Re: [zapps-wg] Powers of tau

[Jason Davies via zapps-wg]

On 27 Mar 2018, at 01:06, Innovative Inventor wrote:

> I was unaware that I could join the powers of tau after March 20th. I was told
> on the zcash community chat that they were no longer accepting new
> participants. I would love to help out here if someone could tell me how.

Just to clarify a few things:

The parameter generation ceremony has two rounds (the first one is called
"powers of tau").  The resulting parameters will be used in the upcoming Zcash
"Sapling" upgrade.

We are *not* accepting any new participants for the first round for this
particular parameter generation ceremony.  The random beacon has already been
announced and sampled (this is the final part of the first round) and we want
to move on to the second round as soon as possible.

As for the second round, you would be welcome to participate when that gets
started.  Details have not been announced yet.

Finally, we will probably continue with a "fork" of the first round to make it
even stronger by adding more participants, so that it can be used to generate
parameters for other projects (but not Zcash Sapling), assuming there is
sufficient interest.  I will post an announcement to the list soon if we get
this set up.

Hope that helps,

--
Jason Davies, https://powersoftau.plutomonkey.com/

Re: [zapps-wg] Powers of Tau Attestation

[Devrandom via zapps-wg]

I'm attaching an OpenTimestamps receipt for my attestation.

On Tue, Mar 13, 2018 at 11:51 AM Devrandom 
wrote:

> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> # Powers of Tau Attestation
>
> Author: devrandom
> Date: 12 March 2018
>
> Notes:
>
> * Hardware is an Intel laptop that has not been powered up in four years
> and has never been connected to a network after it was purchased.  CPU was
> a Celeron 1007U.  Wireless card was removed.
> * OS was a clean Ubuntu 14.04
> * Compute binary was created with a deterministic Gitian build, with
> report here:
> https://github.com/devrandom/golang-powersoftau/commit/241da6dac6166a68ff20ef7abbb0f8231a626a3c.
> The binary sha256sum is
> c28894877c8948960eaefa0d8f35da6c911031980672b983f361711a7dcb1ec8.  The
> binary was archived for future research.
> * A USB drive was purchased in person and used to transfer the binary and
> challenge into the laptop and the response out of the laptop.
> * Additional entropy was injected into /dev/random via keyboard mashing
> and dice throws
> * The laptop was disconnected from AC throughout the computation
> * The boot drive was destroyed
>
> The BLAKE2b hash is:
>
> a449bc6e d77cbc7b 2d6aa91b ac4ddc6e
> e398a6e8 6c2b08dd 529b796b f7fcfb7c
> ba5cfb94 a394731d e1a188ec bdf6dcaf
> 8444f688 975973ca 079b94f2 e0e7def0
>
> -BEGIN PGP SIGNATURE-
>
> iQEcBAEBCAAGBQJaqB0pAAoJEOOqsosn9c9K66MH/j79TuEGpSdS5weTRxKHVMHJ
> NMLEGdnFT6BVEIJrIbzC1eQFJHWQhROokTn0mrjaV3lsGSWXJ5D91/rYE6boVsrN
> o501eDQui1nSnkIICrQY3aDnzYIT98crtGPDBD29e8vTRqjGnWAay1ovjIA5Vr0V
> q3nxfrp2mqdk9kYFHDfLvjfeEJRkOujx1TrwRRqX2/0OTLnAnPgrqUncKaiojH0v
> IlcbYAoBe2VEboiwN1QDMV0AuYzNCfrTXsof0lU6g7sZwy49MLCQNsUmxW2bl3jz
> AzlCjcBG6EyLyh5T6J+FylEYrplcPdlZLmtcGNsdoM1VeohpL3f7ZqALUlCJjQU=
> =IvmM
> -END PGP SIGNATURE-
>
>


attestation.md.asc.ots
Description: application/vnd.oasis.opendocument.spreadsheet-template

Re: [zapps-wg] Powers of Tau Attestation

[Ryan Taylor via zapps-wg]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

My part of Powers of Tau was performed on a Penguin Adelie GNU / Linux
Laptop by Think Penguin.
Processor: Intel(R) Core(TM) i7-6700HQ CPU
OS: Debian GNU/Linux 9.3 (stretch)

Downloaded the challenge file and compiled the Go implementation. Then I
disconnected from the ethernet and unplugged the router. All devices,
besides the computation node, with a possible network connection,
microphone and/or camera were put on the other side of the apartment, as
far from the computation node as possible. Batteries and sim cards were
removed from all of those devices if possible.

Randomness was added via mashing buttons for a while and then entering
the sha512 hash of an audio file recorded at a street market earlier
today, followed by more button mashing.

The response file and BLAKE2b hash were then saved securely and I
shutdown the computation node. After a short period of time and a snack,
I booted the computer and uploaded the response file.

The BLAKE2b hash of `./response` is:
1d4530ec 2bc7c6c4 fa5d6491 acbfe0b3
e1ec1208 5bc0b4b0 a1ebef5c f0d71a1d
10c2e7db 7aa35013 a5b19d0b b80713bc
967dde55 8cb917ff f10a884b b816d90a

The hash was also publicly tweeted:
https://twitter.com/AdjyLeak/status/973629370593169408

I'm happy to have been able to participate. Thanks everybody who made
this possible!

- - Ryan Taylor

ps. This message was just sent but signed improperly. Trying one more
time ...
-BEGIN PGP SIGNATURE-

iQJABAEBCAAqFiEEBFn60L29DGPbP6x0NFOxz3ehH9UFAlqoG/kMHHJ5YW5Aei5j
YXNoAAoJEDRTsc93oR/VKFAP+gM9L27cVwFp6UWgCREl+v5EWh48sN+bwDvOph3C
xJR8MB9y429A8NevsY8s871ezv16Ew5gBI5I5MRZRdZLHzgJhKSvHPQdoGTRLGxb
qVcI1UL2Cq6Ur45CIcKN6e/DI3YwA8TeA8V8/AfCdjUe2Xp36o0ufUfv1OoP5RfY
IYDmPhUbBAufMOgQ07hCF9c4thdrd4W4g+Aa+twhtVfonVY+23XY/u+2eBQLzzGc
HeZbknZoL+9UBATOFI8MsC+NXuxTmgT8JpRrHHtgvh+qGsQ18jjukwac8E69Gdjl
N9q/Zte0wZsLwkFzVjs5BHIPG6MzLOBC4OsgQxaqUfCZ9d8Z9R8HzEo0MJFE+lN9
5f3ubPgRh5iP7k9F1xq4GNKHSnYx/nH6SqJOqmTHGKZk4PMkF/z++r+/GZ9mI8Nd
UDXG5pn26lPdg2VJYbn4d7EPV0lb1AXW4Gr/FpVKTmisnGuhQ5Ogk9NTqTNZas+6
vPhxfEGuY238OQBRx4lKLOhflzB6/e6jjt/UsQFBY/6fAPy2iTLberqqR/mdAQ79
zOLCOZcy+h1PNdWBy80wq+FpFHag0ONx9W3A1Kf27o852wXjaZykPLaXoYCTXl0W
j4mg9U9DAcveM18PXg1mXFPLSrrNHwvcuDH62wqRGZ2PO6KDfFy2hs6Mfj1oxz1K
wJkS
=1LiL
-END PGP SIGNATURE-

Re: [zapps-wg] Powers of Tau Response

[Chase Roberts via zapps-wg]

On Tue, Mar 6, 2018, 10:25 PM Chase Roberts  wrote:

> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> My response BLAKE2b.
>
> f8111d44 6841d376 5ef01319 14ab1007
> 779961a6 66998b1d ad63edbe c0123ba6
> b2581e69 936fc4c9 0ff51211 d5ff7cd0
> 85425f38 d8752ec2 25447c25 c29fc9ca
>
> The compute was done on an old air-gaped desktop. All network devices were
> removed from the desktop. I used a Ubuntu 16.04 boot drive that never was
> reconnected to the internet after the installation and setup was completed.
> After the response was verified, the desktop, keyboard, and all USB
> devices were destroyed with a hammer. What remains are in a vase on the bar
> in my apartment.
>
> I plan on adding this blake2b hash on the ZEC and Bitcoin blockchains
> after I finish miterms and spring break.
>
> Glad to be part of this. Cheers.
> -BEGIN PGP SIGNATURE-
> Version: Keybase OpenPGP v2.0.76
> Comment: https://keybase.io/crypto
>
> wsBcBAABCgAGBQJan1t4AAoJEL5U7Ddh2JzxidgH/1A19tx6QSV4kgs/1m6nj7H+
> lvk3rZd8/wpUx8fVxLOT6fgb/D5dv+oj5N7eTCSDI4M+FbHAuy3xUudGH964HwHE
> 8+BZlvX8mNUasAhPM1ddQbypYDii1TBRq97R1rDVAhotT43Uzct5MCy934Daec2o
> Eft9+n5Y9bF17Z6DV9G/drbBZnZnqiV59hBki/WKw0YJlPLPbkwDI/gwwyomzsu9
> 6rhoni+lCCTKO9IRQnP7NJA4TL03l9QCD2+zA2R793DoFX2dMPQ5TgquzbNPMxQX
> MejPYbiXiCDhy8YsuW8QpFYHFnzkMY5vxJDeYuoXosBecQRhroH4ALFxZXE4O6Y=
> =NPGU
> -END PGP SIGNATURE-
>
>

Re: [zapps-wg] Powers of Tau Attestation

[Jason Davies via zapps-wg]

Verified, thanks!

Where might one find your PGP public key so that they can check your signature?

Jason

> On 22 Feb 2018, at 20:49, Troy Stackhouse via zapps-wg 
>  wrote:
> 
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
> Powers of Tau Attestation by Troy Stackhouse
> Date: February 22, 2018
> 
> I had a new, unconfigured laptop which provided an easy opportunity to
> participate, since I could just wipe it clean afterwards. I set it up
> fresh with Windows 10 a few days ago and made sure it was fully
> patched. I kept the machine offline when I wasn't using it, and more
> recently I downloaded the Rust implementation of powersoftau, which I
> compiled using Visual Studio Code w/ Rust rls (which also required I
> install Visual Studio C++ desktop tools).
> 
> When it came to the ceremony, I kept the machine in my sight the whole
> time and no other human beings were nearby. For entropy, I simply
> mashed my keyboard... a lot (much longer than I felt was necessary).
> Upon completion, I fully wiped the drive with DBAN (currently in
> progress).
> 
> Here's my BLAKE2b hash:
>7573a747 d9b4e480 00de2715 c5bfa2ff
>1c515371 4608cea3 97fae0fe 72846297
>3a5b4d87 ce3e2a78 61d95a1e 59e723f9
>6af41c1c f1b915ae 5ad5730d 1ccbaa91
> 
> I also posted it on Reddit:
> https://www.reddit.com/r/zec/comments/7v0889/50_participants_now_for_powers_of_tau_its_not_too/duo4808/
> 
> - -Troy Stackhouse
> -BEGIN PGP SIGNATURE-
> iQEzBAEBCAAdFiEE8neTVirh6YWW6scfQRWJHtHRLwYFAlqPKXEACgkQQRWJHtHR
> Lwbiigf/YGkwtsI9AX/FlIioRloEwGVDV3X5AcYqW781jnXDfOrP10EDyYtBMjS7
> PIPJYOZdqHLeMCG/dV2ZUhUWLXMAremeq5IwmbdQKz+gJQkjrUQIyFsQKVY01DeG
> FYkPH4tSURzcM71OlEbjgMzJ8R00nkbTOjoO1tBUntT/t6wTGO9hQR0HyEPMq6sM
> qAXZjpYxsjSxW1kTn2LWq+XN4APZCMErT10pc1/azOpaShfUrtZY9O7bj98wBHZ9
> N/ljlsEdRgdJsCZQJcsuJfiyu3b7sSaNcWjdOmZh0X3D/rSq/JLvmpJ+USz1xozo
> FNhPyqkHXNp1PDrO4FgBNyu1ANkWcA==
> =NoJW
> -END PGP SIGNATURE-

--
Jason Davies, https://powersoftau.plutomonkey.com/

Re: [zapps-wg] Powers of Tau Attestation

[Jason Davies via zapps-wg]

> On 17 Feb 2018, at 19:03, Kobi Gurkan  wrote:
> 
> How awful would it be with RPi 3 and microSD for swap?

Good point.  Someone should do a test run and report back!

--
Jason Davies, https://powersoftau.plutomonkey.com/

Re: [zapps-wg] Powers of Tau Attestation

[Alok Menghrajani via zapps-wg]

On Mon, Feb 12, 2018 at 5:01 PM, Jason Davies
 wrote:
> I've verified your uploaded response, thank you!
>
> I found your Twitter attestation: 
> https://twitter.com/alokmenghrajani/status/963212918505447424
>
> Would you mind posting a link to your co-worker's?

My co-worker's post:
https://twitter.com/wmcc_/status/963218431045545985

Alok

Re: [zapps-wg] Powers of Tau Attestation

[Jason Davies via zapps-wg]

I've verified your uploaded response, thank you!

I found your Twitter attestation: 
https://twitter.com/alokmenghrajani/status/963212918505447424

Would you mind posting a link to your co-worker's?

> On 13 Feb 2018, at 00:45, Alok Menghrajani via zapps-wg 
>  wrote:
> 
> Hi,
> 
> Thank you for coordinating all this!
> 
> I participated today (2/12/18) and my co-worker Will witnessed the
> entire process. Our response is:
> c13af4d4 477f66e7 53f25d51 1b6c4624
> 9f20f79a f63c20d8 c64e34c9 df90441b
> 0bf89ae2 8c05d71c 4ae9cb82 e0a3aa4d
> 41e99666 c54261a9 b0b75f6a 5c455436
> 
> Procedure:
> 1. We got a loaner MacBook Air from our employer. These machines are
> wiped before every use.
> 2. Used the Rust code from https://github.com/ebfull/powersoftau
> (d47a1d3d1f007063cbcc35f1ab902601a8b3bd91) with rustc version 1.23.0
> (766bd11c8 2018-01-01).
> 3. Disabled wifi after installing the necessary tools.
> 4. Challenge blake2:
> 52db7b1d b9ad9990 43c1fe97 bd151cd8
> f4910078 f531dc99 acdca8b6 36c74c5a
> 7605563b feda17ab 1e79b239 6dd0bde0
> f6538184 eb8e5425 93232fe9 4820dcae
> 5. Response: see above
> 6. We used a USB drive to copy the response file and we manually
> re-installed the OS once we were done. We returned the laptop so it
> can be wiped again.
> 
> Finally, we published our response hash on our social media accounts.
> 
> Alok

--
Jason Davies, https://powersoftau.plutomonkey.com/

Re: [zapps-wg] Powers of Tau (Joseph Tobin)

[Jason Davies via zapps-wg]

Thanks Joe!

For the record -- your first email was signed correctly (content-type 
"multipart/signed") but I wasn't able to verify the signature without knowing 
your public key.

Your follow-up email included a link to your public key as well as a signed 
plaintext message, which was slightly friendlier for adding to the attestations 
repository at https://github.com/ZcashFoundation/powersoftau-attestations

Thanks again!
--
Jason Davies, https://powersoftau.plutomonkey.com/

Re: [zapps-wg] Powers of Tau (Joseph Tobin)

[Joseph Tobin via zapps-wg]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

There was a mistake with PGP in the original message.  Repeated below.

