Paper 2025/064

SoK: Trusted setups for powers-of-tau strings

Faxing Wang, University of Melbourne
Shaanan Cohney, University of Melbourne
Joseph Bonneau, New York University/a16z crypto research
Abstract

Many cryptographic protocols rely upon an initial \emph{trusted setup} to generate public parameters. While the concept is decades old, trusted setups have gained prominence with the advent of blockchain applications utilizing zero-knowledge succinct non-interactive arguments of knowledge (zk-SNARKs), many of which rely on a ``powers-of-tau'' setup. Because such setups feature a dangerous trapdoor which undermines security if leaked, multiparty protocols are used to prevent the trapdoor from being known by any one party. Practical setups utilize an elaborate public ceremony to build confidence that the setup was not subverted. In this paper, we aim to systematize existing knowledge on trusted setups, drawing the distinction between setup \emph{protocols} and \emph{ceremonies}, and shed light on the different features of various approaches. We establish a taxonomy of protocols and evaluate real-world ceremonies based on their design principles, strengths, and weaknesses.

Metadata
Available format(s)
PDF
Category
Applications
Publication info
Published elsewhere. FC25
Keywords
Trusted SetupsZKSNARKs
Contact author(s)
faxing wang @ student unimelb edu au
shaanan @ gmail com
jbonneau @ gmail com
History
2025-01-17: approved
2025-01-16: received
See all versions
Short URL
https://ia.cr/2025/064
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2025/064,
      author = {Faxing Wang and Shaanan Cohney and Joseph Bonneau},
      title = {{SoK}: Trusted setups for powers-of-tau strings},
      howpublished = {Cryptology {ePrint} Archive, Paper 2025/064},
      year = {2025},
      url = {https://eprint.iacr.org/2025/064}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.