1 of 1

Request the creation of a new private key

Generating a new set of keys and crs is necessary when creating a new FHE Co-processor.

To do so one can use the TKMS cli tool packaged in the following docker image.

The configuration file of the CLI will need to be modified or mounted to a volume accessible within the Docker container. The accessible/modified file must include:

s3_endpoint = ""
object_folder = ["","","",""]

validator_addresses = [""]
http_validator_endpoints = [""]
kv_store_address = ""
faucet_address = ""

asc_address = ""
csc_address = ""
mnemonic = ""

Key generation

"Insecure"

Insecure key generation is the fastest way to generate a new key. The key is generated by a single party and shared with the other parties. Hence it is not directly insecure, but instead only generated with a centralized trust assumption.

cargo run -- -f <path-to-toml-config-file> insecure-key-gen

"Secure"

Secure key generation takes a lot longer and is a two step process. For development purposes insecure key generation is the recommended way since it is much faster.

This will do some pre-processing needed for key-generation. The pre-processing id will be needed to then launch a distributed key generation.

cargo run -- -f <path-to-toml-config-file> preproc-key-gen
cargo run -- -f <path-to-toml-config-file> key-gen --preproc-id <preprocessing-id>

Common-Reference-String (CRS) generation

The CRS is a public object used to generate zero-knowledge-proofs of plaintext knowledge (required to add a new ciphertext). The max-num-bits argument specifies the maximum number of bits provable with a given CRS, usually 2048 is used, since this is the size of the largest data-type currently supported.

"Insecure"

As for the insecure key-generation this operation will be done by a single party.

cargo run -- -f <path-to-toml-config-file> insecure-crs-gen --max-num-bits <max-num-bits>

"Secure"

This will launch a distributed CRS generation.

cargo run -- -f <path-to-toml-config-file> crs-gen --max-num-bits <max-num-bits>

Request the creation of a new private key

Generating a new set of keys and crs is necessary when creating a new FHE Co-processor.

To do so one can use the TKMS cli tool packaged in the following docker image.

The configuration file of the CLI will need to be modified or mounted to a volume accessible within the Docker container. The accessible/modified file must include:

s3_endpoint = ""
object_folder = ["","","",""]

validator_addresses = [""]
http_validator_endpoints = [""]
kv_store_address = ""
faucet_address = ""

asc_address = ""
csc_address = ""
mnemonic = ""

Key generation

"Insecure"

cargo run -- -f <path-to-toml-config-file> insecure-key-gen

"Secure"

Secure key generation takes a lot longer and is a two step process. For development purposes insecure key generation is the recommended way since it is much faster.

This will do some pre-processing needed for key-generation. The pre-processing id will be needed to then launch a distributed key generation.

cargo run -- -f <path-to-toml-config-file> preproc-key-gen
cargo run -- -f <path-to-toml-config-file> key-gen --preproc-id <preprocessing-id>

Common-Reference-String (CRS) generation

"Insecure"

As for the insecure key-generation this operation will be done by a single party.

cargo run -- -f <path-to-toml-config-file> insecure-crs-gen --max-num-bits <max-num-bits>

"Secure"

This will launch a distributed CRS generation.

cargo run -- -f <path-to-toml-config-file> crs-gen --max-num-bits <max-num-bits>