Hi Everyone!

Thank you for the opportunity to participate!
Date: 2018-2-11
Name: Joseph Tobin

Location: New Jersey, USA

Response (blake2b): 2ddd4358 b124100d 724e62a0 6f158dbc
c714ffbe 8784f619 887a40ff 12f9fab0
44649dfa 306a0385 06f95e0e 25c6cfb3
32f46f57 ea6331c8 057f46bf 5a079db4


Procedure
=
Git repository: https://github.com/ebfull/powersoftau
Commit hash: commit d47a1d3d1f007063cbcc35f1ab902601a8b3bd91
Compiler: rustc 1.23.0 (766bd11c8 2018-01-01)
Computer: Macbook Pro 2016 macOS High Sierra 10.13.3

I downloaded the challenge file from an Amazon S3 bucket set up by Jason
Davies. I computed a response locally with wifi disabled. I uploaded the
response file to the same Amazon S3 bucket.
Side channel defenses
=

Entropy source: Divine inspiration

I have no intention to destroy the compute node for the next 5 years.

If there are any questions, please feel free to reach out!

Sincerely,
Joseph Tobin
https://jobin212.github.io/
https://keybase.io/puffinrng
-BEGIN PGP SIGNATURE-
Version: Keybase OpenPGP v2.0.76
Comment: https://keybase.io/crypto

wsFcBAABCgAGBQJagODTAAoJEJcrg9B+fL2Tf84P/3+XH7ujCix21wJ6C66ZIx4K
W/b3G7gN9D82xAYlwRZZQM6mGmQYFDeuLdesLVSrDP0OFUfUUns2mPajbXtctSlv
ZyewhgdKxnfBhNUcbHgHMci5R3sWlN/vHFGdJNq9d2ruPV9FY5JzSgL1a6vW8KxL
NNxX/cU4xSzwwcvyTxcqQ4AbbrpZdin0ctohPJO8gGw+gKTVazz6mp8gOlq5c1Xr
4Cd5SfNLDDD4wIyAe1QhghqkWYfuJwS6kWvHhoMpiDAeBbxmyMS3vfX34Kg2ZQF4
X4G7gtrLp9orRzYNJuZ7TY/WhU82wkGfOrf81t7VuhqQmHmCc1syIexMm2SoBJnS
c3Uo3dnAfVjOSR3b03fZ38ISDG4aG5yJGNksTBCgHfpoZst2mcAPdCGHr5pqn4tv
ma68rLZgn0v3tT7Se2ych/CYXSkWjFnFKs3vMZRGBDfvQi1tdltix1PsJ2b68BMF
osQnQmF2EYG1jMo9zPeWQfLVLwJDl0z9kzxcluvnKxSGYk4Qt4dnwuic9KHqLLLq
wJz2D69zlhIFtRW4TnoiH0Kk7WVhI9YIoK6BlKy23j7WE9wULrXnnZEZM1SzlmWm
70i6Ajvaybu9ot5Antx1bGeoX+HXNlE3+cObG+Ed6IUgRx/sTmHHFYSP64qCpWpr
4nuXvRPj8Phc+7cIjwfx
=sD7z
-END PGP SIGNATURE-


On Sun, Feb 11, 2018 at 5:47 PM, Joseph Tobin  wrote:

> Hi Everyone!
>
> Thank you for the opportunity to participate!
>
> Date: 2018-2-11
>
> Name: Joseph Tobin
>
> Location: New Jersey, USA
>
> Response (blake2b): 2ddd4358 b124100d 724e62a0 6f158dbc
>   c714ffbe 8784f619 887a40ff 12f9fab0
>   44649dfa 306a0385 06f95e0e 25c6cfb3
>   32f46f57 ea6331c8 057f46bf 5a079db4
>
>
> Procedure
> =
>
> Git repository: https://github.com/ebfull/powersoftau
>
> Commit hash: commit d47a1d3d1f007063cbcc35f1ab902601a8b3bd91
>
> Compiler: rustc 1.23.0 (766bd11c8 2018-01-01)
>
> Computer: Macbook Pro 2016 macOS High Sierra 10.13.3
>
>
> I downloaded the challenge file from an Amazon S3 bucket set up by Jason
> Davies. I computed a response locally with wifi disabled. I uploaded the
> response file to the same Amazon S3 bucket.
>
> Side channel defenses
> =
>
> Entropy source: Divine inspiration
>
> I have no intention to destroy the compute node for the next 5 years.
>
>
> If there are any questions, please feel free to reach out!
>
>
> Sincerely,
>
> Joseph Tobin
>
> https://jobin212.github.io/
>
>
>

Re: [zapps-wg] Powers of Tau Attestation

[Sean Bowe via zapps-wg]

Excellent! Verified it. Adding to transcript now.

Sean

On Thu, Feb 8, 2018 at 12:40 PM, Mark Giannullo via zapps-wg
 wrote:
> I completed the challenge using Filippo's golang implementation:
> https://github.com/FiloSottile/powersoftau
>
> The BLAKE2b hash of `./response` is:
> a6a754d8 68697ff0 870c8413 c5cda8f6
> fe57e6bf 3a1dd30b 5f254ede 78d23879
> 175b4044 61573619 4df013db 4642f717
> 9f5602f5 1d37b9b6 88045d96 352927e1
>
> I have also posted this hash on Twitter:
> https://twitter.com/markgiannullo/status/961683650210402304

Re: [zapps-wg] Powers of Tau Attestation by Gսѕtavо Frеdегіc೦

[Sean Bowe via zapps-wg]

Thanks Gustavo! I've entered this into the transcript.

Sean

On Mon, Feb 5, 2018 at 7:12 PM, Gustavo Frederico via zapps-wg
 wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Powers of Tau Attestation by Gսѕtavо Frеdегіc೦
> - --
>
> Date: 5/Feb/2018
> Location: Ottawa, ON, Canada
> Main document given to Gսѕtavо with instructions: 
> https://github.com/ebfull/powersoftau/wiki.
>
> sha256sum -b challenge
> 81e7d56284c57a227841243565baad98aba3fae1165e859027ea03415706c726 *challenge
>
> Blake2b response file:
>
> The BLAKE2b hash of `./response` is:
> 8abb2666 2df43f23 310b3896 665fb8b0
> a9995403 a5c5c890 c785bbd4 92093c6b
> fd553da7 81623379 22184427 5b2c212b
> 722c78ca 5d02a204 f248e94e e8e5b00f
>
> My PGP public key:
> https://keys.mailvelope.com/pks/lookup?op=get=0xFB442070C0242E80
>
> My fingerprint: F3CE E9F3 1BDF 1268 DBF2  32C7 FB44 2070 C024 2E80
>
> Actions:
>   Principle: I didn't want to destroy any hardware because I'm not rich.
>
>   Environment: a small room, where I was alone.
>
>   Preparation: My host computer is a MacBook Pro with macOS 10.13.3. I 
> installed VirtualBox (www.virtualbox.org). I downloaded a Ubuntu desktop iso 
> image from https://www.ubuntu.com and I created a VM in VirtualBox. I enabled 
> "Disk Image Encryption" in the VM. I tured off its Bluetooth adapter. In the 
> beginning I left the network adapter connected to the host's. After 
> installing Ubuntu in the VM, I installed curl.
>
>   Other installs in the guest VM (still dependent on network adapter 
> connected to the host's at this stage):
>curl in shell
>Rust from https://www.rust-lang.org/
>Powers of Tau source from https://github.com/ebfull/powersoftau
>
>   Ceremonial step:
>cargo run --release --bin compute   # with network connection on
>   At the step where the program asks for keyboard input, Gustavo turned 
> the VM (guest) network connection off and the host connection off also.
>
>The input may have included counts of letters in words I read today, words 
> I read today in English and in Russian, and people that I counted today. It 
> may have included names of people. I also may have played a song by Beethoven 
> in the keyboard as if it were a piano. And I may have played the fingering of 
> a Bach violin concerto as if the keyboard were a violin fingerboard. And I 
> may have typed random keys in the keyboard.
>
>At the end of the computation (it tooks almost 3 hours), I copied to 
> clipboard the BLAKE2b hash of the response file. Then I rebooted the VM. 
> After that, created a volume share between guest and host. I then saved the 
> response file in the host computer. Then I deleted the VM, including all of 
> its (encrypted) files. After, around 7 pm UTC-6 I uploaded the response file 
> to the URL given to me by email ( it began with 
> https://s3-us-west-2.amazonaws.com/powersoftau/p6RZ )
>
>
>
>
>
> B̸̡͔̻̬̩̖͚̬͈͙͔̫̩͙̻̉̈̄̌̊͐̄̂̈́̊̾͆͠Ḑ̸̻̣̲̗͇͍͍͍̞̩̖͗̉͊S̸̢̝͕͎̝̘̥̬̲͉̯̣͙͂̐͜
>
>
>
>
>
> - --
> -BEGIN PGP SIGNATURE-
>
> iQIzBAEBCAAdFiEE887p8xvfEmjb8jLH+0QgcMAkLoAFAlp5DvAACgkQ+0QgcMAk
> LoDPexAA1JbFpCsgZWq/j1b+Ng7ItKBE2/l8NS0sWiqn4bHBW2oEEOGTUsRAFGCj
> HFylW8aDVi+YY7Gene+Gr5EDkbhT0en8lBeSK0qBRNkHN5yrzw0cZJWHNOoofeTZ
> SJzodJiFlkq9P9cIO12v1XdRP59VmaAM/4npDpbqrjB76cUG4aEaxwz5OgE4Er3A
> WvLs1aGd3le34KROLnrGGOYm1msX9MdFWFS9UEztqTYcMsn9ayz6e6HNPIk4u2Ry
> GcOZTdw+RCaqJhA10PkSEsGhoL1JexsksYIapy0i9xOKaqMXMrbYfs3S4ktHY4q6
> aOBMR2yQ6hJ1BQ/LsvkTL27p00UFXr/Vi/ZjwZZtRAP9YFxlrg7NrFIw7Xf+IF6v
> a+WFDX5Qt8YQ2gup+pheR15kQViNKrqx3OkpBVzj+D4RSvrbmCerOEYxrw4PJh7F
> xSyZ8MOjB5pAdhQ2nt56GjEKa57ID/3UQM+iPrrmurbOlVUs4kSJ2SbX2hq1p2CY
> ETgxUM+o9W956wT7Un3khptIUSkLqJoY0KPz6InpI2fdLHSSF2s4OG9ghtiF3uyE
> LHaXu/mB2xM/2GI/1K9Z446dSlh6xaL84JDyRXed06F51LstYNgLb0K43ivc1ilq
> XYC8ZDgaJbF9BYSYZlsKfrzS+7pNH6M7vh7iuq/jiOOB/DF718k=
> =M6yK
> -END PGP SIGNATURE-
>

Re: [zapps-wg] Powers of Tau Attestation 48

[Sean Bowe via zapps-wg]

Awesome job, thank you so much. :)

By the way, the challenge file that Gabe used is located here:
https://powersoftau-transcript.s3-us-west-2.amazonaws.com/challenge.48

I'd be curious to see why Filippo's Go code can't deserialize it.
Maybe a platform specific bug?

Sean

On Thu, Feb 1, 2018 at 3:56 PM, Gabe Ortiz via zapps-wg
 wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> Powers of Tau Attestation by Gabe Ortiz (@signalnine)
> =
>
> Round: 48
> Date: 2018-02-01
> Location: Albuquerque, NM, USA
> Commit version: d47a1d3d1f007063cbcc35f1ab902601a8b3bd91
>
> SHA256 challenge file:
> 35b60456f4d4a17ceefb1acfd0371d7134789319649cfd6bf77aca35d2824950
>
> Blake2b response file:
> The BLAKE2b hash of `./response` is:
> 7c220a51 5804a837 d314eb18 f861198f
> e1bff8e0 f3e4018f 68a6b2c6 8a4bc89b
> 59a80446 52cc2602 4c3f72f9 32730700
> 1bff8df0 429da619 70d6f587 72629732
>
>
> Methodology
> =
>
> The hardware used was a mid-2011 MacBook Air running OS X 10.11.6. WiFi and
> Bluetooth were disabled and the MAC address of the WiFi adapter was blocked
> at my router. I transferred the challenge file via USB drive. I first
> attempted to use Filippo Valsorda’s golang implementation but ran into an
> issue where it was throwing an error, “Failed to read the challenge: point
> is compressed.” So, I ran the standard Rust implementation instead.
> Additional entropy was produced via a USB-connected keyboard. I again
> transferred the response and response hash via a USB drive to my
> network-connected laptop for upload. The MacBook Air and the USB drive used
> to do the compute was then destroyed.
>
> Just for fun, here’s an imgur album of the laptop destruction (yes, we made
> sure to avoid damage to the battery cells):
> https://imgur.com/a/IkG3i
> -BEGIN PGP SIGNATURE-
>
> iQIzBAEBCgAdFiEE2eDG1CCBN16+WtTSC6+LqJ7Wy2QFAlpzmksACgkQC6+LqJ7W
> y2SkYQ/+OlYd79nl1EX6St7dgvbJvb2lZbP1qYG2dEdJsTY0yTILREPLwOfOlopJ
> DOm7hn2SGbi7FUe2XIMc07bi+shvH3h8mpKnSt9HYw/KtwAmgqt9o0DpbMNibOyw
> 8q9rDtmbgV8/Hg9GBDaR0V+ocy/uObdLehxb3zsm2gLToTOj4sEM75nje2zbhVSd
> +F/UN7qYNq5DwUIA/rqqPAA4EVaOa6zan8h803fIeokTNkw7bcIDiJkdbcZh8fko
> qcVEnRdhf4t0OS2ZIyGGQ8YU/EUhu8e1xvGj8aKZ+uzarMV6lgef7yOosMWbnjkh
> JHqEZnBXqqWGW4uslE8Flh68CmKAa7Z8gtnSOxfrIDCwN7IMM1bQzAI45yydLYCB
> 1rjJndasmmxkP+kzzAz0ixP6nEiMOnsNZibqTdi5kQjvytKQwm/viVeuAE5d24cM
> JBfBArbsug3ZvAKSgwuaboIC77/qhZYqYxxfGiM91g9KQsFrg7SXYpH3cf806JID
> RAHT/6z1M7RegjZL74BH74QB6tb2pVIDqDDnY9wp1Lj8PeiGx2u5+eiW71NYAX5h
> GtWThZrd5yk6+EBzsyIeRnPmf4oaw/Y0jMs8qePVHcaXDiWHAdwIg2lwmVfqZx80
> lR5mSBmiV0tDX14SDgbQuONAqFtop102QZkawvR4ZbYPNpf/Jjc=
> =EmVb
> -END PGP SIGNATURE-

Re: [zapps-wg] Powers of Tau

[Lucas Vogelsang via zapps-wg]

Thanks for publishing the go implementation. Awesome to have another
implementation to choose from. I will take a look at your repository.

@Sean, I'd love to participate anytime next week. I'm available every
mon-fri 9am-2pm EST.

