A new proof system enabling larger circuit size, much faster proving time and with universal setup (i.e. new circuits don’t require trusted setup anymore).

Quick Links

📊 Motivation

Current proofs in the Filecoin protocol use the Groth16 SNARK in the trusted setup. This requires writing the computation being proven as a circuit and then feed it into the SNARK process.

The main limiting factors in this approach are

the size of the structured common reference string CRS (which is linear in the size of the circuit). It forces us to use 10 proof to prove one sector.
Proving time (which is quasilinear in the size of the circuit) and thus requires high cost in hardware and code optimization on hardware

🚀 Impact on Filecoin

Why Testudo in Filecoin?

Unique features of Testudo vs competitors

⭐️ Backward compatible SNARK for sectors data
⭐️ Backward compatible benefits from existing speedups
⭐️ Fast/Easy upgradability of the Filecoin protocol without new trusted setups
⭐️ Verifiable Computing on Filecoin data due thanks to ability to support large circuits

Cost reduction

Expected 4-20x cheaper proving costs for ProveCommit and WindowPoSt
Cost-effective to SnapDeal versus ProveCommit, which unlocks 15EiB for FIL+
eIn practice - SP need 4-20x less hardware (GPU) for same throughput