Poseidon Fix, Trusted Setup, and Mainnet Launch

6 months ago   •   2 min read

By Polygon Hermez

We have everything ready to launch the Hermez Network mainnet in the coming days. Our developer team is upgrading the code with a last-minute fix in the Poseidon hashing algorithm used in Hermez, and after this we will restart our Trusted Setup ceremony right away.

This article will explain the implications of these milestones on the Hermez roadmap to mainnet launch.

Upgrading Poseidon

Poseidon refers to a hash function that claims to use up to 8x fewer constraints per message bit than Pedersen Hash. It was presented in a paper titled POSEIDON: A New Hash Function for Zero-Knowledge Proof Systems.

On the 7th of March of 2021, an update was implemented, making the code follow the original paper's specifications.

Update from 07/03/2021

We fixed several bugs in the implementation. First, the linear layer was computed differently, and secondly the final matrix multiplication was missing. The test vectors were also changed accordingly.

In more detail, the linear layer was computed as state = state * M instead of state = M * state in the previous version, hence essentially the transpose M^T of M was used. Security-wise, this was no problem, since M^T is also secure w.r.t. subspace trails in the partial rounds. However, the current version is now exactly following the specification given in the paper.

Regarding the second change, no linear layer operation was done in the last round. This was against our spec and may indeed lead to less security in the specific hash setting we are considering. It is now fixed (i.e., it now follows the specification given in the paper), and the last round includes a linear layer operation in the current version.

It's important to emphasise that this has no relevant implications for the security of the cryptographic setups built using Poseidon. In addition to that, we want that our protocol follows the future compatibility of the Poseidon standard.

We want to thank the creators of Poseidon for their support with this fantastic protocol that enables Hermez high gas efficiency.  

Restarting the Trusted Setup Ceremony

Due to Poseidon's new version, we will have to restart the Trusted Setup Ceremony, a cryptographic setup required for a decentralised zk-Rollup. You can read more about it here.

We will be restarting the ceremony today (Friday 12th of March 2021), and it will run for a few days until we have enough contributors.

Once the ceremony is concluded, we will proceed to launch the Hermez Network mainnet.

Public Testnet Feedback

The Hermez public testnet is showing promising results, both in participation and in resilience. We have over 3,700 wallets at the time of writing, and tens of members are giving their feedback on our social channels.

We are happy to see that most of that feedback is positive and constructive, and we will be implementing ideas from community members as we keep developing the network.

Bear in mind that we will reset and restart the public testnet with the new Poseidon version next Monday 15th of March. This means that the current test token balances will be deleted.

Recap

We are working tirelessly to get the Hermez Network mainnet up and running as soon as possible. Since Hermez is a fully open source project, next week we will publish the source code of the Hermez node, before the mainnet launch.

We continue testing intensively and improving the network in terms of stability and user experience.

You can contribute by testing the public testnet and giving your feedback. We will be sharing updates related to the public testnet on Twitter and Discord.

Spread the word

Keep reading