On Wed, Jan 24, 2018 at 5:46 PM, Andrew Miller via zapps-wg <
zapps...@lists.z.cash.foundation> wrote:

> That's outstanding, thanks! The independent Go-language implementation of
> the compute node is an amazing bonus contribution. I'd love to learn more
> about this project. I'll ask questions in the github repo.
> Cheers,
>
> On Wed, Jan 24, 2018 at 6:54 PM, Filippo Valsorda via zapps-wg <
> zapps...@lists.z.cash.foundation> wrote:
>
>> The BLAKE2b hash of `./response` is:
>> 7b55c0f5 68a8b4df 2ca14085 2e816df2
>> b9a2dafe 50b2c5e2 5e6c9b6a df239de0
>> 223a9866 aba481a8 436fbd42 04a2c48a
>> 43725d94 2de47b23 c10c5e87 38fd6467
>>
>> The main feature of this contribution is that it was computed with an
>> independent implementation of Powers of Tau.
>>
>> My implementation, which I am open sourcing now at [1], was not public at
>> the
>> time of computation. It is written in Go, shares no code with the main
>> Rust
>> implementation, and uses the RELIC library for BLS12-381. The only detail
>> that
>> was copied verbatim from the Rust codebase is the value of the curve
>> coefficient, but that's being resolved at [2]. The Zcash Company sponsored
>> this effort, but it was proposed and conducted by me independently.
>>
>> The computation was simply performed on my main MacBook Pro, where the
>> code
>> was developed. The laptop was rebooted after the computation and before
>> re-enabling Wi-Fi and reopening the browser. The git hash of the codebase
>> was
>> 26a0231c674ec6043ef77997d33d94787c55634a, the Go version 1.9.2, extra
>> entropy
>> was fed to /dev/random before starting.
>>
>> The full terminal transcript, and this attestation signed with a
>> minisign/signify
>> key published at [3] are attached, and available at [4].
>>
>> [1] https://github.com/FiloSottile/powersoftau
>> [2] https://github.com/relic-toolkit/relic/issues/64
>> [3] https://twitter.com/FiloSottile/status/956325095013863425
>> [4] https://gist.github.com/FiloSottile/cc142b683666ee1ce5ee77759bd0a367
>>
>> -- Filippo Valsorda
>>
>> 2018-01-22 22:17 GMT+0100 Filippo Valsorda :
>> > _o/
>> >
>> > I'm ready to go whenever there's a slot.
>> >
>> > It will probably take me half a day, upload included.
>>
>
>
>
> --
> Andrew Miller
> University of Illinois at Urbana-Champaign
>

Re: [zapps-wg] Powers of Tau

[Andrew Miller via zapps-wg]

That's outstanding, thanks! The independent Go-language implementation of
the compute node is an amazing bonus contribution. I'd love to learn more
about this project. I'll ask questions in the github repo.
Cheers,

On Wed, Jan 24, 2018 at 6:54 PM, Filippo Valsorda via zapps-wg <
zapps...@lists.z.cash.foundation> wrote:

> The BLAKE2b hash of `./response` is:
> 7b55c0f5 68a8b4df 2ca14085 2e816df2
> b9a2dafe 50b2c5e2 5e6c9b6a df239de0
> 223a9866 aba481a8 436fbd42 04a2c48a
> 43725d94 2de47b23 c10c5e87 38fd6467
>
> The main feature of this contribution is that it was computed with an
> independent implementation of Powers of Tau.
>
> My implementation, which I am open sourcing now at [1], was not public at
> the
> time of computation. It is written in Go, shares no code with the main Rust
> implementation, and uses the RELIC library for BLS12-381. The only detail
> that
> was copied verbatim from the Rust codebase is the value of the curve
> coefficient, but that's being resolved at [2]. The Zcash Company sponsored
> this effort, but it was proposed and conducted by me independently.
>
> The computation was simply performed on my main MacBook Pro, where the code
> was developed. The laptop was rebooted after the computation and before
> re-enabling Wi-Fi and reopening the browser. The git hash of the codebase
> was
> 26a0231c674ec6043ef77997d33d94787c55634a, the Go version 1.9.2, extra
> entropy
> was fed to /dev/random before starting.
>
> The full terminal transcript, and this attestation signed with a
> minisign/signify
> key published at [3] are attached, and available at [4].
>
> [1] https://github.com/FiloSottile/powersoftau
> [2] https://github.com/relic-toolkit/relic/issues/64
> [3] https://twitter.com/FiloSottile/status/956325095013863425
> [4] https://gist.github.com/FiloSottile/cc142b683666ee1ce5ee77759bd0a367
>
> -- Filippo Valsorda
>
> 2018-01-22 22:17 GMT+0100 Filippo Valsorda :
> > _o/
> >
> > I'm ready to go whenever there's a slot.
> >
> > It will probably take me half a day, upload included.
>



-- 
Andrew Miller
University of Illinois at Urbana-Champaign

Re: [zapps-wg] Powers of Tau

[Sean Bowe via zapps-wg]

This is excellent! I'm so impressed. I've added this to the transcript.

Thanks,

Sean

On Wed, Jan 24, 2018 at 5:54 PM, Filippo Valsorda via zapps-wg
 wrote:
> The BLAKE2b hash of `./response` is:
> 7b55c0f5 68a8b4df 2ca14085 2e816df2
> b9a2dafe 50b2c5e2 5e6c9b6a df239de0
> 223a9866 aba481a8 436fbd42 04a2c48a
> 43725d94 2de47b23 c10c5e87 38fd6467
>
> The main feature of this contribution is that it was computed with an
> independent implementation of Powers of Tau.
>
> My implementation, which I am open sourcing now at [1], was not public at the
> time of computation. It is written in Go, shares no code with the main Rust
> implementation, and uses the RELIC library for BLS12-381. The only detail that
> was copied verbatim from the Rust codebase is the value of the curve
> coefficient, but that's being resolved at [2]. The Zcash Company sponsored
> this effort, but it was proposed and conducted by me independently.
>
> The computation was simply performed on my main MacBook Pro, where the code
> was developed. The laptop was rebooted after the computation and before
> re-enabling Wi-Fi and reopening the browser. The git hash of the codebase was
> 26a0231c674ec6043ef77997d33d94787c55634a, the Go version 1.9.2, extra entropy
> was fed to /dev/random before starting.
>
> The full terminal transcript, and this attestation signed with a 
> minisign/signify
> key published at [3] are attached, and available at [4].
>
> [1] https://github.com/FiloSottile/powersoftau
> [2] https://github.com/relic-toolkit/relic/issues/64
> [3] https://twitter.com/FiloSottile/status/956325095013863425
> [4] https://gist.github.com/FiloSottile/cc142b683666ee1ce5ee77759bd0a367
>
> -- Filippo Valsorda
>
> 2018-01-22 22:17 GMT+0100 Filippo Valsorda :
>> _o/
>>
>> I'm ready to go whenever there's a slot.
>>
>> It will probably take me half a day, upload included.

Re: [zapps-wg] Powers of Tau

[Filippo Valsorda via zapps-wg]

The BLAKE2b hash of `./response` is:
7b55c0f5 68a8b4df 2ca14085 2e816df2
b9a2dafe 50b2c5e2 5e6c9b6a df239de0
223a9866 aba481a8 436fbd42 04a2c48a
43725d94 2de47b23 c10c5e87 38fd6467

The main feature of this contribution is that it was computed with an
independent implementation of Powers of Tau.

My implementation, which I am open sourcing now at [1], was not public at the
time of computation. It is written in Go, shares no code with the main Rust
implementation, and uses the RELIC library for BLS12-381. The only detail that
was copied verbatim from the Rust codebase is the value of the curve
coefficient, but that's being resolved at [2]. The Zcash Company sponsored
this effort, but it was proposed and conducted by me independently.

The computation was simply performed on my main MacBook Pro, where the code
was developed. The laptop was rebooted after the computation and before
re-enabling Wi-Fi and reopening the browser. The git hash of the codebase was
26a0231c674ec6043ef77997d33d94787c55634a, the Go version 1.9.2, extra entropy
was fed to /dev/random before starting.

The full terminal transcript, and this attestation signed with a 
minisign/signify
key published at [3] are attached, and available at [4].

[1] https://github.com/FiloSottile/powersoftau
[2] https://github.com/relic-toolkit/relic/issues/64
[3] https://twitter.com/FiloSottile/status/956325095013863425
[4] https://gist.github.com/FiloSottile/cc142b683666ee1ce5ee77759bd0a367

-- Filippo Valsorda

2018-01-22 22:17 GMT+0100 Filippo Valsorda :
> _o/
> 
> I'm ready to go whenever there's a slot.
> 
> It will probably take me half a day, upload included.


attestation.txt.minisig
Description: Binary data
The BLAKE2b hash of `./response` is:
7b55c0f5 68a8b4df 2ca14085 2e816df2
b9a2dafe 50b2c5e2 5e6c9b6a df239de0
223a9866 aba481a8 436fbd42 04a2c48a
43725d94 2de47b23 c10c5e87 38fd6467

The main feature of this contribution is that it was computed with an
independent implementation of Powers of Tau.

My implementation, which I am open sourcing now at [1], was not public at the
time of computation. It is written in Go, shares no code with the main Rust
implementation, and uses the RELIC library for BLS12-381. The only detail that
was copied verbatim from the Rust codebase is the value of the curve
coefficient, but that's being resolved at [2]. The Zcash Company sponsored
this effort, but it was proposed and conducted by me independently.

The computation was simply performed on my main MacBook Pro, where the code
was developed. The laptop was rebooted after the computation and before
re-enabling Wi-Fi and reopening the browser. The git hash of the codebase was
26a0231c674ec6043ef77997d33d94787c55634a, the Go version 1.9.2, extra entropy
was fed to /dev/random before starting.

The full terminal transcript follows below.

This attestation is signed with a minisign/signify key published at [3].

[1] https://github.com/FiloSottile/powersoftau
[2] https://github.com/relic-toolkit/relic/issues/64
[3] https://twitter.com/FiloSottile/status/956325095013863425

---

➜  powersoftau alias download
download='aria2c --check-certificate=true --http-accept-gzip=true -s 16 -k 5M 
-x 4 -j 16'
➜  powersoftau download 
https://s3-us-west-2.amazonaws.com/powersoftau/UPK2HSUb3XsjWDcyXkiAALsCyCNmIpwl/challenge

01/24 16:04:29 [NOTICE] Downloading 1 item(s)
[#430007 0B/0B CN:1 DL:0B]
01/24 16:04:31 [NOTICE] Allocating disk space. Use --file-allocation=none to 
disable it. See --file-allocation option in man page for more details.
 *** Download Progress Summary as of Wed Jan 24 16:05:30 2018 ***
=
[#430007 69MiB/1.1GiB(6%) CN:4 DL:1.1MiB ETA:15m7s]
FILE: /Users/filippo/tmp/powersoftau/challenge
-

 *** Download Progress Summary as of Wed Jan 24 16:06:31 2018 ***
=
[#430007 139MiB/1.1GiB(12%) CN:4 DL:1.2MiB ETA:13m46s]
FILE: /Users/filippo/tmp/powersoftau/challenge
-

 *** Download Progress Summary as of Wed Jan 24 16:07:31 2018 ***
=
[#430007 212MiB/1.1GiB(18%) CN:4 DL:1.2MiB ETA:12m9s]
FILE: /Users/filippo/tmp/powersoftau/challenge
-

 *** Download Progress Summary as of Wed Jan 24 16:08:32 2018 ***
=
[#430007 

Re: [zapps-wg] Powers of Tau

[Andrew Miller via zapps-wg]

booted from a
> USB drive with Ubuntu 16.04. The hard drives and wifi were disabled in
> software, but were *not* removed due to the difficulty in unscrewing
> the laptop.
>
> To reduce the risk of side channel attacks, we performed our
> contribution to the ceremony while airborne in Ryan's Piper
> Cherokee. Ryan and Andrew were the only occupants in the aircraft. No
> mobile phones were powered on during the flight. The only mobile
> device in use was an iPad 2, with cellular and WiFi disabled but
> Bluetooth and GPS enabled, running ForeFlight electronic flight bag
> software. We departed on a VFR flight from Waukegan airport (KUGN),
> located in Illinois, near the Wisconsin border. Once we reached 3,000
> feet AMSL, Ryan performed a 360 degree steep turn to assure ourselves
> that no aircraft or drones were following us. We set up the Geiger
> counter RNG and laptop and began the computation. During this time, we
> made occasional random turns, flying over northern Illinois and
> southern Wisconsin while remaining outside the O'Hare Class B
> airspace, until the compute finished. We observed no suspicious
> aircraft attempting to follow us. The total compute time took around
> 30 minutes. We then flew to Schaumburg Airport (06C) where we uploaded
> the response file at Pilot Pete's restaurant. We made a return flight
> to Waukegan later that afternoon.
>
> Pictures from the trip:
>
> https://twitter.com/RyanPierce_Chi/status/954776352225398784
> https://twitter.com/RyanPierce_Chi/status/954777461782470656
> https://twitter.com/RyanPierce_Chi/status/954779454961745921
> https://twitter.com/RyanPierce_Chi/status/954854952396050432
> https://twitter.com/RyanPierce_Chi/status/954908555873849344
> https://twitter.com/RyanPierce_Chi/status/954855811951550464
>
> We’re also currently producing a short video about our trip, which we
> plan to publish to Youtube and notify the zapps-wg mailing list.
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v1
>
> iQIcBAEBAgAGBQJaZisvAAoJEFvUyhfk+7ICLOYQAIX7+nSe6CRVKFuwkjHYXJyu
> Ll5G+X9+Kjrhq0RYXmjix50pEgkpEZhTzKnPxo4tNiiaRc34waKpCAFZpn2Yfpq5
> 8o3R3rTDjYlGcMVyWciipUvbtzxfxrs5GRXknTGhtLvhljZM+fq09O4raPn+oj5Y
> tDiFKAO0tKx5wXqlg8diM5AxUfveX6Kov0844ctV+7rP6OYOgCEjqD/o/vM0kVUR
> R5wvh7dqY2VHvh7LYAjUSOwbQ4M+3LCw9fK0dAZrXqT9Yn5DquGYKj39QsHJoJ9R
> 4uoDb6ltPJuZDCJ0wBKHiyfMr3++UKTDj6dRkHF2OD7aBk4jPZUC6YCC5zgQFPxL
> MrBv137EBijmtu4uFfT2YM7SJkKa+AGXnhzsIdFKy5U4Ahqa7meA9sDdAHdOgR9W
> RVq9wuO3OnL12Oj53N/PEVtxgmWxHVZfIKP5EPihhSklWC6RU8XVgV4OlfGkkYkA
> YyrYNGjSTDI6YXVNXl4uKttzVg965tSt5+83HhuEFepR3+HFgmXz+suYa53J8rxX
> njESFI0qV7j7VzLnwthAjV5u0ZAY0y9vOTnMB1nLwVZEKl/g3/WNZhDes9xuyYqV
> fAXjVfM2YQ2mQui9U60g0XfSgnO/tnLVG8Fsiv3Jy2yx5baZect8nl3wX6qyWAiM
> d/vM2xKNhdf49qfltNQn
> =rmAp
> -END PGP SIGNATURE-
>
> On Sat, Jan 20, 2018 at 12:08 PM, Miller, Andrew via zapps-wg <
> zapps...@lists.z.cash.foundation> wrote:
>
>> Here's our response, should be done uploading to s3 in a moment.
>> 9af2153b5d0f96689f79049337de1fb328873f5f771adef1adf0486e4904
>> b28d96fe602c8866f42e8047ce3bdafe2f9e73c7d2cd1b0c023d3831a46242bd6fc9
>>
>> Long story short:
>> - Contributor: Ryan Pierce and Andrew Miller
>> - Isolation: 3,000 feet above ground in a Piper Cherokee
>> - Entropy source: geiger counter and a Chernobyl reactor graphite sample
>> Entertaining writeup and video to follow! (Note: all appropriate aviation
>> and radiation regulations were followed to a tee)
>>
>> --
>> Andrew Miller
>> University of Illinois at Urbana-Champaign
>> 
>> From: Sean Bowe [s...@z.cash]
>> Sent: Wednesday, January 17, 2018 10:22 PM
>> To: Miller, Andrew
>> Cc: Zapps wg
>> Subject: Re: [zapps-wg] Powers of Tau
>>
>> It does interfere with someone, but we could make it work Saturday
>> morning if you don't expect it to take longer than the morning.
>>
>> Sean
>>
>> On Wed, Jan 17, 2018 at 9:18 PM, Andrew Miller via zapps-wg
>> <zapps...@lists.z.cash.foundation> wrote:
>> > Greetings everyone,
>> >I have a good one planned. But it's got a difficult time constraint.
>> I
>> > need to go this coming Saturday morning. Hopefully it won't interfere
>> with
>> > the batting order much if I ask for priority! Thanks,
>>
>
>
>
> --
> Andrew Miller
> University of Illinois at Urbana-Champaign
>



-- 
Andrew Miller
University of Illinois at Urbana-Champaign

Re: [zapps-wg] Powers of Tau

[Andrew Miller via zapps-wg]

urn to assure ourselves
that no aircraft or drones were following us. We set up the Geiger
counter RNG and laptop and began the computation. During this time, we
made occasional random turns, flying over northern Illinois and
southern Wisconsin while remaining outside the O'Hare Class B
airspace, until the compute finished. We observed no suspicious
aircraft attempting to follow us. The total compute time took around
30 minutes. We then flew to Schaumburg Airport (06C) where we uploaded
the response file at Pilot Pete's restaurant. We made a return flight
to Waukegan later that afternoon.

