## TL;DR This is basically a question of where the boundary between individuals verifying and client teams implementing lies. How much work should be required to verify that client teams correctly put the output of the ceremony into the clients? Do we need everyone to verify the exact file gets included in clients, or are we ok having only some people do it and anyone can check at any time. ## Desiderata - PoT output in Lagrange form for ingestion into KZG libs - People have verified that their contribution was legitimately included. - People have verified that the final output file is correct ## Things to verify: - The Powers are actually powers - Your contribution is in there - Your Eth account signed the contribution - The BLS signatures check out - The contributions after yours: - Are not `0` - build on top of one another ## Option 1 - everyone verifies & everyone does Lagrange form User performs all of the above checks as well as does the calculation to verify ceremony is correctly output into Lagrange form (it verifies the output file that will be put directly into clients). The downside is that we need the Lagrange calculations to be implemented in a way that can be computed on the web. (Similar work to getting the original crypto done in the ceremony) ## Option 2 - everyone verifies & "community" does Lagrange calculation User performs all of the above checks which guarantees that their contribution was included correctly and that the sequencer didn't rug them. This requires some minor modifications to the functions we already have implemented but does require we implement/expose pairings. The level of compute required is a little worse than what was required to do the initial contribution. The only real way users could be rugged is by the client teams & the community if they do the Lagrange calc incorrectly, but this is verifiable at any point, so if users have suspicions, they can always check. ## Option 3 - everyone partially verifies & some do Lagrange calculation Users only verify that their address is included and that their ECDSA (normal Ethereum) signatures are correct. (And that there are no 0 contributions.) This can be done pretty much instantly and requires almost nothing new to be implemented beyond a simple one-page website. (POAPs would be the hardest part.) The rug potential here is largely the same as `Option 2` above as client devs are the only real ones who can rug, users can always verify themselves and anyone in the community could blow the whistle. ## Option 4 - some verify & some do Lagrange calculation Only those who choose to verify anything. This is how all previous ceremonies have gone so far. The major downside is that you trust the sequencer to have included your contribution and unless you saved the receipt from the sequencer after you contributed, you couldn't prove sequencer fraud. ## The comparison in a table | | What individual verifies | Who does Lagrange calc | How user can be tricked | What needs to be implemented in the website | |----------|--------------------------|------------------------|-----------------------------------------------------|------------------------------------| | Option 1 | Everything | User | CL & EL Clients could rug | Lagrange in web + BLS verification | | Option 2 | Everything | "Community" | Above plus "community" does Lagrange calc correctly | BLS Pairings | | Option 3 | Their inclusion | "Community" | Same as above | Text checks and 1 ECDSA sig (trivial) | | Option 4 | Nothing | "Community" | Sequencer could delete their contribution | 0 | ## Proposed choice I think we should go with `Option 3` as it makes users verify that they were included (something only they can really do as they know whether they contributed) and trusts client teams (and anyone else who'd like to check themselves) to do the _right thing (tm)_, which is basically where we currently draw the line of trust between the community and client teams already.
Last changed by  
tvanepps
216

Read more

kzg special contributions

The Cryptosat team kicked off the Special Contribution period with a contribution from space aboard their Crypto 2 satellite. Read about what they did and how on their blog.

7/26/2023
Announcing the KZG Ceremony

High fees have made life difficult for travelers through these Dark Forests. The Pools of Mem once clouded, now clarified by the filter of 1559, reveal that they are not deep enough to sustain. Legends tell of a society flourishing under the abundance brought about by DankShard, of giant Roll-Ups subsisting on fields of nourishing Data Blobs, each supporting their own fractal nutrient layers. To summon DankShard, our guides point us to a Ceremony. All members of the Lands of Ether and abroad are encouraged to contribute. Each will add their unique contribution to the collective and in doing so, illuminate the path forward. Overview The KZG Ceremony is a coordinated public ritual which will provide a cryptographic foundation for Ethereum scaling efforts like EIP-4844 (aka proto-danksharding). These types of events are also known as "Trusted Setups," famously used by Zcash to bootstrap the chain's privacy features. However, they can also be used to support scaling mechanisms, as Ethereum plans to do. Proto-danksharding requires a new cryptographic scheme: KZG Commitments. will generate a structured reference string (SRS) which is needed for the commitments to work. An SRS is secure as long as one participant in the ceremony successfully conceals their secret.

4/16/2023
KZG Special Contribution Info

Join the Grantee telegram chat here Book your Special Contribution slot here This document outlines a number of points which may help steer your Special Contribution. If you have a question not addressed here, please join the telegram channel above and share it! 👩‍🔬 Special Contributions differ from regular contributions in that you may only login if your address has been whitelisted and only during your contribution slot and that you will have a dedicated 4 hour slot to do you contribution. This means, no waiting in the lobby and that you can take (up to) the full 4 hours to complete your contribution. If for some reason you miss your chosen slot, please reach out to Carl or Trent ASAP. 👩‍💻 We recommend the client from either Ignacio (client, docs) or Patricio (client, docs). Both allow for offline contributions which use local files as input and output, instead of networked response to the Sequencer Server. This is the method many of you will be using for your contribution.

3/9/2023
Untitled

After many years of work, full Proof of Stake is finally on our doorstep. While many have talked about the significance of the moment, we think it's best to hear directly from the builders behind it. Merge Manual is a collection of perspectives from 60+ core Ethereum contributors, including client developers, researchers and coordinators from 18 different teams. Note that this is a subset of the whole - not every contributor submitted a response. Responses were collected in August and September 2022 in the weeks leading up to the Merge itself; the anticipation is apparent in the submissions! We hope you enjoy these snapshots of sentiment leading into the biggest Ethereum event since the Genesis block in 2015. Thank you for reading and being part of the Ethereum story. We're releasing this in advance of New Home of the Heart, an NFT exhibition and sale which celebrates the Merge and its builders. Proceeds are split between the artists and the Protocol Guild, a collective of 119 core Ethereum contributors. We hope you will join us for the opening of the exhibition on Sept 12. → Sign up to be notified of the exhibition opening or follow the organizers: SW & JPG. Merge Manual builds on Stateful Works' goal of creating cultural artifacts for the Ethereum community through projects like the Beacon Book and 1559 NFT Collection.

9/8/2022
Read more from tvanepps
Published on HackMD