Panther Protocol Trusted Setup Ceremony

Overview

This repository manages a trusted setup ceremony for a zero-knowledge circuit. Each participant contributes randomness to ensure that no single person knows the "toxic waste" that could compromise the system's security.

The ceremony is sequential - each participant builds upon the previous contribution. This approach ensures the security of the final parameters as long as at least one participant is honest.

Time Requirements

• Preparation time: ~5-15 minutes to set up your environment
• Contribution time: ~5-10 minutes of uninterrupted time when it's your turn
• Availability: You should be responsive in the communication channel during your turn to avoid delays for other participants

Prerequisites

• Docker installed on your system
• Git for cloning the repository
• Git LFS (Large File Storage) for handling large files
• Familiarity with running commands from the command line

Installing Git LFS

1. Download and install Git LFS from git-lfs.github.com
2. Set up Git LFS for your user account:

   git lfs install

This repository uses Git LFS to manage large files generated during the ceremony. Without Git LFS, you won't be able to properly clone or contribute to the repository.

Security Recommendations

For maximum security of the ceremony, we recommend:

• Use a freshly installed operating system
• Disconnect from the internet after downloading the necessary files
• Use a computer with a hardware random number generator
• Securely delete or physically destroy storage media after participating

However, any contribution is valuable and appreciated, even if it doesn't follow all these recommendations.

Participation Process

1. Fork and Clone the Repository

1. Fork this repository to your GitHub account

2. Clone your forked repository:

   • Recommended: Clone without full history (shallow clone)
     This method is faster and minimizes network traffic:

     git clone --depth 1 https://github.com/<Your-GitHub-Username>/trusted-setup-ceremony.git
     cd trusted-setup-ceremony

     Note: The --depth 1 flag fetches only the latest snapshot of the repository without full commit history.

   • Alternative: Clone with full history
     If you need the complete commit history, use the following:

     git clone https://github.com/<Your-GitHub-Username>/trusted-setup-ceremony.git
     cd trusted-setup-ceremony

     Warning: Cloning with full history may take more time and use significant network bandwidth.

3. Pull Large Files for the Latest Contribution

   This repository uses Git LFS to manage large files. Pulling all large files at once, rather than just the ones needed for your contribution, may exceed the GitHub bandwidth limits and significantly slow down the process. To avoid this, fetch only the large files required for the latest contribution:

   git lfs pull -I "$(ls -d ./contributions/* | sort -V | tail -n 1)/*.zkey"

   This command identifies the folder with the largest number in its name under ./contributions/ (names of folders with contributions there starts with numbers) and pulls only the *.zkey files (large files) from that folder.

2. Contribute to the Ceremony

Choose one of the following methods to contribute:

Option A: Using Pre-built Docker Image

docker run --rm -it -v $(pwd)/contributions:/app/contributions --user $(id -u):$(id -g) pantherprotocol/trusted-setup-ceremony:latest contribute

Option B: Build Docker Image Yourself (Recommended)

docker build -t trusted-setup-ceremony .
docker run --rm -it -v $(pwd)/contributions:/app/contributions --user $(id -u):$(id -g) trusted-setup-ceremony contribute

Option C: Using Node.js Directly

npm install
npm run contribute

3. Follow the Interactive Prompts

During the contribution process, you will be asked to:

• Enter your GitHub username
• Provide random entropy (by typing randomly on your keyboard)
• Wait for the process to complete, which will create a new folder with your contribution and attestation

4. Verify Your Contribution (THIS STEP IS NOT WORKING YET)

After contributing, verify that your contribution was processed correctly:

Option A: Using Pre-built Docker Image

docker run --rm -it -v $(pwd)/contributions:/app/contributions --user $(id -u):$(id -g) pantherprotocol/trusted-setup-ceremony:latest verify

Option B: Build Docker Image Yourself (Recommended)

docker build -t trusted-setup-ceremony .
docker run --rm -it -v $(pwd)/contributions:/app/contributions --user $(id -u):$(id -g) verify

Option C: Using Node.js Directly

npm install
npm run verify

5. Submit Your Contribution

Commit and push your changes to your forked repository.

Please commit *.zkey files separately from other files. This approach allows the coordinator to manage two branches effectively:

• The master branch, which contains only the zkey files from the latest contribution to minimize network bandwidth usage.
• The complete branch, which keeps all files from every contribution, enabling full auditability and verification of the entire ceremony.

By separating zkey files into their own commits, the coordinator can easily synchronize these branches, ensuring efficient bandwidth usage without compromising the ability to verify the entire process.

git add ./contributions/**/*.zkey
git commit -m "Add contribution from YOUR_GITHUB_USERNAME (1/2)"
git add .
git commit -m "Add contribution from YOUR_GITHUB_USERNAME (2/2)"
git push origin main

Then create a pull request to merge your contribution back to the main repository.

Troubleshooting

Network Connectivity Issues

If you encounter issues with the contribution process:

1. Ensure your firewall allows the required connections
2. If using a NAT router, consider enabling UPnP or setting up port forwarding
3. Try the alternative contribution methods listed in section 2

Contingency Plans for File Sharing

If the standard contribution method fails, you can try:

1. Submitting a PR with your contribution files
2. Uploading files to cloud storage (Google Drive, Dropbox) and sharing the link
3. Using a secure file transfer tool like Magic-Wormhole

Platform-Specific Instructions

Linux and macOS

The commands shown above work as-is on Linux and macOS systems.

Windows

On Windows, use one of these command formats:

PowerShell:

docker run --rm -it -v ${PWD}/contributions:/app/contributions pantherprotocol/trusted-setup-ceremony contribute

Command Prompt:

docker run --rm -it -v %cd%/contributions:/app/contributions pantherprotocol/trusted-setup-ceremony contribute

If you encounter path issues, use absolute paths:

docker run --rm -it -v C:\full\path\to\trusted-setup-contrubutions:/app/contributions pantherprotocol/trusted-setup-ceremony contribute

Technical Details

Docker Image Information

The official ceremony Docker image is available on Docker Hub:

docker pull pantherprotocol/trusted-setup-ceremony:latest

You can use a specific version by replacing :latest with a version tag like :0.1.

Understanding Docker Commands

• -v $(pwd)/contributions:/app/contributions mounts the contributions folder in your current directory to the container
• --user $(id -u):$(id -g) ensures the container runs processes with the same user (UID) and group (GID) as the current local user, preventing permission issues when writing to mounted volumes
• -it enables interactive input required for the contribution
• --rm removes the container after execution
• The Docker image supports both AMD64 (x86_64) and ARM64 architectures

For Coordinators Only

If you are coordinating the ceremony:

1. Initialize the repository by copying r1cs and zkey files to the 0000_initial folder
2. Push this initial setup to the repository