Paper 2021/219

Snarky Ceremonies

Markulf Kohlweiss, Mary Maller, Janno Siim, and Mikhail Volkhov


Succinct non-interactive arguments of knowledge (SNARKs) have found numerous applications in the blockchain setting and elsewhere. The most efficient SNARKs require a distributed ceremony protocol to generate public parameters, also known as a structured reference string (SRS). Our contributions are two-fold: 1. We give a security framework for non-interactive zero-knowledge arguments with a ceremony protocol. 2. We revisit the ceremony protocol of Groth's SNARK [Bowe et al., 2017]. We show that the original construction can be simplified and optimized, and then prove its security in our new framework. Importantly, our construction avoids the random beacon model used in the original work.

Note: Revised proof and improved readability

Available format(s)
Cryptographic protocols
Publication info
A minor revision of an IACR publication in ASIACRYPT 2021
Zero KnowledgeNIZKzk-SNARKceremony
Contact author(s)
mikhail volkhov @ ed ac uk
2021-09-21: revised
2021-03-02: received
See all versions
Short URL
Creative Commons Attribution


      author = {Markulf Kohlweiss and Mary Maller and Janno Siim and Mikhail Volkhov},
      title = {Snarky Ceremonies},
      howpublished = {Cryptology ePrint Archive, Paper 2021/219},
      year = {2021},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.