HomeCoinsZcash (ZEC)Halo’s contribution goes beyond efficiency

Halo’s contribution goes beyond efficiency

- Advertisement -


Recently the Anoma team posted benchmarks of zero-knowledge proofs. Zcash Halo is one of the zero-knowledge proofs being benchmarked, and we wanted to take an opportunity to share why Halo is even better than these initial benchmarks indicate.

Halo, if you’re not familiar, is a trustless, recursive zero-knowledge proof (ZKP) discovered by Sean Bowe at Electric Coin Co. and was implemented in Zcash earlier this year. It eliminates the trusted setup (that’s huge!) and allows greater scalability (also huge!).

Within the Anoma evaluation, a small task was posed for the proof: proving and verifying a 3×3 Sudoku puzzle solution. The results showed that Halo was very efficient. It generated proofs within this program in less than 1/10th of a second and verified proofs in around 3 milliseconds. 

Halo’s contribution goes beyond efficiencyHalo’s contribution goes beyond efficiency

But when compared to other attributes of Halo, this efficiency might not even be what devs find most important when building out a ZKP tool. Halo stands out for three additional reasons:

  1. Trustlessness — no “trusted setup”
  2. Recursive — more about that superpower below
  3. Extremely well-engineered for security and performance

Let’s dive into what each of these mean:

Halo is Trustless

When Zcash launched in 2016, its zero-knowledge proofs required a setup phase to produce public parameters that allowed users to construct and verify private transactions.

As our friend Vitalik Buterin explains, “A trusted setup ceremony is a procedure that is done once to generate a piece of data that must then be used every time some cryptographic protocol is run. Generating this data requires some secret information; the ‘trust’ comes from the fact that some person or some group of people has to generate these secrets, use them to generate the data, and then publish the data and forget the secrets.” 

After the setup phase, these secrets had to be destroyed to prevent counterfeiting of Zcash. (There’s a great Radiolab episode about the first Zcash trusted setup ceremony.)

But Halo has no trusted setup. Halo eliminates the risk of ceremony compromise, increasing confidence in the soundness of the entire system.

Eliminating trusted setup also allows for greater protocol agility. New zero-knowledge protocols can be designed and deployed without requiring another run of the complex and dangerous trusted setup ceremony.

Most of the current generation of zero-knowledge projects rely on trusted setup, because trusted-setup ZKPs are super efficient, and because efficient-enough trustless ZKPs (like Halo) hadn’t been developed yet when those projects started a few years ago.

We’re betting that eventually most of the world will switch to trustless ZKPs and trusted setups will become a footnote of history.

Halo is Recursive

Halo is recursive. That’s a technical term, but what it basically means is that it is scalable — you can use Halo to prove facts about arbitrarily complex programs and arbitrarily big data sets.

Halo’s recursive attributes allow for more scalable ZKP applications, and it’s also general purpose. This means that you can use Halo for any and all ZKP applications.

Halo supporting recursion also means that independent, mutually distrusting parties can cooperate to prove facts about their whole combined data set without sharing their private data with each other and without being vulnerable to the other participants cheating. That is a really interesting and never-before-seen capability. We’re  looking forward to seeing what people do with it!

Historical note: Halo was the first zero-knowledge proof system ever discovered that is both trustless and recursive.

Halo is Secure and Efficient

We engineered Halo for industry-leading security and performance. Unlike other next-generation zero-knowledge proof systems, Halo 2 comes with a proof of its security. Writing a proof of security is a difficult and time-consuming process that most cryptographic engineers skip, but it gives greater assurance that the cryptography works as intended.

The flagship implementation of the Halo algorithm is maintained by the legendary cryptographic engineering team at The Electric Coin Co — the team whose pioneering work is the basis of more or less all zero-knowledge proof technology in use today.

Our Halo implementation has been audited by multiple independent experts, and it is live on Zcash mainnet, protecting Zcash users and ZEC holders. 

Our Halo 2 implementation (an improved edition of Halo) is open-sourced under Apache/MIT, and is free to use. This means anyone can use it for any purpose without requiring our — or anyone’s — permission.

Here’s a list of the projects that are already using Halo:

Learn more

Thanks for reading this short piece on Halo! If you’re a developer looking to use zero-knowledge proofs, you should consider using Zcash Halo as your first choice. Have any questions around Halo’s advantages? Join the conversation here.





Source link

- Advertisement -
Mr Bitcointe
Mr Bitcointehttps://www.bitcointe.com/
“Fact You Need To Know About Cryptocurrency - The first Bitcoin purchase was for pizza.” ― Mohsin Jameel
462FansLike
76FollowersFollow
4,567FollowersFollow
5,261FollowersFollow
1,580FollowersFollow
2,230SubscribersSubscribe

Most Popular

bitcoin
Bitcoin (BTC) $ 23,444.28
ethereum
Ethereum (ETH) $ 1,666.32
tether
Tether (USDT) $ 0.999966
bitcoin-cash
Bitcoin Cash (BCH) $ 137.66
litecoin
Litecoin (LTC) $ 100.20
eos
EOS (EOS) $ 1.10
okb
OKB (OKB) $ 41.07
tezos
Tezos (XTZ) $ 1.14
leo-token
LEO Token (LEO) $ 3.39
cardano
Cardano (ADA) $ 0.405253
monero
Monero (XMR) $ 171.46
stellar
Stellar (XLM) $ 0.09283
chainlink
Chainlink (LINK) $ 7.29
huobi-token
Huobi (HT) $ 5.75
tron
TRON (TRX) $ 0.064141
usd-coin
USD Coin (USDC) $ 0.999513
dash
Dash (DASH) $ 62.97
neo
NEO (NEO) $ 8.94
iota
IOTA (MIOTA) $ 0.237464
nem
NEM (XEM) $ 0.040686
zcash
Zcash (ZEC) $ 46.95
maker
Maker (MKR) $ 698.79
paxos-standard
Pax Dollar (USDP) $ 0.992483
ethereum-classic
Ethereum Classic (ETC) $ 23.19
vechain
VeChain (VET) $ 0.024804
true-usd
TrueUSD (TUSD) $ 1.00
kucoin-shares
KuCoin (KCS) $ 8.75
waves
Waves (WAVES) $ 2.91