Definition
A trusted setup ceremony is a multi-party computation that generates the public parameters, often called the structured reference string or common reference string, required by many succinct proof systems. The ceremony exists because these parameters are derived from a secret value that must never be reconstructed; if it were recovered, an attacker could forge proofs that pass verification. The leftover secret material is vividly called toxic waste.
The one honest participant assumption
The ceremony's elegance is its 1-of-n trust model. Participants take turns contributing fresh randomness on top of the previous contribution, each then destroying their own secret. As long as a single participant in the entire chain honestly discards their toxic waste, the final parameters are secure, even if every other participant colluded. This is why public ceremonies recruit large, diverse sets of contributors.
Powers of Tau and beyond
The most common construction is the Powers of Tau ceremony, which produces reusable, application-independent parameters that many projects later specialize. Perpetual versions let new participants keep adding entropy indefinitely. The alternative is to avoid setups altogether using transparent schemes, which trade larger proofs for the removal of this trust assumption.
Trusted setups are mandatory for the KZG polynomial commitment and are precisely what transparent constructions such as FRI are designed to eliminate.
In Simple Terms
A trusted setup ceremony is a multi-party computation that generates the public parameters, often called the structured reference string or common reference string, required by…