Topic: [ANN] Zcoin (XZC) - Implementing ZKP privacy without trusted setup - page 323. (Read 663307 times)

Zcoin or zcash, who will win? arent both similar?

Let's focus more on Zcoin but just for accuracy:

From wikipedia:

They have a tail emission.

Its main emission curve will issue about 18.4 Million coins to be mined in approximately 8 years.[8] [9] (more precisely 18.132 Million coins by ca. end of May 2022[10] [11]) After that, a constant "tail emission" of 0.6 XMR per 2-minutes block (modified from initially equivalent 0.3 XMR per 1-minute block) will create a sub-1% perpetual inflation (more precisely [see ref. above] starting with 0.87% yearly inflation around May 2022) to prevent the lack of incentives for miners once a currency is not mineable anymore.[12] The emission uses a smoothly decreasing reward with no block halving (any block generates a bit less monero than the previous one, formula: Emission per 2-minutes block = max(0.6, floor((M − A)×2−19)×10−12) XMR, with M = 264 − 1 and A = 1012 times the amount of XMR already emitted).

And Bitcoins market cap was very tiny at that point, . But we are both comparing apples with oranges to some extent.

But my point was replying to someone who was suggesting people buy. 

I really like the project and own a few, and want to buy more. But I just wanted to add my thoughts when someone suggested people buy now.

But who knows they may be right. I've been wrong plenty of times before

I'm pretty sure Monero has a cap of 18 million coins, but I'm interested if you have any evidence to the contrary. thanks

Notice a few questions coming up:

"Loads of new coins are being issued each day"

Zcoin follows the same release schedule as Bitcoin's.

"Why another privacy and anonymity coin? What additional benefit does Zcoin offer over existing anonymity solutions?"

Bitcoin and preceding alternative cryptocurrencies have attempted to solve this problem through the use of transaction mixers or ring signatures. However existing methods do not score that well on the traceability set. The traceability set is a key metric to understanding how private a cryptocurrency is. The traceability set in formerly proposed solutions is limited by the size of the mixing cycle or ring signature. Each mixing cycle or ring signature is limited by the number of transactions per cycle, which is transitively limited by the the block size of the cryptocurrency. Thus, the traceability set in previous attempts at privacy tends to only be a few hundred.

With ZCoin, the traceability set is on a dramatically higher magnitude. Instead of having a traceability set limited to the few hundreds, ZCoin has a traceability set that encompasses all minted coins in the ZCoin system. Thus, the magnitude of the traceability could be in the order of millions, rather than hundreds. So its privacy level is magnitudes higher than all previous cryptocurrency.

The other problem is that tumbling methods are only secure under the assumption of a lack of topological analysis and pre-existing network data, which is an incorrect threat model. There are multiple research papers demonstrating that taking a separate network topology like Facebook can be used to de-anonymize a cryptocurrency as long as a long chain of transaction history exists. With all previous cryptocurrencies, a long chain of transactions is publicly viewable on the blockchain and prone to topological analysis.

With ZCoin, this long chain of transaction history simply does not exist, and there is zero information leakage about the sender and receiver of a transaction, so it is not prone to topological analysis and so the link between the sender and receiver disappears.

ZCoin uses zero-knowledge cryptographic proofs. A zero-knowledge proof  is a method in which one person can prove to another person that a given statement is true, without conveying any information apart from the fact that the statement is indeed true.

"Where are the bounties going to?"

The great majority of the coins being spent from the founder's reward is going towards bounties, some of which may be cashed out. We are considering releasing general categorization of how the bounties are spent.

Of the bounties we're looking at right now that are open to the public:

• Get a top DNM to accept Zcoin: 1000-5000 XZC (depending on size of DNM)
• Assistance with implementation of MTP mining algo: Contact us.

"Your coin is being mined by botnets!"

Our Lyra variant is meant to be CPU friendly until we can implement the MTP protocol which is more RAM intensive and therefore less friendly on botnets. From information on the pools and in fact many of the largest miners are public and open about their mining, the vast majority of them are using AWS via cheap AWS credits (https://aws.amazon.com/awscredits/) which can be obtained from attending certain events, webinars, or using some Quick Starts or buying from other people who have the AWS credits. They are not mining 'for free' but are spending their money and time to get a return. Although we haven't looked at the AWS TOS in detail, this may or may not be a breach of their TOS and there are some early indications that some of them are having their credits removed.

