25.ptau33,554,43236gb
26ppot_0080_26.ptau67,108,86472gb
27ppot_0080_27.ptau134,217,728144gb
28ppot_0080_final.ptau268,435,456288gb

Contribution Procedure

There is a coordinator and multiple participants. The ceremony occurs in sequential rounds. Each participant performs one or more rounds at a time. The coordinator decides the order in which the participants act. There can be an indefinite number of rounds.

The ceremony starts with the coordinator generating an initial challenge file, and publishing it in a publicly accessible repository.

The first participant downloads challenge, runs a computation to produce a response file, and sends it to the coordinator.

The coordinator will then produce a new_challenge file, and publish it along with the response. The next selected participant will then download new_challenge and produce a response, and the process repeats indefinitely.

Whenever a new zk-SNARK project needs to perform a trusted setup, they can pick the latest response, verify the entire chain of challenges and responses up to the selected response, and finally apply a random beacon to it. Next, they can move on to phase 2 of the trusted setup which is circuit-specific and out of scope of phase 1.

To illustrate this process, consider a Coordinator, two participants (Alice and Bob), and a zk-SNARK project author Charlie:

  1. Coordinator generates challenge_0 and publishes it.
  2. Alice generates response_1 and publishes it.
  3. Coordinator generates challenge_1 and publishes it.
  4. Bob generates response_2 and publishes it.
  5. Coordinator generates challenge_2 and publishes it.
  6. Charlie applies the random beacon to challenge_2 to finalise the setup.

The resulting public transcript should contain:

  1. challenge_0
  2. response_1
  3. challenge_1
  4. response_2
  5. challenge_2
  6. The random beacon
  7. The final parameters

The random beacon

Zcash announced on their ceremony mailing list that they would use the hash of a specific Bitcoin block. They made this announcement before the block was mined. See:

https://github.com/ZcashFoundation/powersoftau-attestations/tree/master/0088

A similar process can be used for this ceremony. Note that mining difficulty has grown since 2018, so there is now slightly less entropy per Bitcoin block hash.

The transcript

The transcript can be fully verified as long as it is public and that there are no bugs in the code used to generate challenges and responses.

Participants can choose to be anonymous. If they choose to be publicly known, they should own a GPG keypair whose public key is known to be associated with their real-world identity, socially or via any other means.

Given the above, the transcript should contain all the challenge and response files, and the Blake2b hash of each file.

It should also contain an attestation for each response. This is a text file with:

Additionally, it should contain each participant's GPG signature of their attestation, so as to assure the public that it was generated by the person who had claimed to have done so.

Archiving

The transcript files will generally be saved in an archival storage, i.e. not available for immediate access, but can be made available by request. Such requests will entail a delay while the file is retrieved, and the file will be available for a limited number of days before it returns to archival status.

To raise a retrieval request, please raise an issue in this repo with the names of the files required.

Preserving the Data

We have a network sharing the data via torrents, as an alternative to the S3 bucket. Volunteers to help with this are welcome to participate. See here

Logistics

Each challenge file is about 97G in size and each response file is about 49G. An Azure compute VM (Standard F4s with 4 vcpus and 8GB memory) takes about 24 hours to generate.

The coordinator is using AWS Cloud VMs to generate new_challenge files, and S3 Storage to host challenges and responses.

Each participant can transfer their response to the coordinator via sftp. This process is semi-interactive as it requires either the participant to provide their SSH public key in advance, or the coordinator to send them a private key. Alternatively, they can use any of the following interactive methods:

Instructions for each participant

There are two implementations of the software which you can use to generate a contribution: phase2-bn254 and snarkjs.

You should use snarkjs if you do not mind running the software for 2-3 days. If you have no preference, please decide at random.

To use phase2-bn254, follow the instructions below. To use snarkjs, read this document instead.

First, set up a Linux machine and install Rust and Cargo following instructions here.

Ensure you have the necessary build prerequisites:

sudo apt update && sudo apt install build-essential

Download and compile the required source code:

git clone https://github.com/kobigurk/phase2-bn254.git --branch master && \
cd phase2-bn254/powersoftau && \
cargo build --release

Download the challenge_nnnn file from the coordinator. The filename might be something like challenge_0004. Rename it to challenge:

mv challenge_nnnn challenge

Also check with the coordinator (or this repository) for the expected Blake2b hash of challenge.