Pictures from the trip:

https://twitter.com/RyanPierce_Chi/status/954776352225398784
https://twitter.com/RyanPierce_Chi/status/954777461782470656
https://twitter.com/RyanPierce_Chi/status/954779454961745921
https://twitter.com/RyanPierce_Chi/status/954854952396050432
https://twitter.com/RyanPierce_Chi/status/954908555873849344
https://twitter.com/RyanPierce_Chi/status/954855811951550464

We’re also currently producing a short video about our trip, which we
plan to publish to Youtube and notify the zapps-wg mailing list.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQIcBAEBAgAGBQJaZisvAAoJEFvUyhfk+7ICLOYQAIX7+nSe6CRVKFuwkjHYXJyu
Ll5G+X9+Kjrhq0RYXmjix50pEgkpEZhTzKnPxo4tNiiaRc34waKpCAFZpn2Yfpq5
8o3R3rTDjYlGcMVyWciipUvbtzxfxrs5GRXknTGhtLvhljZM+fq09O4raPn+oj5Y
tDiFKAO0tKx5wXqlg8diM5AxUfveX6Kov0844ctV+7rP6OYOgCEjqD/o/vM0kVUR
R5wvh7dqY2VHvh7LYAjUSOwbQ4M+3LCw9fK0dAZrXqT9Yn5DquGYKj39QsHJoJ9R
4uoDb6ltPJuZDCJ0wBKHiyfMr3++UKTDj6dRkHF2OD7aBk4jPZUC6YCC5zgQFPxL
MrBv137EBijmtu4uFfT2YM7SJkKa+AGXnhzsIdFKy5U4Ahqa7meA9sDdAHdOgR9W
RVq9wuO3OnL12Oj53N/PEVtxgmWxHVZfIKP5EPihhSklWC6RU8XVgV4OlfGkkYkA
YyrYNGjSTDI6YXVNXl4uKttzVg965tSt5+83HhuEFepR3+HFgmXz+suYa53J8rxX
njESFI0qV7j7VzLnwthAjV5u0ZAY0y9vOTnMB1nLwVZEKl/g3/WNZhDes9xuyYqV
fAXjVfM2YQ2mQui9U60g0XfSgnO/tnLVG8Fsiv3Jy2yx5baZect8nl3wX6qyWAiM
d/vM2xKNhdf49qfltNQn
=rmAp
-END PGP SIGNATURE-

On Sat, Jan 20, 2018 at 12:08 PM, Miller, Andrew via zapps-wg <
zapps...@lists.z.cash.foundation> wrote:

> Here's our response, should be done uploading to s3 in a moment.
> 9af2153b5d0f96689f79049337de1fb328873f5f771adef1adf0486e4904
> b28d96fe602c8866f42e8047ce3bdafe2f9e73c7d2cd1b0c023d3831a46242bd6fc9
>
> Long story short:
> - Contributor: Ryan Pierce and Andrew Miller
> - Isolation: 3,000 feet above ground in a Piper Cherokee
> - Entropy source: geiger counter and a Chernobyl reactor graphite sample
> Entertaining writeup and video to follow! (Note: all appropriate aviation
> and radiation regulations were followed to a tee)
>
> --
> Andrew Miller
> University of Illinois at Urbana-Champaign
> 
> From: Sean Bowe [s...@z.cash]
> Sent: Wednesday, January 17, 2018 10:22 PM
> To: Miller, Andrew
> Cc: Zapps wg
> Subject: Re: [zapps-wg] Powers of Tau
>
> It does interfere with someone, but we could make it work Saturday
> morning if you don't expect it to take longer than the morning.
>
> Sean
>
> On Wed, Jan 17, 2018 at 9:18 PM, Andrew Miller via zapps-wg
> <zapps...@lists.z.cash.foundation> wrote:
> > Greetings everyone,
> >I have a good one planned. But it's got a difficult time constraint. I
> > need to go this coming Saturday morning. Hopefully it won't interfere
> with
> > the batting order much if I ask for priority! Thanks,
>



-- 
Andrew Miller
University of Illinois at Urbana-Champaign
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Powers of Tau Operational writeup
=
 
Round: 41
Principals: Ryan Pierce and Andrew Miller
Date: 2018-01-20
Location: North Illinois and Southern Wisconsin
Altitude: 3,000' AMSL / approx. 2200' AGL
Commit version: 9e1553c437183540392a7231d0788318a19b18a3
SHA256 of ./compute: 
922b2e0a59841ecdaba7b4953d8c67e62b74b8f52f968624cff664dc086da93a
SHA256 of challenge file: 
c48fbf0a267ea9a9596c09aaf91f6acc18b48430e9239c18de583055b32d503d
 
blake2sum of response:
8a5a9bcb a9c3ab76 c7e3a881 2ccd01e6
9af2153b 5d0f9668 9f790493 37de1fb3
28873f5f 771adef1 adf0486e 4904b28d
96fe602c 8866f42e 8047ce3b dafe2f9e
73c7d2cd 1b0c023d 3831a462 42bd6fc9
 
 
Preparation steps
=
 
As we know, Powers of Tau is all about generating and safely disposing
of cryptographic "toxic waste." So, what better way to generate
entropy than with actual radioactive toxic waste?

For our contribution, the entropy source was a hardware-based random
number generator utilizing a Geiger tube and a radioactive source,
constructed and programmed by Ryan Pierce. It was based off of the
MightyOhm Geiger Counter kit, available for purchase at
http://mightyohm.com/geiger

The radioactive source chosen was a very small, low activity sample of
the graphite moderator ejected from the core of the Chernobyl Unit 4
nuclear reactor during the 1986 explosion and meltdown. The primary
a

Re: [zapps-wg] Powers of Tau Attestation

[Bastien Teinturier via zapps-wg]

Thanks for the explanation Sean.
Indeed it's better to hide it then for next participants, good catch Daira!

On Mon, Jan 22, 2018 at 12:56 PM, Sean Bowe  wrote:

> There are potentially few useful entropy sources on an isolated system
> with its peripherals removed that has just booted (for example), so a cat
> walking across the keyboard can be used to strengthen the randomness at
> little cost. It's mostly defense-in-depth.
>
> Sean
>
> On Mon, Jan 22, 2018 at 1:59 AM, Bastien Teinturier via zapps-wg <
> zapps...@lists.z.cash.foundation> wrote:
>
>> It's a good point, and I was wondering why this "manual input" entropy is
>> needed.
>> I don't understand what it adds to the entropy implicitly grabbed from
>> the system by the executable.
>> If we assume that an adversary is able to monitor the system and
>> replicate the entropy of the random generator used in the code, that
>> adversary is probably able to grab the input to the process as well right?
>> I'm interested in learning more about why you felt it was necessary to
>> ask the user to provide some random input.
>>
>> Cheers,
>> Bastien
>>
>> On Sat, Jan 20, 2018 at 2:04 PM, Daira Hopwood via zapps-wg <
>> zapps...@lists.z.cash.foundation> wrote:
>>
>>> On 18/01/18 13:46, Bastien Teinturier via zapps-wg wrote:
>>> > Powers of Tau Attestation
>>>
>>> Notice that PowersOfTau_2.jpg leaks the additional entropy provided
>>> to the computation. That's ok, it uses operating system entropy as
>>> well; just noting that future participants might want to avoid that.
>>>
>>> --
>>> Daira Hopwood  ⚧Ⓐ
>>>
>>>
>>
>>
>> --
>>
>> [image: stratumn-logo.jpg]
>>
>>
>> Bastien Teinturier
>>
>> Senior Software Engineer
>>
>> Stratumn SAS, 1 bis Cité Paradis, 75010 Paris, France
>>
>> +33 6 28 57 71 59 <+33%206%2028%2057%2071%2059> • bast...@stratumn.com •
>> stratumn.com 
>>
>> We are hiring  • Read about us
>>  • Twitter 
>>
>
>


-- 

[image: stratumn-logo.jpg]


Bastien Teinturier

Senior Software Engineer

Stratumn SAS, 1 bis Cité Paradis, 75010 Paris, France

+33 6 28 57 71 59 • bast...@stratumn.com • stratumn.com


We are hiring  • Read about us
 • Twitter 

Re: [zapps-wg] Powers of Tau

[SuperKerem via zapps-wg]

This sounds excellent!

SuperKerem

On Sat, Jan 20, 2018 at 9:12 pm, Sean Bowe via zapps-wg 
<zapps...@lists.z.cash.foundation> wrote:

> Verified and added to transcript. Looking forward to additional info! Sean On 
> Sat, Jan 20, 2018 at 11:08 AM, Miller, Andrew wrote: > Here's our response, 
> should be done uploading to s3 in a moment. > 
> 9af2153b5d0f96689f79049337de1fb328873f5f771adef1adf0486e4904b28d96fe602c8866f42e8047ce3bdafe2f9e73c7d2cd1b0c023d3831a46242bd6fc9
>  > > Long story short: > - Contributor: Ryan Pierce and Andrew Miller > - 
> Isolation: 3,000 feet above ground in a Piper Cherokee > - Entropy source: 
> geiger counter and a Chernobyl reactor graphite sample > Entertaining writeup 
> and video to follow! (Note: all appropriate aviation and radiation 
> regulations were followed to a tee) > > -- > Andrew Miller > University of 
> Illinois at Urbana-Champaign >  > 
> From: Sean Bowe [s...@z.cash] > Sent: Wednesday, January 17, 2018 10:22 PM > 
> To: Miller, Andrew > Cc: Zapps wg > Subject: Re: [zapps-wg] Powers of Tau > > 
> It does interfere with someone, but we could make it work Saturday > morning 
> if you don't expect it to take longer than the morning. > > Sean > > On Wed, 
> Jan 17, 2018 at 9:18 PM, Andrew Miller via zapps-wg > wrote: >> Greetings 
> everyone, >> I have a good one planned. But it's got a difficult time 
> constraint. I >> need to go this coming Saturday morning. Hopefully it won't 
> interfere with >> the batting order much if I ask for priority! Thanks, 
> @lists.z.cash.foundation> @illinois.edu>

Re: [zapps-wg] Powers of Tau

[Sean Bowe via zapps-wg]

Verified and added to transcript. Looking forward to additional info!

Sean

On Sat, Jan 20, 2018 at 11:08 AM, Miller, Andrew <soc1...@illinois.edu> wrote:
> Here's our response, should be done uploading to s3 in a moment.
> 9af2153b5d0f96689f79049337de1fb328873f5f771adef1adf0486e4904b28d96fe602c8866f42e8047ce3bdafe2f9e73c7d2cd1b0c023d3831a46242bd6fc9
>
> Long story short:
> - Contributor: Ryan Pierce and Andrew Miller
> - Isolation: 3,000 feet above ground in a Piper Cherokee
> - Entropy source: geiger counter and a Chernobyl reactor graphite sample
> Entertaining writeup and video to follow! (Note: all appropriate aviation and 
> radiation regulations were followed to a tee)
>
> --
> Andrew Miller
> University of Illinois at Urbana-Champaign
> 
> From: Sean Bowe [s...@z.cash]
> Sent: Wednesday, January 17, 2018 10:22 PM
> To: Miller, Andrew
> Cc: Zapps wg
> Subject: Re: [zapps-wg] Powers of Tau
>
> It does interfere with someone, but we could make it work Saturday
> morning if you don't expect it to take longer than the morning.
>
> Sean
>
> On Wed, Jan 17, 2018 at 9:18 PM, Andrew Miller via zapps-wg
> <zapps...@lists.z.cash.foundation> wrote:
>> Greetings everyone,
>>I have a good one planned. But it's got a difficult time constraint. I
>> need to go this coming Saturday morning. Hopefully it won't interfere with
>> the batting order much if I ask for priority! Thanks,

Re: [zapps-wg] Powers of Tau

[Miller, Andrew via zapps-wg]

Here's our response, should be done uploading to s3 in a moment.
9af2153b5d0f96689f79049337de1fb328873f5f771adef1adf0486e4904b28d96fe602c8866f42e8047ce3bdafe2f9e73c7d2cd1b0c023d3831a46242bd6fc9

Long story short:
- Contributor: Ryan Pierce and Andrew Miller
- Isolation: 3,000 feet above ground in a Piper Cherokee
- Entropy source: geiger counter and a Chernobyl reactor graphite sample
Entertaining writeup and video to follow! (Note: all appropriate aviation and 
radiation regulations were followed to a tee)

--
Andrew Miller
University of Illinois at Urbana-Champaign

From: Sean Bowe [s...@z.cash]
Sent: Wednesday, January 17, 2018 10:22 PM
To: Miller, Andrew
Cc: Zapps wg
Subject: Re: [zapps-wg] Powers of Tau

It does interfere with someone, but we could make it work Saturday
morning if you don't expect it to take longer than the morning.

Sean

On Wed, Jan 17, 2018 at 9:18 PM, Andrew Miller via zapps-wg
<zapps...@lists.z.cash.foundation> wrote:
> Greetings everyone,
>I have a good one planned. But it's got a difficult time constraint. I
> need to go this coming Saturday morning. Hopefully it won't interfere with
> the batting order much if I ask for priority! Thanks,

Re: [zapps-wg] Powers of Tau Attestation

[Daira Hopwood via zapps-wg]

On 18/01/18 13:46, Bastien Teinturier via zapps-wg wrote:
> Powers of Tau Attestation

Notice that PowersOfTau_2.jpg leaks the additional entropy provided
to the computation. That's ok, it uses operating system entropy as
well; just noting that future participants might want to avoid that.

