zecfoundation
/
powersoftau-attestations
mirror of https://github.com/ZcashFoundation/powersoftau-attestations.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
powersoftau-attestations/0012/plancommit.txt

51 lines
2.9 KiB
Plaintext
Raw Permalink Blame History

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
# Plan for running the powersoftau multiparty computation.
## Setup:
- An air-gapped machine. It consists on a laptop with the following modifications:
- The hard drive has been phisically removed.
- The wireless card has been phisically removed.
- No network cable will be connected to it during or after the computation.
- Another machine, connected to the internet, running a gentoo linux system.
- compile the powersoftau binary on the gentoo machine.
- compiled from commit `d47a1d3d1f007063cbcc35f1ab902601a8b3bd91`
- the obtained `compute` binary has a sha256 hash `2603d31c9394ac624a0a3bceb5c9d227f73447dac29c4e2a598dd69590c92cd3`
- burn a a Linux Mint 18.2 "Sonya" KDE .iso image on several usb(1) thumb drives
## Steps to follow:
- When my turn to go comes:
- Get the challenge file from the network in the gentoo box
- Copy it to a several usb drives(2), together with the `compute` binary
- Randomly choose one of the usb drives(1) to boot the airgapped. The rest will be kept untouched to allow future audits(*).
- Randomly choose one of the usb drives(2), plug it and mount in the airgapped machine. The rest will be kept untouched to allow future audits (*).
- run there the `compute` binary
- as a source of entropy, I will just press many keys at random, and then add the result of rolling a dice 50 times.
- burn the resulting `response` file in deveral different dvd's.
- choose one of those dvd's at random, keep the others for possible future audits(*).
- read the chosen dvd in the gentoo machine, and send the response file back.
(*) The rationale behind this is to prevent attacks based on tampering with the drives. If there is something malicious in the drives whose traces would be erased after pluging it in a second machine, the other copies would allow to detect it. I don't have the resources to perform the kind of audit necessary to detect this, but will keep the evidence in case someone volunteers to do the audit.
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEZqJ2ok+i5RbOpE2l3QEU7bdBBZIFAloPX5EACgkQ3QEU7bdB
BZIntw/+I04gmgWGhgAIATI8nG0WR0rRlwaWEnCdgry3PUQ2e4BBro+oDvG9qe7h
Xw4CGvoOQboQvUaKcUEOUls1Li+P3LCKP1P40z8q8KU9sGI44yqiNnq6JUfHvsXZ
qWDlwUGyf+sW+qcfGoJLv2j1tlPQoJRoJwWTSnJYq1/yb2+qltvYCzmS85lhztkK
Qea5ZWawl74i6xzE6lOlKN3Sceog34j7k5rL+GES4I80unJYEGqHifed7nz1bK8f
wb6ksBDJ9hdJaw6ZIGdgZa7qzvojmtE7yE3y49rig6WjETEr16Wp/WuzRg0dKMfl
LFlzNbXKHIcNwiQLLWXPwTwPrx9orz+8ckf4U8HJDy/3FsDmEEf9Lcrm5LO0+P3t
oknxsLQF8yNJXTKILCugQGoVghbo0OgLlcw4IaQSmMilRabvOLd0/TYvsS3SfAu6
6s/jGLcjr+VtQE/oIaAI7bRHkB8BC77OSeOGiGBRq0T+HCvtaZGwG/l0u17sY1Rs
OILLUXdN/sg17ApnfnqLbo2hioLVrdTyK/amgDhlCrNHvniKxBkFhyvlfJRmRCpb
W9MWj618fBflH2u+aF/56HmpeP4Yt/ngkqJvCkV+Sq+9EdZTlRbopltZQ3YSKdQI
GaaqJHsVbFS2U13vth7klh1a6DhJXD2M9/iONsIhulma+NSX0g4=
=6Vgh
-----END PGP SIGNATURE-----
Reference in New Issue View Git Blame Copy Permalink