[zapps-wg] Powers of Tau Ceremony Proposal
Eran Tromer
tromer at cs.tau.ac.il
Wed Nov 8 19:42:56 EST 2017
Superb work, Ariel, Ian, Sean!
I agree with Andrew's suggestion below. Specifically:
The process of adding nodes can be ad hoc. But consider using a public
archived mailing list, in case someone later complains that they asked
to participate but were "maliciously and and suspiciously excluded".
In the interest of transparency, public perception, and dealing with
rollback attacks, I advocate for publicly posting and timestamping the
Powers of Tau transcript on ongoing basis, in real time.
I also hope to see tools that verify the transcript on the fly, to
assure everyone that everything is going as planned during the weeks(?)
over which the ceremony proceeds. Don't discount that warm fuzzy feeling
of knowing that anyone out there can check the ongoing process and make
sure all is fine, without trusting the coordinator to report failures at
some future time.
To address the excellent point Sean raises on auditability, any code
implementing the above should be clearly separated from the "trusted
computing base" of Sean's existing code (say, a different Git repo).
Eran
On 2017-11-08 18:51, Andrew Miller via zapps-wg wrote:
> Thanks Sean!
>
> My idea is to use an ad hoc and publicly visible process. "Get in
> contact with [sean]" could be as simple as posting in public to this
> thread. Unless we're overrun by trolls, a public mailing list can be
> an informal way to agree on who goes next. Whoever posts and says "Me,
> me! I'd like to go next", should, by convention, go next. Any
> aberrations (parties taking too long or dropping out, posting invalid
> data, etc., can be dealt with as needed).
>
> I believe it's also the case that
> a) The "response" file from each person is roughly the same as the
> "challenge" file for the next participant, and
> b) The response/challenge files are safe to be published at any time,
> not private at all.
> So, by convention, we should post the hashes of those files here right
> away, and make a best effort to mirror them publicly (each one is like
> a gigabyte, I think).
More information about the zapps-wg
mailing list