How do trusted setups work?

178 views

I am trying to understand Vitalik’s article on trusted setups. It is published here: [https://vitalik.ca/general/2022/03/14/trustedsetup.html](https://vitalik.ca/general/2022/03/14/trustedsetup.html)

However, it is too technical and can’t grasp it. Appreciate if someone could it.

In: 0

2 Answers

Anonymous 0 Comments

If you want insight past what the first two blocks of text offer, i don’t think it can be ELI5’d, as it’s about the math of it. The general idea is to have an encryption algorithm such that you can achieve the encryption capabilities of IPA, but with a significantly quicker way to verify that the committed data is valid. Instead of using random quotients in the polynomial, like IPA does, this setup uses a known relationship between them, which makes the calculation way simpler when you try to verify whether it’s valid.

By way of analogy, consider how credit card numbers are validated. If someone gives you a credit card number, you can very quickly add all the numbers together, and if the sum is not wholly divisible by 10 – you know that’s not a valid number. If that check passes, you can check the first 2 digits and see if they correspond to one of the major companies. If that check passes, you can check the next 4 and see if they correspond to a valid issuer, etc.

If credit cards were just randomly issued sets of 16 digits, you couldn’t do that. Think of that as the IPA model. And the trusted setup is the existing credit card model, where relationships between the digits are known for ease of validation.

Anonymous 0 Comments

If you want insight past what the first two blocks of text offer, i don’t think it can be ELI5’d, as it’s about the math of it. The general idea is to have an encryption algorithm such that you can achieve the encryption capabilities of IPA, but with a significantly quicker way to verify that the committed data is valid. Instead of using random quotients in the polynomial, like IPA does, this setup uses a known relationship between them, which makes the calculation way simpler when you try to verify whether it’s valid.

By way of analogy, consider how credit card numbers are validated. If someone gives you a credit card number, you can very quickly add all the numbers together, and if the sum is not wholly divisible by 10 – you know that’s not a valid number. If that check passes, you can check the first 2 digits and see if they correspond to one of the major companies. If that check passes, you can check the next 4 and see if they correspond to a valid issuer, etc.

If credit cards were just randomly issued sets of 16 digits, you couldn’t do that. Think of that as the IPA model. And the trusted setup is the existing credit card model, where relationships between the digits are known for ease of validation.