I dont see the reason why it is dumped. It's not even profitable to mine and sell with current price.

Well if we're going to calculate present marketcaps based on coin supply years down the road then how do we calculate Monero with its infinite supply?

Yea, you have to expect inflation is going to bring the price way down, since it currently has zero use cases. At least Monero has xmr.to, some dnm usage, and some gambling sites and stuff. Zcoin (or zcash for that matter) has...trollbox speculation.

As an example we could compare to Monero (to pick another privacy style coin),

Monero's marketcap based on all 18 million coins would be around $90m  

Zcoins marketcap based on all 21M coins would be around $50M.

But XZC is a new untested coin with loads of coins being issued each day it appears and dumped.

A couple of days a ago there was 264,000 coins. Todays there is 285,000 coins

I don't see a reason to buy.

1. We don't know how many coins were given out in bounties.  We don't know how many are going to be sold.

2. This is a new coin, and really untested, but the market cap of all 21 million coins is $50 M
No wonder the sellers are crushing the price.


Does anyone really think this coin is cheap?

The coin appears to look cheap because so few coins have been released. According to coinmarketcap $60,000 worth of coins traded in the last 24 hours. the entire marketcap of presently released coins is around $700,000.

This appears to show that a large percentage (as compared to other coins) of available coins are being sold

which updates?

Price it a all time low! Excellent time to buy with the upcoming updates. 

This link is broken in the OP

 4-5 months
Implement =https://arxiv.org/pdf/1606.03588v1.pdfMTP: Merkle-tree based Proof-of-Work

Hi all, the original post has been updated with more information. Will continue to update this but the roadmap and some common questions on Zcash vs Zcoin are all there now.

Roadmap here: https://github.com/zcoinofficial/zcoin/wiki/Roadmap

-----------------------------------------------------

Fixed reindex and implemented MTP ( 4 - 5 months )

Reindex Issue - Done

Implement MTP: Merkle-tree based Proof-of-Work

Paper: https://arxiv.org/pdf/1606.03588v1.pdf

We believe MTP is the way to prevent botnets from mining while allowing normal legitimate CPUs to perform proof of work. On the verification end, it will take less time to process compared with finding proof. It is better than Equihash in term of verification speed following the below table, excerpt from https://www.usenix.org/system/files/conference/usenixsecurity16/sec16_paper_biryukov.pdf



Update Code Base to Bitcoin Core Latest Version 1 - 2 months

Implementing TOR and i2p on wallet clients 1 - 2 months

Further performance improvements to Zerocoin 2 - 4 months

Currently, our implementation doesn't do parallel verification on Zerocoin spend transactions. Once implemented, Zerocoin spend transactions can be sped up and there can be more than one spending transaction per block.

Implementing trustless setup in Zerocoin Protocol 6 - 12 months

Based on an academic paper, it may be possible to implement the Zerocoin protocol without a trusted setup phase. We will do further research into this, and will implement it if it is possible.

Distributed Market - If no darkmarkets accept ZCoin at that time 6 - 12 months

yep, that's correct

Why?

Do you have some reason?

All the noobs are buying ZEC and all pros are accummulating XZC.

http://blog.zcoin.tech/zcoin-and-zcash/

It's really similar tech, but with very different tradeoffs.

I would be concerned that ZEC completely conceals tx quantity...
To the point were it's impossible to determine how much ZEC actually exists...
Creating a gaping, invisible security hole that instantly makes ZEC the odds-on favorite for "biggest hack in crypto history"...
"This situation... is far more serious than The DAO... ZEC code is several orders of magnitude larger and more complicated".

Get rich quick groups never learn... or, rather, just care about the launch.


Because XZC does not conceal tx quantity, potential exploits and bugs are crypto garden variety...
So until ZEC slides to 0.1 BTC or so... XZC is the only game in town 

when I startup my AWS instances they use to work fine, now I get this error.

"Starting Stratum on stratum+tcp://xzc.suprnova.cc:5595
Illegal instruction (core dumped)"

Do you think it is related to that stratum attack you spoke of or just some corruption on my end?