[[ZKP/Introduction/ZKP Ecosystem/Architecture|The ZKP ecosystem's]] security relies on well-established cryptographic primitives, each carefully selected for security-performance balance within Substrate's runtime framework: - [[ZKP/Data Marketplace/Technical Basis/Cryptographic Foundations/Lifecycle of zk-SNARKs|zk-SNARKs:]] The system employs the BLS12-381 elliptic curve, providing approximately 128-bit security against discrete logarithm attacks. While this curve offers strong security guarantees, it requires a [[ZKP/ZKP Base Layer/ZKP Blockchain/Cryptographic Assumptions and Implementation Risks/Trusted Setups for zk-SNARKs|trusted setup ceremony]] to generate the Common Reference String (CRS). To mitigate this single point of failure, the ecosystem implements a multi-party computation (MPC) ceremony with a minimum of 20 participants, where security is preserved as long as at least one participant is honest, coordinated through Substrate's governance mechanisms [30]. - [[ZKP/ZKP Base Layer/Core Concepts/zk-STARKs/zk-STARKs|zk-STARKs:]] Security here derives from the collision resistance of the SHA-3 hash function, providing 256-bit security and quantum resistance. While zk-STARKs eliminate the trusted setup requirement, they introduce computational overhead that limits their application to specific use cases where transparency is prioritized over performance, typically processed through Substrate's off-chain workers [23]. - [[Proof of Space (PoSp)]]: The integrity of storage proofs depends on the Poseidon hash function's security properties. The implementation uses specific security parameters (α=8, rounds=57) to achieve 128-bit security with optimized circuit complexity, crucial for efficient verification through custom storage verification pallets [13]. These choices—BLS12-381, SHA-3, and Poseidon—reflect a deliberate alignment with established cryptographic standards, ensuring both theoretical soundness and practical applicability within [[Substrate]]'s secure runtime environment [13, 23, 30]. See also: [[ZKP/ZKP Base Layer/ZKP Blockchain/Cryptographic Assumptions and Implementation Risks/Circuit Bugs|Circuit Bugs]]