Anonymous cryptocurrency Zcoin has given an indication that it will discharge the trusted setup by the end of 2017. This will allow anonymity, with anonymity collection surpassing thousands in contrast to preceding anon systems that basically offer twelve.
The network intends to implement the Sigma protocol after MTP completion and Znodes.
Reuben Yap, the community and communication manager of Zcoin, explains that once Zcoin implements the Sigma protocol, they would have a very compelling solution. It would offer the power and large anonymity sets of zero-knowledge proofs with low proof size without having to trust anyone with the generation of initial parameters, which is required in other zero-knowledge setups such as in Zcash.
Zerocoin and other zero information cryptocurrencies like Zcash, Monero and Dash require a trusted setup.
Reuben Yap says:
"We have found the answer in solving the trustless setup problem through the use of the Sigma protocol in Zerocoin as detailed by Jens Groth and Markulf Kohlweiss from the University College London and Microsoft Research."
What the Sigma protocol does is it eliminates the use of the trusted setup and replaces the RSA accumulators with elliptic curve groups.
More so, there will be a reduction of Zerocoin proof sizes from 25 KB to around ~1 KB allowing more Zerocoin transactions per block and making Zcoin much more scalable coupled with higher security using 256-bit elliptic curves roughly equivalent to 3072-bit RSA. At the moment, the Zerocoin network is using 2048-bit RSA.
A trusted setup involves the need to trust someone to create some primary frameworks and then erase those frameworks. Yap gives this analogy:
"A way to visualize it would be akin to making a lock and then trusting another person to destroy the only key to it. It is, however, not easy to prove that the key was destroyed. For instance, if a duplicate was made somewhere or a photo was taken of the key before it was destroyed. The same type of problems exists when trying to prove that the initial parameters were permanently destroyed and not known by anyone."
Yap says that the upshot of having the initial parameters leaked is that someone can generate coins out of thin air by performing forged Zerocoin spend transactions. When Cointelegraph queried him how this threat is dealt with currently, he revealed it was through having an auditable supply.
In February, a hacker created and spent 370,000 Zcoin, worth 410 BTC. The Zcoin team was able to determine this, raising eyebrows as to how other zero-knowledge coins can determine such an attack.
With the trusted setup, the Zerocoin network is using the RSA accumulators which require the generation of two large prime numbers.
"We are utilizing the RSA-2048 parameters generated in 1991 from the RSA factoring challenge which was an academic challenge to learn about the difficulty of factoring large numbers. The parameters we used had a $200,000 prize if someone managed to factor it," Yap wrote. "To this day, no one has claimed the prize or announced a successful factorization of RSA-2048 with the last successful public factorization at RSA-768."
According to the Zerocoin network implementation paper, applying the RSA factoring hurdle parameters determines that you do not need to trust the Zcoin developers, instead, only trust that the parameters from the RSA factoring challenge remained secure. "But we recognize that having a trusted setup is not ideal and it is always in our roadmap to implement a trustless setup," Yap noted.
He also indicated there have been previous attempts to remove the trusted setup in Zerocoin and the most well-known one was the proposed use of RSA UFOs which thus far have been impractical to implement.
"Our users should expect better anonymity with no worries of hidden loopholes and a greater scalability."
Op-Ed: Formally Submitted Comments to the SEC to Approve the Ethereum ETF
“We assembled here today are issuing a new decree to be heard in every city, in every foreign capital, and in every hall of power. From this day forward, a new vision will govern our land… we must thi
Victim of Brazilian Bitcoin Ransom Kidnapping Plot Rescued
A 32-year-old Brazilian woman was recently rescued by the Civil Police on the east side of São Paulo, Brazil. The woman, married to a bitcoin businessman, was kidnapped in Florianopolis on Wednesday.
Results of IBM-Kinno ‘Blockchain in Logistics’ Project to Be Revealed in June
BlockShow Europe 2017 organized by Cointelegraph Events in Munich in the first week of April has showcased a number of established Blockchain solutions for various industries, not limited to finance
Ethereum Developer Denies Filing Complaint Against Ethereum Classic Trust
Jeffrey Wilcke, the co-founder and developer of Ethereum, denied his connection with a complaint submitted to the SEC in regard to Grayscale’s newly launched Ethereum Classic Investment Trust. As
Bitmain Claims Antbleed Had No Malicious Intent, Does it Really Matter for Bitcoin Miners?
Bitmain was caught up in a controversy surrounding its recent patch on its open source codebase. The Bitcoin community harshly criticized Bitmain for developing malware which has the potential to
Is Bitcoin a Great Hedge Against Struggling Debt-Based Economies?
The US is known to the vast majority of the world as the global financial and economic powerhouse. Yet, the US holds the largest amount of external debt at $19.9 trillion. The UK, France and Germany f
Having $5 Mln Seized by Police, OneCoin Begins to Threaten German Journalists
After having $5 mln seized by local law enforcement agencies and police in Germany and India, operators of OneCoin have become more alert. The organization began to target German journalists
82,000 Unconfirmed Bitcoin Transactions in a Day, Necessity of Proportional Fees Obvious
On April 29, the Bitcoin mempool, the holding area for unconfirmed and pending transactions, recorded more than 82,000 transactions. Most transactions were delayed for up to 48 hours. When a