Run the computation with challenge in your working directory:

/path/to/phase2-bn254/powersoftau/target/release/compute_constrained challenge response 28 2097152

You will see this prompt:

Will contribute to accumulator for 2^28 powers of tau
In total will generate up to 536870911 powers
Type some random text and press [ENTER] to provide additional entropy...

Make sure that it says 2^28 powers of tau, and then enter random text as prompted. You should try to provide as much entropy as possible from sources which are truly hard to replicate. See below for examples derived from Zcash's own ceremony.

The computation will run for about 24 hours on a fast machine. Please try your best to avoid electronic surveillance or tampering during this time.

When it is done, you will see something like this:

Finishing writing your contribution to `./response`...
Done!

Your contribution has been written to `./response`

The BLAKE2b hash of `./response` is:
        12345678 90123456 78901234 56789012 
        12345678 90123456 78901234 56789012 
        0b5337cd bb05970d 4045a88e 55fe5b1d 
        507f5f0e 5c87d756 85b487ed 89a6fb50 
Thank you for your participation, much appreciated! :)

Upload the response file to the coordinator's server using SFTP or rsync. We will provide you with options and guidance on how to do this.

Your attestation

Finally, document the process you used, following the example here: https://github.com/weijiekoh/perpetualpowersoftau/blob/master/0027_alex_response/alex_attestation.md

We recommend that in your attestation, you include the git commit hash of the phase2-bn254 repository from which you built the binaries.

Sign your attestation with your Keybase account or GPG key and post it to the mailing list. We highly recommend using Keybase instead of GPG as it is easy to make time-consuming mistakes when attempting to publicise and/or share GPG keys.

Signing an attestation with an Ethereum account

If you wish to sign your attestation using an Ethereum account instead of GPG, please SHA256 hash your attestation and use an account publicly associated with your identity and store it in this Notary contract using the register(bytes32 _hash) function. Send the transaction hash to the coordinator, who will include it in the transcript.

This Notary contract is simply:

pragma solidity 0.5.11;

contract Notary {
    mapping (bytes32 => bool) public hashes ;
    
    function register(bytes32 _hash) public {
        hashes[_hash] = true;
    }
    
    function check(bytes32 _hash) public view returns (bool) {
        return hashes[_hash];
    }
}

Examples of entropy sources

  1. /dev/urandom from one or more devices
  2. The most recent Bitcoin block hash
  3. Randomly mashing keys on the keyboard
  4. Asking random people on the street for numbers
  5. Geiger readings of radioactive material. e.g. a radioactive object, which can be anything from a banana to a Chernobyl fragment.
  6. Environmental data (e.g. the weather, seismic activity, or readings from the sun)

Note on Chain Fork

The chain of contributions now has two forks, branching after contribution number 0058. This choice has been made for the reasons outlined below.

Contributions from 0001 to 0077 form the first branch. Contribution 0078 chains from 0058, and this second branch is the one to be continued for future contributions.

We have a complete set of data available for the second branch. This is not the case for the first branch. Data, including public keys, for some of the contributions (0059 to 0071) are no longer available.

The discontinued fork remains valid. Contribution 0077 has the longest chain of contributions, and may be used in phase 2 setups. The chain of hashes can be confirmed by referring to the contribution details stored in this repository. However, a stronger cryptographic verification requires a continuous and complete chain of public keys in addition to the contribution hashes. Such data is embedded in .ptau files, as used by snarkjs. A snarkjs powersoftau verify command will cryptographically validate the full chain of public keys. Thus, it is not possible for us to generate fully-compatible .ptau files from 0077 or its immediate predecessors.

We have a complete history of public keys up to 0058, and for the branch continuing from there with 0078. We will, from time to time, publish .ptau files from this branch.

Note also that links referred to files in ppot.blob.core.windows.net bucket are no longer working. Some of these files are available on either IPFS or S3 high-availability, or S3 Glacier (available only by request).

Contribution details for the discontinued fork are recorded here