The core team of developers responsible for Filecoin Proofs is called FilCrypto. Our goal is to maintain and enhance the proving and verifying mechanisms used within Filecoin.
If you've been involved with Filecoin for some time, you may have run across the terms Groth16 and/or more recently, Halo2. Or even more generally, 'Proofs'. But specifically, what are these terms referring to, and why does it matter? One of the responsibilities of Filecoin’s open blockchain is to ensure that Storage Providers are properly storing their data, and further that they retain that data for clients over time. The ‘Proofs’ are used to assert that the work was done properly, and the nodes on the network are able to verify proofs to maintain trust across the distributed storage network. More specifics on how the proofs do this can be referenced in other write-ups (PoRep, PoSt).
The proving system currently used in Filecoin is based on Groth16. Halo2 is a completely different alternative that FilCrypto has been investigating for some time.
One of the main motivations to looking into Halo2 was the recursive circuit support. In the most basic sense, this feature would allow our circuits an ability to generate proofs that prove other proofs. This is potentially a key feature in scalability in the protocol, however we are still in the early stages of designing what that could look like.
Another major advantage is that each new circuit being developed using Halo2 will not require a new Trusted Setup! In our current Groth16 based system, this tends to be a pain point and perhaps as a result, circuit developments affecting mainnet have been slow going. Arguably the network is sufficient with the existing circuits, but this advantage would allow more experimentation going forward, and if nothing else, also allow us to address scalability concerns since nearly all distributed blockchain based projects grow unbounded over time.
Without a Trusted Setup requirement for new circuits on mainnet, our team can more rapidly deploy network wide proof enhancements. We are separately also investigating ways to allow the community to generate their own circuits to prove and verify arbitrary things without network upgrades using Smart Contracts supported by the Filecoin VM (FVM).
Lastly, by having a system that allows circuit flexibility and optimizations, the longer term goals of reducing the operation cost of Service Providers can better be explored.
While the launch will be a mandatory upgrade so that nodes can verify new Halo2 based proofs that appear on chain, generating Halo2 proofs will be optional on the network. This ensures that existing Storage Providers that are happy with the Groth16 based system can continue to use it without interruption.