-- 
Daira Hopwood  ⚧Ⓐ



signature.asc
Description: OpenPGP digital signature

Re: [zapps-wg] Powers of Tau participation request

[Sean Bowe via zapps-wg]

Sounds good! I'll be in touch.

Sean

On Thu, Jan 18, 2018 at 12:47 AM, Gabe Ortiz via zapps-wg
 wrote:
> Hi, I’d like to participate. I can go anytime next week between 9am and 5pm
> MST.
>
> -Gabe

Re: [zapps-wg] Powers of Tau Attestation

[Sean Bowe via zapps-wg]

This is great! I've entered it into the transcript. Thanks!

Sean

On Thu, Jan 18, 2018 at 6:46 AM, Bastien Teinturier via zapps-wg <
zapps...@lists.z.cash.foundation> wrote:

> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Powers of Tau Attestation
> 
>
> Date: 2018-1-18
> Name: Bastien Teinturier
> Location: Paris, France
>
> Response hash:
> e4dafd1b 0fa438a2 b313d66c c9566a0a
> be6d7abe 76252eeb 7d294028 770f830d
> e8670f14 5ed8c8af 4e5c3476 f591d0c7
> bfd58ddd 36dd7c4d 311d1358 420d551f
>
> Posted on Github:
> https://gist.github.com/t-bast/7cddb36d8f583e48f60c3cc76aa679ed
>
> Process
> 
>
> Dell Precision Tower 3420
> UBUNTU 14.04.5 Desktop (Trusty)
> Rust v1.23.0 (766bd11c8 2018-01-01)
> powersoftau (github.com/ebfull/powersoftau commit
> d47a1d3d1f007063cbcc35f1ab902601a8b3bd91)
> VirtualBox 5.2.6
> Kali Linux 64-bit 2017.3 live run
>
> At first I wanted to make a Rump unikernel to run this directly on Xen,
> QEMU or KVM, but I didn't take enough time to prepare.
> But I think it could be a fun experiment for another participant if
> someone is interested.
>
> So instead I did this on an Ubuntu desktop.
> I created a Kali Linux VM in VirtualBox that I booted in "live run" mode.
> I didn't share volumes between the VM and the host.
> I installed the rust toolchain on it and built the github repository.
>
> Then I turned the network card off, wrapped the desktop tower in tin foil
> and ran the computation.
> I left a wireshark running on the host OS and saw only failing legit DNS
> and ICMP packets.
> At the end of the computation, I put the network back on to upload the
> response while monitoring wireshark traffic.
> I didn't notice anything unusual, so once the file was uploaded I turned
> the network card off again and deleted the VM.
> I turned off the PC, unplugged all cables to let it discharge and rebooted.
>
> I would have loved to destroy my PC Mr Robot style, but I really do need
> it :).
>
>
> -BEGIN PGP SIGNATURE-
>
> wsFcBAEBCAAQBQJaYKOjCRC+XTQq02jBOgAALykQAEXkra5nOARp93xRItriB0p/
> TdWa+n7CL48Azm/Gjd5Hg3xlxyVvCT6s6Bw5Jk2/1+OzgFDpntYeehZsgxgLf/ie
> 16gVSG58bLrd1hUUmdsRFp96HkjRL5zT4jQhJiYfNUTrRk4ni2XzIydU6HXC94JZ
> IKvkX7mXgYkQ5LO0ue3Omhtqo7H4zY8qRLsN48EqwR/FA7gcS/KxJJdVwxwokwHo
> xkjAeE0vIzaXbUmOkyGPIU1eVJQVbiQZI6kdIivf+r7cOuo3kmFGBVKYTSY9TQNA
> lBUu0CffoIJI4j6fen5ujIp5uH5vvm8NZ2Z5GI6odo9KQm3eghpFBXgv4pFgOmcl
> 4k9SzxarmnKSJC/BLRhcvUkFImDz1zgZ1T8QGkZkrwyVzC9nvR1wTqS05kuBD0f8
> 3M7u28gUdccxOiKDkWWhg94PynS0VuZ/mdn7cRFB1wYszcjUYuwooFZb1SRDssfQ
> t5I38D6f16r6x9jWMgbGEql2fVvRsVI3dDp1NIakZwpWjD5cinxG3pCrDoYwNPli
> PnmUzf1u4lj211DVA/LWhQkrrrnWHWzxojSLkqzNgQzzYj9uRtcCIb7ifIti3rdI
> hkwcu1FhmJpaiFZbSc2dnSym+edMINRif68d1IKomLcd2e4wfQtLUs7lgOQbu7Th
> OPGA4WGhAJsvfiUQn0Lb
> =j6c/
> -END PGP SIGNATURE-
>
> [image: stratumn-logo.jpg]
>
>
> Bastien Teinturier
>
> Senior Software Engineer
>
> Stratumn SAS, 1 bis Cité Paradis, 75010 Paris, France
>
> +33 6 28 57 71 59 <+33%206%2028%2057%2071%2059> • bast...@stratumn.com •
> stratumn.com 
>
> We are hiring  • Read about us
>  • Twitter 
>

Re: [zapps-wg] Powers of Tau

[Sean Bowe via zapps-wg]

It does interfere with someone, but we could make it work Saturday
morning if you don't expect it to take longer than the morning.

Sean

On Wed, Jan 17, 2018 at 9:18 PM, Andrew Miller via zapps-wg
 wrote:
> Greetings everyone,
>I have a good one planned. But it's got a difficult time constraint. I
> need to go this coming Saturday morning. Hopefully it won't interfere with
> the batting order much if I ask for priority! Thanks,

Re: [zapps-wg] Powers of Tau Round 38 Attestation

[Sean Bowe via zapps-wg]

Thank you! Another fun attestation. :)

Sean

On Wed, Jan 17, 2018 at 7:47 PM, Ryan Close via zapps-wg
 wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> Powers of Tau Attestation
> =
>
> Round: 38
> Date: 2018-1-17
> Name: Ryan Close
> Location: Florida, US
>
> Challenge:
> a58bcc60b15a6cd3d69fa7ef87b4f9d2f9be6eb2d470f66e0dadc8058a14c8ca18efaa1ca69346865d3f83bbc9fe1320e5c16f3580567963a206d337377a82ea
> Response:
> c63d895327712427bb14295d7935af4cb79bbdf9b84411684b9cd3292750f63261f3a874ec160e070cdd98bcdd2b1dd21cf20f937fb486c0ac1cab12bb3a0046
> (tweeted: https://twitter.com/closerm/status/953816452997500929 )
>
> Process
> ===
>
> UBUNTU 16.04.3 Desktop (x2)
> Rust v1.23.0 (766bd11c8 2018-01-01)
> powersoftau (github.com/ebfull/powersoftau commit
> d47a1d3d1f007063cbcc35f1ab902601a8b3bd91)
>
> I began by installing ubuntu-16.04.3-desktop-amd64.iso to a brand new
> formatted USB thumbdrive. The drive was encrypted (cryptsetup).
> I booted from this drive in VirtualBox, allowing me to update the OS,
> install the rust toolchain, and clone the needed git repository.
> The VM was shutdown, and the thumbdrive was removed to be used with an
> offline machine (no wifi, disconnected ethernet) that has no other physical
> drives.
>
> The above was performed twice, and moved to two seperate offline machines.
>
> Prior to attaching the Ubuntu OS thumbdrives to either stand-alone machine,
> each machines was booted with a live image and memtest was run.
>
> The provided challenge file was downloaded and placed on a second new and
> newly formatted thumbdrive and moved to the disconnected computer(s).
>
> For each compute node, extra entropy was introduced by letting my kids type
> at the keyboard until they felt good and satisfied, or until one of them
> accidently hit [enter].
>
> When complete, each node was verified (via verify_transform), results copied
> to the thumbdrive. Dice (and kids) were then used to choose which payload to
> report, and the result was uploaded.
>
> All 3 thumbdrives have since been securely erased, reformatted, and
> intermixed with a stash of several other similar and empty drives.
>
> Driveless stand-alone machines have since been booted and memtest run, and
> will eventually be brought back onto the network.
>
>
>
> Side Note
> 
>
> Attempts were made to use additional hardware, OS, and software
> configurations.
>
> Raspberry Pi3 nodes were tested to see if they could be used, but do not
> have enough RAM to complete the compute job.
> PINE64 nodes were tested to see if they could be used, and while they faired
> much better than the Raspberry Pi's, they ultimately failed to complete the
> compute job aswell.
>
>
> -BEGIN PGP SIGNATURE-
> Version: Keybase OpenPGP v2.0.76
> Comment: https://keybase.io/crypto
>
> wsFcBAABCgAGBQJaYAmKAAoJEIKOoktVTw1jxVkP/iKfNVYlHGzZLVzjzlRqwi+U
> pedJjROB5LhWRXq4cPB1CfWOkVyzvljOEdgDuzzwN8Ar+QFoQnd8YpanGx8ysWVR
> UHZrMMlfQq/V/pI76DEsxXYNhuh/hs95TSnf7DaZtGPizYXE2nJrWQBl7tiZ8FyQ
> RYcIiK4sPaHnFwKTpFqy9fzetPG5hdvNb/cTYpucyHyflZbiqchOW7o8WFGK7jr/
> 3tTnPDL6L5ywknre4CJ8iWDL+nOYTfhSSjNTjWVvGE0VeM/RfxtBcBDbt9YpNLRj
> IZ9o0JJDEV/wDVI/BDCg3IMKzMrGTirN9edCv1Iyem6cj5lOlFZHqHby/kLTXqWH
> sdk6aowVxR2AyVJY85vWfD0bcAexb2hEWxXLrzxUGX7bSDzE4g6lLT3KtvIlRRIY
> gaSqVPwZ2puKZVXEz2op8573lhZ1LSBHw9UFWgXvZAE+3ob3+/vFXp425h4/Zvd2
> 8cTkVWpKUo1GijIoJWysuOc4gouO6oav055ix7GfXCLQ6kYeKwLmS7iDvUK7yIm1
> kBnCiVvY8kGdfm1TQAYucH/HVmfVmuoMmI37G7yEKFFEB/XDwdK2ynoo+sbr+ZZL
> 7Qd1FpAbBpl+YXFnOYXP3TDrXQ8X1kk5YoCQwzAsPS5a/TTaVJyk7e2nPDZverP2
> hDYsjfVq5oaE+tYLCeiR
> =2Par
> -END PGP SIGNATURE-
>

Re: [zapps-wg] Powers of Tau participation

[Sean Bowe via zapps-wg]

Cool, we'll get you in likely early next month then.

Sean

On Wed, Jan 17, 2018 at 6:22 PM, Jan Jancar via zapps-wg
 wrote:
> Hi all,
> I would like to participate in the Powers of Tau ceremony. I have a
> compute node ready, am in the UTC +2 timezone, and generally available
> until the 22.01.2018 and then from 01.02.2018.
>
> Cheers,
> --
> Jan
> __
>/\  # PGP: 362056ADA8F2F4E421565EF87F4A448FE68F329D
>   /__\  # https://neuromancer.sk
>  /\  /\  # Eastern Seaboard Phishing Authority
> /__\/__\  #
>

Re: [zapps-wg] Powers of Tau Contribution

[Sean Bowe via zapps-wg]

I added this to the transcript, thank you! :)

Sean

On Mon, Jan 8, 2018 at 11:09 AM, James Prestwich via zapps-wg
 wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> I've finshed running the powers of tau contriubtion, and uploaded the
> response.
>
> $ sha256sum challenge
> 85a1f6af395e10eab667edca18272b7c30d8b57da1fe2bd1cba2eeae66757c4b
>
> The BLAKE2b hash of `./response` is:
>   829a70f6 d8107c88 f20bd02a b130d598
>   091cc1fc bc4a826c ed7f5889 067bdb8e
>   4bef3e38 94fd532c d7a242a4 3900468f
>   d6fb72b5 48cc45bc b330adbf 800e3383
>
> I modified compute.rs to use a different CSPRNG and source of entropy.
> -BEGIN PGP SIGNATURE-
> Version: Mailvelope v2.1.1
> Comment: https://www.mailvelope.com
>
> wsFcBAEBCAAQBQJaU7LUCRBRngEKeQKMzAAA1awP/1ZLC8V+bBB5T+CVENRB
> 8Vc3BjxU7+mtXhpMju6We4zH0nPvcVhYKlT2dsFHz6hGe1rZlBnXn+EQUipl
> Qm5w61j2FYdI9XcbJK0t5mVredocdJ6KPRRWakaTb+KQKGQG8ttk1vusOJqr
> mNBvj4qvdN2eBzVBBVQsaK+Gn5yRRylNaoqShJR1+mWrV6iNoSPPWIsh7jaJ
> OtVk36qMho/WcMZwc4rdy0OqzyVW6znN4Q772Rr+wsxol9OMSa3n5hYRd++Q
> 4/q1r36eJh2hbuPpYJCg50ptb/Lwn7yTyTSIc7uRlvtCz9QjmgQ0Yu7qV9TL
> kDq3yoL9p6A3kBulAPX11D/G8kf+nF2ACemleiLmHuJn2dhHo0RxbCQRfACt
> YQIiCCtk1hpz8AbFzCu7LRBWJfbh4hOKokQNJ6KlRAIuMrsvPt1ASbKFtH+t
> RzHkkTf6Gp1wP1Q9It9RVDmCjVPKe1z1jx7a2/12Zd7cXlI6le33sQwtSkzq
> EcbIKR+EJXmKOg6VwLcSus+VKSohAv25g1s3WzQQi6FRNdgD8JZGU1TVY9VF
> PPs6zpULeV+EYp58VA+SpL+eoufuaKH92niNVuPC+ctqGTX5w3QzD6T1Y9gA
> rQbt53Ilh1GsNlk55UYXaaKxzAJlGvC77Lr7oRU38g/z9nsfeeG5oa+cygl2
> voA5
> =+lmK
> -END PGP SIGNATURE-

Re: [zapps-wg] Powers of Tau participation + zk proof question

[James Prestwich via zapps-wg]

10-20s proving time is more than fast enough for me.

I'm going to dig through the gadgetlibs to get a feel for what it'd take to
implement this, but it's been a long time since my last algebra class.

