Halo: Recursive Proof Composition without a Trusted Setup(Halo:无需信任设定的递归凭证组合)

Halo: Recursive Proof Composition without a Trusted Setup(Halo:无需信任设定的递归凭证组合)

0. Description(简介)

origin from:Halo: Recursive Proof Composition without a Trusted Setup - Electric Coin Company

Sean Bowe, an engineer and cryptographer at Electric Coin Company (ECC), has discovered a technique for creating practical, scalable and trustless cryptographic proving systems, ending an almost decade-long pursuit by the cryptography community.
It’s called Halo. A paper authored by ECC employees Sean Bowe, Daira Hopwood and Jack Grigg is available here. An implementation that recursively demonstrates the proof-of-work of a Bitcoin block hash is also under development.
Sean Bowe,ECC 团队的工程师和密码学家, 发现了用于创建实用的、可扩展的、无需信任的密码学证明系统的一种技术,了了密码学社区长达几十年之久的夙愿。
那就是Halo。可以点击上述链接查看这份经ECC团队成员Sean Bowe, Daira Hopwood and Jack Grigg等三人授权的白皮书。递归演示比特币块哈希的POW的实现也正在开发中。

1.Halo achieves practical zero-knowledge recursive proof composition without the need for a trusted setup.(Halo 实现了实用的、无需信任设定的、零知识递归凭证组合)

Recursive proof composition holds the potential for compressing unlimited amounts of computation, creating auditable distributed systems, building highly scalable blockchains and protecting privacy for all of humanity. The concept is a proof that verifies the correctness of another instance of itself, allowing any amount of computational effort and data to produce a short proof that can be checked quickly.

Sean’s discovery involves “nested amortization”— repeatedly collapsing multiple instances of hard problems together over cycles of elliptic curves so that computational proofs can be used to reason about themselves efficiently, which eliminates the need for a trusted setup.

Trusted setups are difficult to coordinate, present a systemic risk, and must be repeated for each major protocol upgrade. Removing them presents a substantial improvement in safety for upgradeable protocols.
Nested proof composition may turn out to be an essential technique for scalable consensus mechanisms.
信任设定是很难作协的,这就存在一个系统性风险,每次大的协议级别的更新都需要重新做一次信任设定。 移除信任设定的依赖实质上的提升了可更新协议的安全性。 内嵌凭证组合可能成为可扩展共识机制的必不可少的技术。

Halo is a result of ECC’s strategic focus on improving safety and Layer 1 scalability for Zcash, announced at Zcon1 earlier this year. ECC is exploring the use of Halo for Zcash to both eliminate trusted setup and to scale Zcash at Layer 1 using nested proof composition.
在今年早期于Zcon1大会上宣布Halo是ECC团队战略聚焦于提升 Zcash安全性和一层网络扩展性的成果。
ECC 团队正在探索在zcash 使用 halo 处理两个方面的问题:移除信任设定、使用内嵌凭证组合处理zcash一层网络扩容。

As with our previous scientific discoveries that were funded by the Zcash community, we are making Halo freely available to everyone in the world. Both the paper and the prototype implementation are available under an open source license. There is no patent or other restrictions to its use.
由于我们之前的科学发现都是靠Zcash社区资助的, 因此我们正将Halo公开给全世界所有人自由使用。 包括白皮书和原型实现都包含在一个开源许可中。 没有专利,也没有任何使用上的限制。

2. Halo and the Implications for a Decentralized Internet(Halo对去中心化网络的意义)

Cryptography is traditionally viewed as the science for encrypting and decrypting messages. We often think of it as a protective measure that preserves privacy and ensures security against adversaries, and that is true. Among its uses, encryption is necessary for interactions on the web. It is crucial to protect people from bad actors, businesses from competitors, and nation states from foreign powers. But the promise of cryptography is also more than encrypting messages.

传统上大家认为密码学就是一个加密和解密信息的科学。 大家常常认为这是一个保护隐私,防止敌手的保护性措施,那这也没错。 但是除了这些应用场景外, 网络交互的加密也是必不可少的。 这是一项保护我们免于受到敌对分子、商业竞争对手,国家外部势力等的伤害的核心技术。 但是密码学的使命也绝不仅仅限于信息加密。

Zero-knowledge proofs were envisioned by cryptographers and mathematicians in the mid 1980s as a means to prove a fact is true, without revealing anything about the fact itself. Their discovery was profiled in the New York Times in 1987. From the article:
“… [zero-knowledge proofs] may also hold the power to transform the many aspects of modern life where processes of identification are subject to abuse, from everyday financial transactions to encounters between enemy aircraft. … Although zero-knowledge proof began as an abstraction, computer scientists quickly realized its applicability to many everyday uses of secrecy. The issue arises whenever someone tears up credit-card carbons, looks over his shoulder while signing onto a computer or worries about the photocopying of a passport left with a hotel concierge.”
零知识证明技术被密码学家和数学家们于1980年代中期寄希望于作为一个方式证明某个事实是真的,但是又不需要公开揭露关于事实的任何信息。 这个发现于 1987 年公布在纽约时报上。 文章中讲到:
零知识证明技术兴许拥有变革许多现代生活中涉及到身份识别处理过程而被滥用的问题的潜力, 从每天的金融交易到敌机相遇等情况。 即使零知识证明技术开始于一个抽象假设, 计算机科学家很快的意识到它在日常隐私方面的应用性。 每当某个人撕毁信用卡碳粉、在登录计算机时转头向后、或者担心自己的护照被酒店前台留了副本,这些都是这个技术的应用场景。

