I'm with Vitalik. (https://twitter.com/Snowden/status/913544739542241282 …) Zero-knowledge proofs may be the future of private trade.https://twitter.com/rhhackett/status/942799687844851713 …
You can add location information to your Tweets, such as your city or precise location, from the web and via third-party applications. You always have the option to delete your Tweet location history. Learn more
The only way I can see the initial ceremony having been compromised is by a bad build distributed to all participants. But this is hard to pull off in the first place, and participants kept copies of the build on write-once media, providing for an audit trail.
@petertoddbtc, one of the participants, finds it very hard to reproduce the binary builds (non deterministic) - at least if I understood correctly - thus making it very hard, I suppose, to verify. What am I missing?
All such binaries are hard to verify/audit. The binaries from the first Zcash Ceremony are slightly less hard than most software.
If all such binaries are "hard to verify/audit", why claim the trusted setup was a multi-party computation?
Throughout the ceremony; did you have access to anyone else's secret values? No. This is why it is called multi-party computation.
If the program running the computation is compromised - e.g. via a broken RNG - there is only one actual party to the computation. That is precisely the type of exploit we're worried about.
This is why you should also take a look at Zcoin $XZC, which is similar in functionality to Zcash (admittedly more cumbersome, without the ability to hide amounts), but based on RSA accumulators instead of zk-SNARKs and thus much less likely to have any fatal flaw.
Also keep in mind @Snowden that _if_ the Trusted Setup were compromised it would not risk the privacy of Zcash users but would allow an attacker to forge coins by false verification: https://z.cash/support/faq.html …https://www.zcashcommunity.com/2017/07/31/zcash-separating-fact-fiction/ …
How do you estimate the probability of a compromise when it's exploitation is *by definition* undetectable and the incentive to use it is enormous? Ceremonies are magic rituals. Very powerful, but not cryptographic proof.
Yeah, Monero uses older zero knowledge (ring signatures) to provide its privacy. Less risky in that regard.
"many known, respected, publicly identified figures" Wut?... oO There was only 6 individuals, *5 of them directly related to the zcash company*. Even using the word "many" sounds like a stretch.
Do you own any Zcash ?
thanks for your advice
As we approach simply ridiculous valuations of crypto currency, state sponsored quantum computing may be a serious threat to current cryptography
Also, it will likely become a very serious target of organised crime
The Korean @YobitExchange for examplehttps://cryptovest.com/news/another-bitcoin-exchange-hacked-youbit-files-bankruptcy-after-losing-users-coins/ …
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.