On Wed, Jan 3, 2018 at 3:06 PM Andrew Miller  wrote:

> Yeah! It's 2018 and we still don't have a libsnark gadget for
> verifying major cryptocurrency signatures? What gives?
>
> Call me old fashioned #slowcrypto but even with 10-20s proving time it
> could still be useful for things.
>
> On Wed, Jan 3, 2018 at 4:01 PM, James Prestwich  wrote:
> > This is about the point where my math and libsnark knowledge runs out :)
> >
> > My usecase is specifically cryptocurrency related, so I'm mostly
> interested
> > in curves that are used by cryptocurrency signature algorithms. E.g.
> > secp256k1 (Bitcoin and its kids), ed25519 (Sia, Stellar, and a few
> others).
> > Jubjub is definitely on the list once sapling is closer to deployment.
> After
> > a bit of consideration, ed25519 would probably be the most interesting at
> > first.
> >
> > On Wed, Jan 3, 2018 at 2:33 PM Sean Bowe  wrote:
> >>
> >> I believe those gadgets are specifically for curves where the scalar
> >> field is the base field of the curve you're working with, so they
> >> probably wouldn't be that useful for arbitrary fields. Most of the
> >> complexity here is the bignum arithmetic inside the circuit, though.
> >>
> >> > Is there any more clever way to do this than just providing splitting
> >> > into bits to implement modular arithmetic in a different field?
> >>
> >> Not that I know of. I explored the feasibility of this kind of stuff
> >> in the past and concluded each point addition would be around the cost
> >> of a SHA256 invocation. You can minimize the number of additions using
> >> window tables. The best approach seemed to be giant window tables
> >> queried with merkle tree lookups using something like MiMC. The
> >> additions are most efficient when working with affine formulas
> >> (inversions can be witnessed as efficiently as multiplications). You
> >> may be able to get this down to 2^20 constraints for ~256-bit scalars,
> >> which might be around 10-20 second proving time.
> >>
> >> Sean
> >>
> >> On Wed, Jan 3, 2018 at 1:36 PM, Andrew Miller 
> >> wrote:
> >> > Suppose one did want to build a secp256k1 gadget. I notice that
> libsnark
> >> > already provides a general gadget for  weierstrass form elliptic
> curves,
> >> > parameterized by a field. So all we'd have to do is define the
> secp256k1
> >> > operations in the alt_bn128 or in bls12 fields. Is there any more
> clever
> >> > way
> >> > to do this than just providing splitting into bits to implement
> modular
> >> > arithmetic in a different field?
> >> >
> >> > On Jan 3, 2018 2:11 PM, "Sean Bowe"  wrote:
> >> >>
> >> >> If any curve is acceptable, I would encourage Jubjub, which we'll be
> >> >> using for the next version of Zcash. In which case you will be able
> to
> >> >> leverage our Sapling crypto code once it is more mature over the next
> >> >> month or so. https://github.com/zcash-hackworks/sapling-crypto
> >> >>
> >> >> Sean
> >> >>
> >> >> On Wed, Jan 3, 2018 at 1:02 PM, James Prestwich via zapps-wg
> >> >>  wrote:
> >> >> > I'd prefer sha256 or bitcoin-style hash160. I'm interested in a few
> >> >> > different curves, including secp256k1. Eventually for EdDSA keys as
> >> >> > well. Is
> >> >> > there a list of supported curve operations?
> >> >> >
> >> >> > On Wed, Jan 3, 2018 at 12:57 PM Andrew Miller <
> soc1...@illinois.edu>
> >> >> > wrote:
> >> >> >>
> >> >> >> Thank you so much for expressing your question in
> Camenisch-Stadler
> >> >> >> notation! That makes it very clear what you're going for.
> >> >> >>
> >> >> >> What hash function H do you have in mind, would SHA2 work? Also
> what
> >> >> >> group
> >> >> >> G do you have in mind, secp256k1?
> >> >> >>
> >> >> >> If so, I do not know of any existing implementation of secp256k1
> >> >> >> operations specifically in libsnark, so that would presumably be
> the
> >> >> >> biggest
> >> >> >> challenge.
> >> >> >>
> >> >> >>
> >> >> >> On Jan 3, 2018 1:47 PM, "James Prestwich via zapps-wg"
> >> >> >>  wrote:
> >> >> >>
> >> >> >> I'd like to participate in the setup ceremony.
> >> >> >>
> >> >> >> I also have an app I'd like to build using a zk-proof of knowledge
> >> >> >> of
> >> >> >> an
> >> >> >> ECC private key. {(a) : A = a * G, B = H(a)}. Can anyone point me
> to
> >> >> >> good
> >> >> >> resources on getting started?
> >> >> >>
> >> >> >>
> >> >> >
>
>
>
> --
> Andrew Miller
> University of Illinois at Urbana-Champaign
>

Re: [zapps-wg] Powers of Tau participation + zk proof question

[James Prestwich via zapps-wg]

This is about the point where my math and libsnark knowledge runs out :)

My usecase is specifically cryptocurrency related, so I'm mostly interested
in curves that are used by cryptocurrency signature algorithms. E.g.
secp256k1 (Bitcoin and its kids), ed25519 (Sia, Stellar, and a few others).
Jubjub is definitely on the list once sapling is closer to deployment.
After a bit of consideration, ed25519 would probably be the most
interesting at first.

On Wed, Jan 3, 2018 at 2:33 PM Sean Bowe  wrote:

> I believe those gadgets are specifically for curves where the scalar
> field is the base field of the curve you're working with, so they
> probably wouldn't be that useful for arbitrary fields. Most of the
> complexity here is the bignum arithmetic inside the circuit, though.
>
> > Is there any more clever way to do this than just providing splitting
> into bits to implement modular arithmetic in a different field?
>
> Not that I know of. I explored the feasibility of this kind of stuff
> in the past and concluded each point addition would be around the cost
> of a SHA256 invocation. You can minimize the number of additions using
> window tables. The best approach seemed to be giant window tables
> queried with merkle tree lookups using something like MiMC. The
> additions are most efficient when working with affine formulas
> (inversions can be witnessed as efficiently as multiplications). You
> may be able to get this down to 2^20 constraints for ~256-bit scalars,
> which might be around 10-20 second proving time.
>
> Sean
>
> On Wed, Jan 3, 2018 at 1:36 PM, Andrew Miller 
> wrote:
> > Suppose one did want to build a secp256k1 gadget. I notice that libsnark
> > already provides a general gadget for  weierstrass form elliptic curves,
> > parameterized by a field. So all we'd have to do is define the secp256k1
> > operations in the alt_bn128 or in bls12 fields. Is there any more clever
> way
> > to do this than just providing splitting into bits to implement modular
> > arithmetic in a different field?
> >
> > On Jan 3, 2018 2:11 PM, "Sean Bowe"  wrote:
> >>
> >> If any curve is acceptable, I would encourage Jubjub, which we'll be
> >> using for the next version of Zcash. In which case you will be able to
> >> leverage our Sapling crypto code once it is more mature over the next
> >> month or so. https://github.com/zcash-hackworks/sapling-crypto
> >>
> >> Sean
> >>
> >> On Wed, Jan 3, 2018 at 1:02 PM, James Prestwich via zapps-wg
> >>  wrote:
> >> > I'd prefer sha256 or bitcoin-style hash160. I'm interested in a few
> >> > different curves, including secp256k1. Eventually for EdDSA keys as
> >> > well. Is
> >> > there a list of supported curve operations?
> >> >
> >> > On Wed, Jan 3, 2018 at 12:57 PM Andrew Miller 
> >> > wrote:
> >> >>
> >> >> Thank you so much for expressing your question in Camenisch-Stadler
> >> >> notation! That makes it very clear what you're going for.
> >> >>
> >> >> What hash function H do you have in mind, would SHA2 work? Also what
> >> >> group
> >> >> G do you have in mind, secp256k1?
> >> >>
> >> >> If so, I do not know of any existing implementation of secp256k1
> >> >> operations specifically in libsnark, so that would presumably be the
> >> >> biggest
> >> >> challenge.
> >> >>
> >> >>
> >> >> On Jan 3, 2018 1:47 PM, "James Prestwich via zapps-wg"
> >> >>  wrote:
> >> >>
> >> >> I'd like to participate in the setup ceremony.
> >> >>
> >> >> I also have an app I'd like to build using a zk-proof of knowledge of
> >> >> an
> >> >> ECC private key. {(a) : A = a * G, B = H(a)}. Can anyone point me to
> >> >> good
> >> >> resources on getting started?
> >> >>
> >> >>
> >> >
>

Re: [zapps-wg] Powers of Tau participation + zk proof question

[Andrew Miller via zapps-wg]

Thank you so much for expressing your question in Camenisch-Stadler
notation! That makes it very clear what you're going for.

What hash function H do you have in mind, would SHA2 work? Also what group
G do you have in mind, secp256k1?

If so, I do not know of any existing implementation of secp256k1 operations
specifically in libsnark, so that would presumably be the biggest challenge.

On Jan 3, 2018 1:47 PM, "James Prestwich via zapps-wg"
 wrote:

I'd like to participate in the setup ceremony.

I also have an app I'd like to build using a zk-proof of knowledge of an
ECC private key. {(a) : A = a * G, B = H(a)}. Can anyone point me to good
resources on getting started?

Re: [zapps-wg] Powers of Tau contribution

[Andrew Miller via zapps-wg]

Hi Kevin, thanks for your note, I think we were just thrown off by the word
"mining" and wondered if you were in the wrong place :)
Do you want to go next? If so Sean will designate you a spot in the queue...

To contribute, I'd suggest reading a sample of a few reports from people
who have gone earlier, for where to find the software and possible steps
you can take to contribute with good opsec.
https://github.com/ZcashFoundation/powersoftau-attestations

You can get the software to run from this github repository:
https://github.com/ebfull/powersoftau/ though others have made mirrors and
dockerfiles etc you could use too.

On Tue, Jan 2, 2018 at 7:11 PM, Zx100 via zapps-wg <
zapps...@lists.z.cash.foundation> wrote:

> Excuse us? You asked "how do I start mining?" which is completely
> unrelated to the topic at hand. You are not entitled to a response,
> especially since it takes two minutes to Google for the official
> information.
>
> -------- Original Message ----
> Subject: Re: [zapps-wg] Powers of Tau contribution
> Local Time: January 3, 2018 12:45 AM
> UTC Time: January 3, 2018 12:45 AM
> From: zapps...@lists.z.cash.foundation
> To: zapps...@lists.z.cash.foundation
>
>
> Not to hijack the thread, but I've asked how to contribute and was not
> given an answer.
>
>
>
> On 1/2/2018 3:12 PM, Tony Arcieri via zapps-wg wrote:
>
> I have finished running Powers of Tau. Here is the output:
>
> The BLAKE2b hash of `./response` is:
> d129d960 a645c735 ec52fc80 91f081d1
> a6e4ff78 90e4fa55 51faa85e 95e3878a
> 96bd0c07 8315c0d4 e8e3f1a3 26dbb607
> 1ea2b43b 844a0d1e 0a3bca5a 8e21c3a5
>
> I'm not a fan of GPG, but I can post a raw Ed25519 signature of
> ./response, with Base64 public key:
>
> a7aP6Okqx1YBtRubECVoiY2Z4reR34F9BPuPwTtxpQU
>
> I have also posted this same public key to Twitter: https://twitter.com/
> bascule/status/948285074872532992
>
> The Base64url signature on my response under the aforementioned key is:
>
> BkDDl831jxB21rPHX-6pC1REdZ2UoZs_sGuAfCTt8xAP_E-Cva6Qg72fjX8yuMG-
> ufn3sc4FoAuMKGMT_OGPBQ
>
> I have since destroyed the private key/scalar used to produce this
> signature.
>
> --
>
> Tony Arcieri
>
>
>
>
> <https://www.avast.com/sig-email?utm_medium=email_source=link_campaign=sig-email_content=emailclient_term=icon>
> Virus-free. www.avast.com
> <https://www.avast.com/sig-email?utm_medium=email_source=link_campaign=sig-email_content=emailclient_term=link>
>
>
>


-- 
Andrew Miller
University of Illinois at Urbana-Champaign

Re: [zapps-wg] Powers of Tau contribution

[Kevin via zapps-wg]

Not to hijack the thread, but I've asked how to contribute and was not 
given an answer.




On 1/2/2018 3:12 PM, Tony Arcieri via zapps-wg wrote:

I have finished running Powers of Tau. Here is the output:

The BLAKE2b hash of `./response` is:
d129d960 a645c735 ec52fc80 91f081d1
a6e4ff78 90e4fa55 51faa85e 95e3878a
96bd0c07 8315c0d4 e8e3f1a3 26dbb607
1ea2b43b 844a0d1e 0a3bca5a 8e21c3a5

I'm not a fan of GPG, but I can post a raw Ed25519 signature of 
./response, with Base64 public key:


a7aP6Okqx1YBtRubECVoiY2Z4reR34F9BPuPwTtxpQU

I have also posted this same public key to Twitter: 
https://twitter.com/bascule/status/948285074872532992


The Base64url signature on my response under the aforementioned key is:

BkDDl831jxB21rPHX-6pC1REdZ2UoZs_sGuAfCTt8xAP_E-Cva6Qg72fjX8yuMG-ufn3sc4FoAuMKGMT_OGPBQ

I have since destroyed the private key/scalar used to produce this 
signature.


--
Tony Arcieri




---
This email has been checked for viruses by Avast antivirus software.
https://www.avast.com/antivirus

Re: [zapps-wg] Powers of Tau contribution

[Sean Bowe via zapps-wg]

Great! I've verified it and I'm entering it in the transcript now.

It is totally okay if you don't want to use GPG, and this is acceptable.

Thanks!

Sean

On Tue, Jan 2, 2018 at 1:12 PM, Tony Arcieri via zapps-wg
 wrote:
> I have finished running Powers of Tau. Here is the output:
>
> The BLAKE2b hash of `./response` is:
> d129d960 a645c735 ec52fc80 91f081d1
> a6e4ff78 90e4fa55 51faa85e 95e3878a
> 96bd0c07 8315c0d4 e8e3f1a3 26dbb607
> 1ea2b43b 844a0d1e 0a3bca5a 8e21c3a5
>
> I'm not a fan of GPG, but I can post a raw Ed25519 signature of ./response,
> with Base64 public key:
>
> a7aP6Okqx1YBtRubECVoiY2Z4reR34F9BPuPwTtxpQU
>
> I have also posted this same public key to Twitter:
> https://twitter.com/bascule/status/948285074872532992
>
> The Base64url signature on my response under the aforementioned key is:
>
> BkDDl831jxB21rPHX-6pC1REdZ2UoZs_sGuAfCTt8xAP_E-Cva6Qg72fjX8yuMG-ufn3sc4FoAuMKGMT_OGPBQ
>
> I have since destroyed the private key/scalar used to produce this
> signature.
>
> --
> Tony Arcieri

Re: [zapps-wg] Powers of Tau Attestation

[Sean Bowe via zapps-wg]

Thanks! Excellent job.

> In an effort to overwrite the RAM and run out the battery, I started two 
> instances of `cargo test`.