It took some time for the practical application of zero-knowledge proofs to be realized in the physical world. Almost 30 years later, a form of zero-knowledge proofs named zk-SNARKs were introduced in Zcash by ECC, as a means to protect users’ financial privacy. Since that time, many other projects have built upon ECC’s work.
将零知识证明的实际应用实现在现实物理世界中需要一些时间。几乎过了三十年, 一种被命名为ZK-SNARKS 的零知识证明技术由ECC团队引入到Zcash中,作为一种保护用户财务隐私的手段。 从那时起,许多其他项目都基于ECC团队的成果构建项目。

ECC CEO Zooko Wilcox recently gave a talk to regulators and law enforcement at an a16z conference. In it he provided a simple “live-action” demo of zero-knowledge proofs and set the stage for how else they might be applied. That presentation and demo is available here.
ECC 公司的 CEO zooko Wilcox 最近在 A16Z 会议上和监管机构及相关执法人士有一次对话,在这个对话中。在这个对话中,他提供了一个零知识证明的简单“实时”演示,并为其他方法的应用奠定了基础。这次演示和示例可以在这个链接中看到。

3. Beyond Encryption and into the Internet (不止于互联网加密)

There are very important additional benefits to the widespread use of zero-knowledge proofs, and these benefits may prove to be the very foundation of a new, decentralized internet.
The issues plaguing the internet today won’t be solved by the existing web architecture. It requires highly scalable, decentralized, interoperable and secure platforms. This architecture is in its infancy. It’s not generally secure, interoperable or scalable.
困扰当今互联网的问题不会由现存的网络基础设施所解决。 这需要一个更高扩展性的、去中心化的、可交互操作的、安全的平台。这个底层设施正处于婴儿期。它不是通常意义上的安全的,可交互操作的或可扩展的。

Public blockchains such as Bitcoin and Ethereum are open, with transaction details and counterparty information continually leaking out into the web. They can’t currently comply with GDPR, California Consumer Privacy Act or a host of other impending regulations that will be enacted to protect consumer privacy.
公开的区块链比如比特币和以太坊链都是公开的,包含着交易细节以及交易对手方信息的交易持续不断的暴露在网络上。 他们当前不能遵守 GDPR、加利福尼亚消费者隐私行为法、或者其他的即将颁布的用于保护消费者隐私的法律。

The next generation internet must shield users from a host of actors including advertisers, hackers, foreign state actors, future employers, etc. And the data must be distributed to eliminate single points of exploitation. Centralized databases will always be at risk of hacks as we’ve witnessed with Equifax, the US Government, Target, Marriott, Facebook, Capital One, and others.
同时数据必须是足够分布式,以免除单点利用。 正如我们在 Equifax、美国政府,Target, Marriott,Facebook,Caption One及其他机构上看到的那样, 中心化的数据库将始终面临被黑客入侵的风险。

It must natively support interoperability with common standards for information and functional sharing, without disclosing more than is necessary between systems, whether its a credit score or health information in support of acquiring insurance.
And, of course, the internet must scale. Today, public blockchains do not. Blockchains such as Bitcoin can only handle seven transactions per second. Second layer solutions may be useful, but they don’t help scale up the number of users a blockchain can support. To reach almost everyone the way the internet reaches almost everyone, blockchains must scale at the base layer (Layer 1).
这必须原生的支持以通用标准进行信息交互和功能共享,且无需在系统之间暴露非必要信息,无论是信用积分或者获得保险所需的健康信息等场景下。当然,互联网也必须扩展。 而现阶段的公链们并没有这样做。 区块链比如比特币网络目前每秒只能处理7笔交易。 二层网络的解决方案可能有用,但是他无法扩容到超过当前区块链所能支持的用户上限 。 要想做到像互联网连接所有人那样,区块链必须在基础层进行扩展(即一层网络)。

Halo might prove to be an important building block as a solution to support scalable, secure, privacy-protecting blockchains through the use of practical recursive zero-knowledge proofs. This is good for Zcash. But it is also good for the entire fabric of a decentralized internet, as humanity builds highly scalable and secure systems that respect user sovereignty, protect privacy and ensure economic freedom and opportunity for all people.
通过使用实用的递归零知识证明技术,Halo可能被证明是作为构建支持可扩展,安全,保护隐私的区块链的解决方案的重要组成部分。这对 Zcash 来说是个好事情。同时他对整个去中心化网络组织都是有好处的, 帮助人类构建高可扩展性的、安全的、尊崇用户至上的、隐私保护的、确保经济自由的、所有人机会均等的系统。

1 Like