Cryptocurrency: Demystifiying SMPC (Secure multi-party computation) and its threat model

Wed Feb 8 18:00:09 PST 2023

> I can’t verify if it’s a fake

Monero fanboi's, anti-Zcash'ers, BTC Maxi's, GovPolBank's, competing
'privacy coins' are often dishonestly or unknowledgably fake about the
setup's capabilities and exploits. If their shillbias doesn't at least hint that
others indicate that it might be done securely with benefit, that's one tipoff
re what are surely still premature conclusions.

> Correctness: if any corrupted parties (for example, bribed by the
> adversary) act dishonestly, for example, share information in private
> or perform actions that deviate from the norms of the protocol, the
> protocol should not allow the dishonest parties to be able to make
> honest parties get the wrong result or disclose their secrets.

Quoteable to shills who misinterpret the definition of 'trusted setup'.

When in doubt, compete and compare openly and objectively without shill,
and if unsure, and deployment demands additional risk intermediation,
then compose the best elements of both until such time of clarity,
or seek other methods.

> In 1987, Goldrakh, Mikali and Wigderson extended two-party protocol to
> multi-party.

Proc. 27th IEEE Symp Foundations Computer Science 1986 pp174-187
Goldreich , Micali , Wigderson
Proofs that yield nothing but their validity and
a methodology of cryptographic protocol design

Proc 19th ACM Symp Theory of Computing 1987 pp218-229
Goldreich , Micali , Wigderson
How to play any mental game

Proc 18th Symp Theory of Computing 1986 pp59-68
Goldwasser , Sipser
Private coins versus public coins in interactive proof-systems

Oren 1987: Cunning power of cheating verifiers

Luby 1983: Simultaneously exchange a secret bit

>From work prior to at least 1984...
1986 - Proceedings 27th IEEE Symposium Foundations Computer Science
1989 - Society for Industrial and Applied Mathematics J. Comput. Vol18 Feb 1989
The Knowledge Complexity Of Interactive Proof Systems
Shafi Goldwasser , Silvio Micali , and Charles Rackoff
MIT NSF DCR-84-13577 DCR-85-09905 , UToronto NSERC A3611
Abstract. Usually, a proof of a theorem contains more knowledge
than the mere fact that the theorem is true. For instance, to prove that
a graph is Hamiltonian it suffices to exhibit a Hamiltonian tour in it;
however, this seems to contain more knowledge than the single bit
Hamiltonian / non-Hamiltonian.
In this paper a computational complexity theory of the "knowledge" contained
in a proof is developed. Zero-knowledge proofs are defined as those proofs that
convey no additional knowledge other than the correctness of the proposition
in question. Examples of zero-knowledge proof systems are given for
the languages
of quadratic residuosity and quadratic nonresiduosity. These are the
first examples
of zero-knolwdge proofs for languages not known to be efficiently recognizable.
Key words. cryptography, zero knowledge, interactive proofs, quadratic residues
AMS(MOS) subject classifications. 68Q15 , 94A60