Clever. :)

Sean

On Thu, Nov 23, 2017 at 4:54 PM, Adam Nagel via zapps-wg
 wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> Powers of Tau Participation Writeup
> ===
> Date: 2017-11-23
> Name: Adam Nagel
> Location: South Florida, USA
>
>
> Ceremony Software
> =
> powersoftau repository commit
> 9e1553c437183540392a7231d0788318a19b18a3
>
> cargo 0.24.0-nightly (abd137ad1 2017-11-12)
>
>
> BLAKE2b hashes
> ==
> Challenge file
> e15f7392ebe912c2f9419f4b4ed4242b6207bad916d22ffb10a0c9c08445ae6f0eebd35c7e52ecd5ff611bb8c8d6bedd9e711cd8485b88d6e2b0d276ee979bb7
>
> The BLAKE2b hash of `./response` is:
> cdb09d81 858da53b 5581c25d 805e442b
> 5a37bf75 ccb1e1b3 104d9886 742c2dae
> 220cc817 9902653e 1783ba13 f47d5367
> 8360ba3f 7f3d1557 e1472b07 1b796fc5
>
> /usr/local/bin/cargo
> a5adde35def05d778b9490ba8813f5085ec9a55e88f0fe7c42282508a43774625c2fd84f01383ff3478d345fe8dd1a455096380d37bcf51f4424924c2bf3c07d
>
> ./target/release/compute
> 88b2a3d5b8740ff699d6e9ba516d3dcebbcc36c5df64eeeb529ecda8f792de032fad915fbb23168bba8c65a02ff3695176fd1321413b1a6247082137f5f9334d
>
> ./target/release/compute (with --features=u128-support)
> dae100bbdbd9fd6c1280422906ae6fd0dc9c7115d75749c0df01ad8f106924ede534f5ffcdd61255e15d383dd0384d2efe90afc9f2fc27e745996714ec8b20b0
>
>
> Procedure
> =
> I prepared a 2013 Macbook Pro with cargo, powersoftau, and FileVault on
> November 15 at my home in Nashville, disabled the radios, and left it
> powered off until today.
>
> My turn came up while vacationing in Florida and traveling in a rented car.
> This morning, I sat down in the first coffee shop I encountered and used a
> second laptop to download the challenge file to a USB stick. Then I copied
> the challenge file to my compute machine.
>
> Entropy was generated with about 30 seconds of key-mashing. I allowed it to
> run while driving around Homestead and Florida City, leaving the Bluetooth
> and Wifi radios disabled. When the process completed, I made a copy of the
> response file.
>
> I then performed another computation from Long Pine Key Campground in
> Everglades National Park, with entropy generated using the same process.
>
> A coin flip determined which response file to use. The winner was
> transferred to USB stick and uploaded to S3 over Verizon 4G LTE from the
> campground.
>
> In an effort to overwrite the RAM and run out the battery, I started two
> instances of `cargo test`. Add in the South Florida heat, and the fans have
> never worked so hard. I intend to leave this computer off for several weeks,
> re-format its hard drive, and use it for other purposes in the future.
>
> Thanks to Sean for coordinating everything, and thanks to the community for
> the chance to participate.
> -BEGIN PGP SIGNATURE-
> Version: Keybase OpenPGP v2.0.76
> Comment: https://keybase.io/crypto
>
> wsBcBAABCgAGBQJaF197AAoJEH9HRRD/y1TBjDEIANpIrKw9QFDJM2vyvpPEGVui
> 0mhEStbFX6DZlLcOTzwhGvaitiBlZWFLus3F4aQocXvLwdAtKenVpd5jDKrMHre0
> rcsHewVrgVigvvUeHqTmNMMDx5yvJdKG8MbeNeJSxLge6omHMBydQWot6ytQNnRk
> L9+Nq8h436GCu4ypFiNxgiAKsJF/RFTAe+W2rHECjGqsVpMIuczWwOupeYyncSOS
> JTQ4dLi1VFIsgOzDJI7GeGU8OKlfb4gxtW1YpZlgoFD4KyUQTah0qXyDcTn/eqw0
> iwB1Tg6pJSl/4CBLGshK9gKcw4+2FwnYmW/S3c3+DPUcKSiaSSfbBEiTw3N23zs=
> =qUCa
> -END PGP SIGNATURE-
>

Re: [zapps-wg] Powers of Tau Ceremony Proposal

[Eric L. Stromberg via zapps-wg]

-BEGIN PGP SIGNED MESSAGE-Hash: SHA512Powers of Tau Operational writeup=Round: 7Date: 2017-11-16Name: Eric L. StrombergLocation: San Francisco area, USChallenge: 2ae068fbe1a9d0e070844047f3032432e86b822f593da3fcd6fc0ee8bed2f30caac587a1d5e68ea6fcdcf1a40213de7d41ded05cf9be934e4c6d617e201caa1aResponse: 1ad851c65b4fcf3ca0bce6b366c40c48b65f611044731faf2b5fc90f987eda3f3240ea25c555e516ff73de2855369fd2da77a7055529b6f72ac3225b07fd8585 Preparation steps=UBUNTUBuild VM & compute node OS from: ubuntu-16.04.3-desktop-amd64.isoSHA256: 1384ac8f2c2a6479ba2a9cbe90a585618834560c477a699a4a7ebe7b5345ddc1  Build VM, create compute binary:Created new Ubuntu 16.04.3 VM from ISOFollowed instructions indicated in repository Readme to build “compute” binaryhttps://github.com/ebfull/powersoftau [commit 9e1553c437183540392a7231d0788318a19b18a3]Formatted fresh 8GB USB stick, copied compute binary to it.BLAKE2b-64 (./compute) = 7af5d31bbb215eab40753043523790483cdda67aef1d6e317f4269fb042dbc8608feaa0db8d17df82bef28f021509871635a56052de1370f4b90dc6322a8a962Setup minimal compute node (ASUS 1015E laptop, 2GB RAM, Celeron 847, 320GB HDD):Flash BIOS with latest (2013/05/23) from: http://dlcdnet.asus.com/pub/ASUS/nb/1015E/1015EAS304.zipSHA256: 9ee3256bbc7116388a6c5079773d8ac28471f0cfbb2db8784e403c36c3bbd9bb  Install ubuntu 16.04.3 from DVD: erase and reinstall, no network, no updates.Copy compute binary and challenge file from USB stick.MAC OSXBuild VM, create compute binary:Used “Install macOS Sierra 10.12.app” from Apple.Followed same steps as above to create “compute” binary.BLAKE2b-64 (./compute) = 88565a9e84c9ee69818e78909b7f6b05ef46a88780b8378d44a037be7e8fd50c7c601e8340455be2ed9e703095baf3f9104fded0086576c9c43c36fb6bf9Installed MacOS on external SSD drive with “Install macOS High Sierra 10.13.0.app” from Apple.To be used as boot image for MacBook Pro laptop, second compute node  (Internal disk is encrypted).Copied compute binary and challenge to SSD drive.Workspace preparation:An interior closet containing a heavy gauge steal gun safe was lined with multiple layers of foil shielding to allow access to the compute node keyboard with the safe door open and still limit EM leakage.  Compute node, USB stick and 8 hexadecimal dice in a dice box placed in safe, with a power cord routed through the safe door opening: https://www.dropbox.com/s/ysfmhre0cjkhe1g/tinfoilsafe.jpeg?dl=0Procedure=For each of 3 compute runs, door to closet closed to effectively create a faraday room with safe containing the compute node (laptop) inside.  Safe door open to allow access to keyboard and screen.  Ran ./compute and when prompted, provided 64 bytes of entropy with 4 rolls of 8 hexadecimal dice in a box used to both randomize them and to order them unambiguously.  Once compute process was underway, closed and locked safe until completion of the compute process.Sidechannel defensesThe ASUS compute node is a 4 year old device, ordered by me through Amazon with 2-day shipping, with Ubuntu 12.04 factory installed; reimaged with w/16.04.3 for this exercise.  Was previously turned on once to set it up / verify and not otherwise used or connected to any network.  Node has been air gapped at all times since purchase.  The MAC compute node is a personal device and well used.  The Mac OS image created on an external drive for this exercise was never network connected and erased immediately afterwards.  The internal drive is encrypted and was not accessible to the boot image used.  All 3 production compute runs were performed in a rural area with no other structures or public roads within 100 yards in any direction.  The compute nodes were operated in a heavy gun safe within an interior closet shielded with foil to control EM leakage even when the safe door was open for keyboard access.  The safe was kept closed and locked during computation.  One of 3 results was randomly selected for submission without attribution.Postprocessing==ASUS: copied hash and response file to USB stick.  Battery removed from compute node.  Copied hash and response to personal laptop then securely erased USB and overwrote with random data.  I did not destroy the node, but it will remain unpowered and locked in a safe for at least one month and will either never be used again (and be destroyed) or will be used only as an offline signing device, securely stored and never connected to any network. MAC: after each of the 2 compute runs, copied hash onto SSD drive.  Powered off Mac.  Copied hash and response files to personal laptop then securely erased SSD (boot drive) and overwrote with random data.  Will continue to use SSD and Mac for other purposes.  A roll of hexadecimal dice was used to select 1 of the 3 response files.  50% probability given to result generated on the ASUS node and 25% probability given to each result from the MAC node.  The randomly selected result was verified and submitted - 

Re: [zapps-wg] Powers of Tau Ceremony Proposal

[Jared Tobin via zapps-wg]

Hi all, here's my report:

Powers of Tau Operational Writeup
=

Round: 3
Date: 2017-11-12
Name: Jared Tobin
Location: Auckland, NZ

Challenge:
e712fa22f1d027a0b4ce3ef698f26d5cab07c3380e4c24a479a914c85617fd1a2960b386cceb5c94718979010a1b7ed8b6145da872f0744e06503bd664fe7283
Response:
cb48afb82ab4c476ae741633c3eb6643e7700dc7b2b4701af91e3cc932270b96c375e5f3a5c20c96fac6c9b40a5bba6c956d66f223f090c545c277aa05427757

Preparation Steps
=

Being somewhat pressed for time and hardware, I recruited several
geographically-distributed volunteers that I know well and trust
completely to help me out.  In the end, the following volunteers were
able to get back to me in time:

* Shawn Tobin (RSA Canada)
* Fredrik Harryson (Parity Technologies)
* Jason Forbes (Kraken Sonar Systems)

I set up a private Keybase team with the above volunteers, distributed
the challenge to them over KBFS, and gave them instructions over the
team chat on how to proceed.  Each was to add entropy and compute the
response locally using whatever mechanisms they preferred (report not
required), then return their response/hash pairs to me over KBFS.  Each
member was to use the code in Sean's powersoftau repository as of commit
9e1553c437183540392a7231d0788318a19b18a3 to perform the computation.

Procedure
=

I computed a response locally in rather mundane fashion using rustc
1.21.0 on an early-2015 model Macbook Air running Sierra.  Eventually
the volunteers managed to upload their response/hash pairs to KBFS, and
I randomly selected one of the resulting four responses to submit for my
piece of the MPC.

I uploaded the resulting response via the handy app Sean provided me with.

Side channel defences
=

I used broad geographical distribution and randomness to mitigate the
possibility of successful side channel attacks.  Shawn was located in
Vancouver, Canada, Fredrik was located in Malmö, Sweden, and Jason was
located in St. John's, Canada.

I selected the response to upload by pre-determining a correspondence
between names and numbers, and then walking outside and asking the first
stranger I saw to pick a number between one and four.

- jared


On Sat, Nov 11, 2017 at 12:25:33AM +, Jason Davies via zapps-wg wrote:
> Hi all,
>
> Here is my report:
>
> Powers of Tau Operational Writeup
> =
>
> Round: 2
> Date: 2017-11-10
> Name: Jason Davies
> Location: London, UK
>
> Challenge: 
> 467bc84f6eb98ff956eaf12a1b7ef4dc0aff1093c7a0d5c1dfbdb85bbfffb20a43965d0daefee3fec6c1a47af69100e117b44b74371824ac8af1e33b6f91add5
> Response: 
> 2f728af894524f55bda7a3e2c2e2db6a57a992811e90ed57456d62aead5106cdc5c97c86532d14b5185cc74d169f1b0c2c0ef1e582231ffa7936da55047c0cb2
>
> Preparation Steps
> =
>
> Git repository: https://github.com/ebfull/powersoftau
> Commit hash: 9e1553c437183540392a7231d0788318a19b18a3
> Compiler: rustc 1.23.0-nightly (d6b06c63a 2017-11-09)
> Build: cargo build --release --features=u128-support
> b2sum(./target/release/compute): 
> be42f68b07c5c857bb6561a9ac2967d671ef412a71c87c2fb31776a6ab38c756736de66e554553021e129ecab45d922092873df8b71bd9a775ec05f189485198
>
> I used a brand new 16GB USB stick and loaded ubuntu-17.04-desktop-amd64.iso; 
> b2sum: 
> 6a1c975b25b4e7f2dbf4fda84fe8b5de3ed6f4532b8c4f17e533ed11a0a8b5b9ad9fb83e8e4b89447c3a427be73f77a5f7c71b7f733fcc4bebf346e9c5c0de43.
>
> I reformatted a second brand new 16GB USB stick to ext4, then copied the
> `challenge` file and the `target/release/compute` binary.
>
> Sidechannel Defences
> 
>
> First of all, I lined a large cardboard box with aluminium foil in order to
> make a rudimentary faraday cage.  Then, I assembled an airgap compute node
> using some relatively cheap parts, putting them all inside the box:
>
> * Motherboard: Asus H81 Pro BTC (no radio, bluetooth or speakers AFAIK)
> * CPU: Intel G1840
> * Ram: 2x cheap 1GB sticks
> * PSU: EVGA SuperNOVA 1300 G2
> * Monitor: old Dell TFT display
> * Keyboard: generic USB keyboard
>
> No other peripherals or cables were connected.  I placed the compute node in 
> my
> cellar (~6ft below ground level) and I remained with the node during the 
> entire
> time it was computing, without using any other devices in the vicinity (no
> mobile phone etc.)  The only cables coming out of the box were the two power
> cables, one for the PSU and one for the monitor.
>
> Image: https://pbs.twimg.com/media/DOT55KUXUAEV44-.jpg:large
>
> Procedure
> =
>
> I booted the node, with "Try Ubuntu" (Live CD mode).  Then, I inserted the
> challenge USB stick and ran `./compute` in the USB media directory, entering
> some additional entropy as requested by typing randomly on the keyboard.  The
> box lid was only partially opened to allow use of the keyboard and to view the
> monitor at this point.  After 60 minutes had passed, I looked inside the lid
> and saw that the computation had completed, so I wrote down the 

Re: [zapps-wg] Powers of Tau Ceremony Proposal

[Sean Bowe via zapps-wg]

Kobi Gurkan (from QED-it) wishes to go after cody. I'll double-check later.

