Skip to main content
Version: v2.0_alpha

Trusted setup

MACI currently uses Groth16 zk-SNARKs written in circom. Teams who wish to build on MACI may choose to perform a multi-party trusted setup. This allows observers to have a higher degree of confidence that the coordinator cannot generate fake proofs. Some teams, however, may forgo the trusted setup.

There are two possible reasons for doing so: if a team does not intend to manage a large amount of value, and if their users accept that the risk of coordinator misbehaviour is insufficient to justify doing the work of a trusted setup. After all, MACI's security model presumes a trusted coordinator.

The PSE team is making available a trusted set of zKeys for MACI's circuits, which are available and accessible on p0tion's website. For more info on trusted setup ceremonies please refer to p0tion's docs.

Maci v1.2 Trusted Setup Ceremony (most recent)

info

You can download all of the artifacts using the following command from maci's monorepo root:

download:ceremony-zkeys

Here are the maximum values supported by these artifacts:

ProcessMessages

  • users: 56=156255^6 = 15625
  • votes: 59=19531255^9 = 1953125
  • batch size for proving: 52=255^2 = 25
  • vote options: 53=1255^3 = 125

TallyVotes

  • users (ballots): 56=156255^6 = 15625
  • batch size for proving: 52=255^2 = 25
  • vote options: 53=1255^3 = 125

For your convenience, here is a list of the artifacts that can be used in production:

ArtifactDescriptionParametersLink
processMessages zKeyThe production-ready zKey for the processMessages circuit.6-9-2-3processMessages_6-9-2-3_final.zkey
processMessagesNonQv zKeyThe production-ready zKey for the processMessagesNonQv circuit.6-9-2-3processMessagesNonQv_6-9-2-3_final.zkey
tallyVotes zKeyThe production-ready zKey for the tallyVotes circuit.6-2-3tallyVotes_6-2-3_final.zkey
tallyVotesNonQv zKeyThe production-ready zKey for the tallyVotesNonQv circuit.6-2-3tallyVotesNonQv_6-2-3_final.zkey
processMessages r1csThe Rank-1 Constraint System file that was used to generate the zKey6-9-2-3MACI-ProcessMessages_6-9-2-3.r1cs
processMessagesNonQv r1csThe Rank-1 Constraint System file that was used to generate the zKey6-9-2-3MACI-ProcessMessagesNonQv_6-9-2-3.r1cs
tallyVotes r1csThe Rank-1 Constraint System file that was used to generate the zKey6-2-3tallyvotes_6-2-3.r1cs
tallyVotesNonQv r1csThe Rank-1 Constraint System file that was used to generate the zKey6-2-3tallyvotesnonqv_6-2-3.r1cs
processMessages wasmThe WASM file that can be used to generate proofs6-9-2-3MACI-ProcessMessages_6-9-2-3.wasm
processMessagesNonQv wasmThe WASM file that can be used to generate proofs6-9-2-3MACI-ProcessMessagesNonQv_6-9-2-3.wasm
tallyVotes wasmThe WASM file that can be used to generate proofs6-2-3tallyvotes_6-2-3.wasm
tallyVotesNonQv wasmThe WASM file that can be used to generate proofs6-2-3tallyvotesnonqv_6-2-3.wasm
processMessages vKeyThe verification key that can be used to verify the processMessages circuit's proofs6-9-2-3maci-processmessages_6-9-2-3_vkey.json
processMessagesNonQv vKeyThe verification key that can be used to verify the processMessagesNonQv circuit's proofs6-9-2-3maci-processmessagesnonqv_6-9-2-3_vkey.json
tallyVotes vKeyThe verification key that can be used to verify the tallyVotes circuit's proofs6-2-3tallyvotes_6-2-3_vkey.json
tallyVotesNonQv vKeyThe verification key that can be used to verify the tallyVotesNonQv circuit's proofs6-2-3tallyvotesnonqv_6-2-3_vkey.json
processMessages Solidity verifierThe Solidity smart contract which can be used to verify the processMessages circuit proofs on-chain6-9-2-3maci-processmessages_6-9-2-3_verifier.sol
processMessagesNonQv Solidity verifierThe Solidity smart contract which can be used to verify the processMessagesNonQv circuit proofs on-chain6-9-2-3maci-processmessagesnonqv_6-9-2-3_verifier.sol
tallyVotes Solidity verifierThe Solidity smart contract which can be used to verify the tallyVotes circuit proofs on-chain6-2-3tallyvotes_6-2-3_verifier.sol
tallyVotesNonQv Solidity verifierThe Solidity smart contract which can be used to verify the tallyVotesNonQv circuit proofs on-chain6-2-3tallyvotesnonqv_6-2-3_verifier.sol

Maci v1.1 Trusted Setup Ceremony

Here are the maximum values supported by these artifacts:

ProcessMessages

  • users: 56=156255^6 = 15625
  • votes: 58=3906255^8 = 390625
  • messages per batch: 52=255^2 = 25
  • vote options: 53=1255^3 = 125

TallyVotes

  • users (ballots): 56=156255^6 = 15625
  • batch size: 52=255^2 = 25
  • vote options: 53=1255^3 = 125

For your convenience, here is a list of the artifacts that can be used in production:

ArtifactDescriptionParametersLink
processMessages zKeyThe production-ready zKey for the processMessages circuit.6-8-2-3processmessages_6-8-2-3_final.zkey
tallyVotes zKeyThe production-ready zKey for the tallyVotes circuit.6-2-3tallyvotes_6-2-3_final.zkey
processMessages r1csThe Rank-1 Constraint System file that was used to generate the zKey6-8-2-3processmessages_6-8-2-3.r1cs
tallyVotes r1csThe Rank-1 Constraint System file that was used to generate the zKey6-2-3tallyvotes_6-2-3.r1cs
processMessage wasmThe WASM file that can be used to generate proofs6-8-2-3processmessages_6-8-2-3.wasm
tallyVotes wasmThe WASM file that can be used to generate proofs6-2-3tallyvotes_6-2-3.wasm
processMessages vKeyThe verification key that can be used to verify the processMessages circuit's proofs6-8-2-3processmessages_6-8-2-3_vkey.json
tallyVotes vKeyThe verification key that can be used to verify the tallyVotes circuit's proofs6-2-3tallyvotes_6-2-3_vkey.json
processMessages Solidity verifierThe Solidity smart contract which can be used to verify the processMessages circuit proofs on-chain6-8-2-3processmessages_6-8-2-3_verifier.sol
tallyVotes Solidity verifierThe Solidity smart contract which can be used to verify the tallyVotes circuit proofs on-chain6-2-3tallyvotes_6-2-3_verifier.sol