On Sat, Nov 11, 2017 at 4:12 AM, cody burns  wrote:
> I will go after the unnamed party.
>
>
> On Sat, Nov 11, 2017 at 3:21 AM Sean Bowe via zapps-wg
>  wrote:
>>
>> All is verified and mirrored so far! Thanks!
>>
>> I've invited someone else to be next, but I'm not sure if they wanted
>> me to identify them publicly before they were finished.
>>
>> Sean
>>
>> On Fri, Nov 10, 2017 at 5:25 PM, Jason Davies 
>> wrote:
>> > Hi all,
>> >
>> > Here is my report:
>> >
>> > Powers of Tau Operational Writeup
>> > =
>> >
>> > Round: 2
>> > Date: 2017-11-10
>> > Name: Jason Davies
>> > Location: London, UK
>> >
>> > Challenge:
>> > 467bc84f6eb98ff956eaf12a1b7ef4dc0aff1093c7a0d5c1dfbdb85bbfffb20a43965d0daefee3fec6c1a47af69100e117b44b74371824ac8af1e33b6f91add5
>> > Response:
>> > 2f728af894524f55bda7a3e2c2e2db6a57a992811e90ed57456d62aead5106cdc5c97c86532d14b5185cc74d169f1b0c2c0ef1e582231ffa7936da55047c0cb2
>> >
>> > Preparation Steps
>> > =
>> >
>> > Git repository: https://github.com/ebfull/powersoftau
>> > Commit hash: 9e1553c437183540392a7231d0788318a19b18a3
>> > Compiler: rustc 1.23.0-nightly (d6b06c63a 2017-11-09)
>> > Build: cargo build --release --features=u128-support
>> > b2sum(./target/release/compute):
>> > be42f68b07c5c857bb6561a9ac2967d671ef412a71c87c2fb31776a6ab38c756736de66e554553021e129ecab45d922092873df8b71bd9a775ec05f189485198
>> >
>> > I used a brand new 16GB USB stick and loaded
>> > ubuntu-17.04-desktop-amd64.iso; b2sum:
>> > 6a1c975b25b4e7f2dbf4fda84fe8b5de3ed6f4532b8c4f17e533ed11a0a8b5b9ad9fb83e8e4b89447c3a427be73f77a5f7c71b7f733fcc4bebf346e9c5c0de43.
>> >
>> > I reformatted a second brand new 16GB USB stick to ext4, then copied the
>> > `challenge` file and the `target/release/compute` binary.
>> >
>> > Sidechannel Defences
>> > 
>> >
>> > First of all, I lined a large cardboard box with aluminium foil in order
>> > to
>> > make a rudimentary faraday cage.  Then, I assembled an airgap compute
>> > node
>> > using some relatively cheap parts, putting them all inside the box:
>> >
>> > * Motherboard: Asus H81 Pro BTC (no radio, bluetooth or speakers AFAIK)
>> > * CPU: Intel G1840
>> > * Ram: 2x cheap 1GB sticks
>> > * PSU: EVGA SuperNOVA 1300 G2
>> > * Monitor: old Dell TFT display
>> > * Keyboard: generic USB keyboard
>> >
>> > No other peripherals or cables were connected.  I placed the compute
>> > node in my
>> > cellar (~6ft below ground level) and I remained with the node during the
>> > entire
>> > time it was computing, without using any other devices in the vicinity
>> > (no
>> > mobile phone etc.)  The only cables coming out of the box were the two
>> > power
>> > cables, one for the PSU and one for the monitor.
>> >
>> > Image: https://pbs.twimg.com/media/DOT55KUXUAEV44-.jpg:large
>> >
>> > Procedure
>> > =
>> >
>> > I booted the node, with "Try Ubuntu" (Live CD mode).  Then, I inserted
>> > the
>> > challenge USB stick and ran `./compute` in the USB media directory,
>> > entering
>> > some additional entropy as requested by typing randomly on the keyboard.
>> > The
>> > box lid was only partially opened to allow use of the keyboard and to
>> > view the
>> > monitor at this point.  After 60 minutes had passed, I looked inside the
>> > lid
>> > and saw that the computation had completed, so I wrote down the BLAKE2b
>> > hash,
>> > and unmounted and removed the USB stick, and then powered the node down.
>> >
>> > Postprocessing
>> > ==
>> >
>> > I took the USB stick and transferred the response file to my laptop, and
>> > then
>> > uploaded it using the laptop to S3 via Sean Bowe's transcript site.
>> >
>> > I did not destroy the compute node but I'm unlikely to use it or plug it
>> > in for
>> > some time.
>> > --
>> > Jason Davies, https://www.jasondavies.com
>> >
>> >
>> >
>> >
>> >> On 10 Nov 2017, at 22:11, Sean Bowe via zapps-wg
>> >>  wrote:
>> >>
>> >> Thanks Andrew! That's a great start.
>> >>
>> >> Now it's Jason Davies' turn.
>> >>
>> >> The entire transcript will appear here throughout the process:
>> >>
>> >> https://powersoftau-transcript.s3-us-west-2.amazonaws.com/index.html
>> >>
>> >> We can make a more formal announcement once we're in the groove and
>> >> everything looks good. We're getting a repo up with attestations soon
>> >> also.
>> >>
>> >> Sean
>> >>
>> >> On Fri, Nov 10, 2017 at 12:53 PM, Andrew Miller 
>> >> wrote:
>> >>> OK, I'll go first. Below is my report:
>> >>>
>> >>> Powers of Tau Operational writeup
>> >>> =
>> >>> Round: 1
>> >>> Date: 2011-11-10
>> >>> Name: Andrew Miller
>> >>> Location: Champaign, Illinois
>> >>>
>> >>> Challenge: (genesis)
>> >>>
>> >>> 

Re: [zapps-wg] Powers of Tau Ceremony Proposal

[cody burns via zapps-wg]

I will go after the unnamed party.


On Sat, Nov 11, 2017 at 3:21 AM Sean Bowe via zapps-wg
 wrote:

> All is verified and mirrored so far! Thanks!
>
> I've invited someone else to be next, but I'm not sure if they wanted
> me to identify them publicly before they were finished.
>
> Sean
>
> On Fri, Nov 10, 2017 at 5:25 PM, Jason Davies 
> wrote:
> > Hi all,
> >
> > Here is my report:
> >
> > Powers of Tau Operational Writeup
> > =
> >
> > Round: 2
> > Date: 2017-11-10
> > Name: Jason Davies
> > Location: London, UK
> >
> > Challenge:
> 467bc84f6eb98ff956eaf12a1b7ef4dc0aff1093c7a0d5c1dfbdb85bbfffb20a43965d0daefee3fec6c1a47af69100e117b44b74371824ac8af1e33b6f91add5
> > Response:
> 2f728af894524f55bda7a3e2c2e2db6a57a992811e90ed57456d62aead5106cdc5c97c86532d14b5185cc74d169f1b0c2c0ef1e582231ffa7936da55047c0cb2
> >
> > Preparation Steps
> > =
> >
> > Git repository: https://github.com/ebfull/powersoftau
> > Commit hash: 9e1553c437183540392a7231d0788318a19b18a3
> > Compiler: rustc 1.23.0-nightly (d6b06c63a 2017-11-09)
> > Build: cargo build --release --features=u128-support
> > b2sum(./target/release/compute):
> be42f68b07c5c857bb6561a9ac2967d671ef412a71c87c2fb31776a6ab38c756736de66e554553021e129ecab45d922092873df8b71bd9a775ec05f189485198
> >
> > I used a brand new 16GB USB stick and loaded
> ubuntu-17.04-desktop-amd64.iso; b2sum:
> 6a1c975b25b4e7f2dbf4fda84fe8b5de3ed6f4532b8c4f17e533ed11a0a8b5b9ad9fb83e8e4b89447c3a427be73f77a5f7c71b7f733fcc4bebf346e9c5c0de43.
> >
> > I reformatted a second brand new 16GB USB stick to ext4, then copied the
> > `challenge` file and the `target/release/compute` binary.
> >
> > Sidechannel Defences
> > 
> >
> > First of all, I lined a large cardboard box with aluminium foil in order
> to
> > make a rudimentary faraday cage.  Then, I assembled an airgap compute
> node
> > using some relatively cheap parts, putting them all inside the box:
> >
> > * Motherboard: Asus H81 Pro BTC (no radio, bluetooth or speakers AFAIK)
> > * CPU: Intel G1840
> > * Ram: 2x cheap 1GB sticks
> > * PSU: EVGA SuperNOVA 1300 G2
> > * Monitor: old Dell TFT display
> > * Keyboard: generic USB keyboard
> >
> > No other peripherals or cables were connected.  I placed the compute
> node in my
> > cellar (~6ft below ground level) and I remained with the node during the
> entire
> > time it was computing, without using any other devices in the vicinity
> (no
> > mobile phone etc.)  The only cables coming out of the box were the two
> power
> > cables, one for the PSU and one for the monitor.
> >
> > Image: https://pbs.twimg.com/media/DOT55KUXUAEV44-.jpg:large
> >
> > Procedure
> > =
> >
> > I booted the node, with "Try Ubuntu" (Live CD mode).  Then, I inserted
> the
> > challenge USB stick and ran `./compute` in the USB media directory,
> entering
> > some additional entropy as requested by typing randomly on the
> keyboard.  The
> > box lid was only partially opened to allow use of the keyboard and to
> view the
> > monitor at this point.  After 60 minutes had passed, I looked inside the
> lid
> > and saw that the computation had completed, so I wrote down the BLAKE2b
> hash,
> > and unmounted and removed the USB stick, and then powered the node down.
> >
> > Postprocessing
> > ==
> >
> > I took the USB stick and transferred the response file to my laptop, and
> then
> > uploaded it using the laptop to S3 via Sean Bowe's transcript site.
> >
> > I did not destroy the compute node but I'm unlikely to use it or plug it
> in for
> > some time.
> > --
> > Jason Davies, https://www.jasondavies.com
> >
> >
> >
> >
> >> On 10 Nov 2017, at 22:11, Sean Bowe via zapps-wg
>  wrote:
> >>
> >> Thanks Andrew! That's a great start.
> >>
> >> Now it's Jason Davies' turn.
> >>
> >> The entire transcript will appear here throughout the process:
> >>
> >> https://powersoftau-transcript.s3-us-west-2.amazonaws.com/index.html
> >>
> >> We can make a more formal announcement once we're in the groove and
> >> everything looks good. We're getting a repo up with attestations soon
> >> also.
> >>
> >> Sean
> >>
> >> On Fri, Nov 10, 2017 at 12:53 PM, Andrew Miller 
> wrote:
> >>> OK, I'll go first. Below is my report:
> >>>
> >>> Powers of Tau Operational writeup
> >>> =
> >>> Round: 1
> >>> Date: 2011-11-10
> >>> Name: Andrew Miller
> >>> Location: Champaign, Illinois
> >>>
> >>> Challenge: (genesis)
> >>>
> ce00f2100dd876fdff8dd824f55307bcb72d724f29ff20b9e0760f3a65e5588a65eaed57cbc61697111ae1f4cc7da2e62a85311c2ae683a041fb872b891c68dc
> >>> Response:
> >>>
> 15729e0edc4201dc5ee6241437d926f614cb4214ff1b9c6fbd73daf401639f7a4238cf04bc94edac9f2ad037003daab9a4408ba7c62a4413dc2a0ddd683bd719
> >>> ./response-2017-11-10-amiller
> >>>
> >>> Preparation steps
> >>> =
> >>> I used Sean’s powersoftau rust 

Re: [zapps-wg] Powers of Tau Ceremony Proposal

[Jason Davies via zapps-wg]

Hi all,

Here is my report:

Powers of Tau Operational Writeup
=

Round: 2
Date: 2017-11-10
Name: Jason Davies
Location: London, UK

Challenge: 
467bc84f6eb98ff956eaf12a1b7ef4dc0aff1093c7a0d5c1dfbdb85bbfffb20a43965d0daefee3fec6c1a47af69100e117b44b74371824ac8af1e33b6f91add5
Response: 
2f728af894524f55bda7a3e2c2e2db6a57a992811e90ed57456d62aead5106cdc5c97c86532d14b5185cc74d169f1b0c2c0ef1e582231ffa7936da55047c0cb2

Preparation Steps
=

Git repository: https://github.com/ebfull/powersoftau
Commit hash: 9e1553c437183540392a7231d0788318a19b18a3
Compiler: rustc 1.23.0-nightly (d6b06c63a 2017-11-09)
Build: cargo build --release --features=u128-support
b2sum(./target/release/compute): 
be42f68b07c5c857bb6561a9ac2967d671ef412a71c87c2fb31776a6ab38c756736de66e554553021e129ecab45d922092873df8b71bd9a775ec05f189485198

I used a brand new 16GB USB stick and loaded ubuntu-17.04-desktop-amd64.iso; 
b2sum: 
6a1c975b25b4e7f2dbf4fda84fe8b5de3ed6f4532b8c4f17e533ed11a0a8b5b9ad9fb83e8e4b89447c3a427be73f77a5f7c71b7f733fcc4bebf346e9c5c0de43.

I reformatted a second brand new 16GB USB stick to ext4, then copied the
`challenge` file and the `target/release/compute` binary.

Sidechannel Defences


First of all, I lined a large cardboard box with aluminium foil in order to
make a rudimentary faraday cage.  Then, I assembled an airgap compute node
using some relatively cheap parts, putting them all inside the box:

* Motherboard: Asus H81 Pro BTC (no radio, bluetooth or speakers AFAIK)
* CPU: Intel G1840
* Ram: 2x cheap 1GB sticks
* PSU: EVGA SuperNOVA 1300 G2
* Monitor: old Dell TFT display
* Keyboard: generic USB keyboard

No other peripherals or cables were connected.  I placed the compute node in my
cellar (~6ft below ground level) and I remained with the node during the entire
time it was computing, without using any other devices in the vicinity (no
mobile phone etc.)  The only cables coming out of the box were the two power
cables, one for the PSU and one for the monitor.

Image: https://pbs.twimg.com/media/DOT55KUXUAEV44-.jpg:large

Procedure
=

I booted the node, with "Try Ubuntu" (Live CD mode).  Then, I inserted the
challenge USB stick and ran `./compute` in the USB media directory, entering
some additional entropy as requested by typing randomly on the keyboard.  The
box lid was only partially opened to allow use of the keyboard and to view the
monitor at this point.  After 60 minutes had passed, I looked inside the lid
and saw that the computation had completed, so I wrote down the BLAKE2b hash,
and unmounted and removed the USB stick, and then powered the node down.

Postprocessing
==

I took the USB stick and transferred the response file to my laptop, and then
uploaded it using the laptop to S3 via Sean Bowe's transcript site.

I did not destroy the compute node but I'm unlikely to use it or plug it in for
some time.
--
Jason Davies, https://www.jasondavies.com



report.asc
Description: Binary data


> On 10 Nov 2017, at 22:11, Sean Bowe via zapps-wg 
>  wrote:
> 
> Thanks Andrew! That's a great start.
> 
> Now it's Jason Davies' turn.
> 
> The entire transcript will appear here throughout the process:
> 
> https://powersoftau-transcript.s3-us-west-2.amazonaws.com/index.html
> 
> We can make a more formal announcement once we're in the groove and
> everything looks good. We're getting a repo up with attestations soon
> also.
> 
> Sean
> 
> On Fri, Nov 10, 2017 at 12:53 PM, Andrew Miller  wrote:
>> OK, I'll go first. Below is my report:
>> 
>> Powers of Tau Operational writeup
>> =
>> Round: 1
>> Date: 2011-11-10
>> Name: Andrew Miller
>> Location: Champaign, Illinois
>> 
>> Challenge: (genesis)
>> ce00f2100dd876fdff8dd824f55307bcb72d724f29ff20b9e0760f3a65e5588a65eaed57cbc61697111ae1f4cc7da2e62a85311c2ae683a041fb872b891c68dc
>> Response:
>> 15729e0edc4201dc5ee6241437d926f614cb4214ff1b9c6fbd73daf401639f7a4238cf04bc94edac9f2ad037003daab9a4408ba7c62a4413dc2a0ddd683bd719
>> ./response-2017-11-10-amiller
>> 
>> Preparation steps
>> =
>> I used Sean’s powersoftau rust repo, commit
>> 9e1553c437183540392a7231d0788318a19b18a3
>> 
>> I followed instructions online for building portable rust binaries,
>> and so I ran
>> ```
>> cargo build --target=x86_64-unknown-linux-musl --release
>> --features=u128-support --bin=compute
>> ```
>> 
>> Compiler: rustc 1.23.0-nightly (02004ef78 2017-11-08)
>> 
>> I copied the resulting binary to a freshly formatted USB stick I had.
>> 
>> b2sum:
>> 9059a0a64f5021c36df630ca48ac40674862b2fea14f4843ff2150256b95162ac4d6d1621d2dd3f5d0d1c604ad8e581c0ff449d2449140380eab075a9b83c960
>> ./target/x86_64-unknown-linux-musl/release/compute
>> 
>> I also rummaged through my shelf of several USB sticks, and found one
>> that happened to be a Linux Mint 18 USB bootable disk, so I used that
>> for my operating system.
>> 
>>