Or I won't flinch and will just leave the CPUs here. Depends on how busy the day is
Topic: [ANN] Zcoin (XZC) - Implementing ZKP privacy without trusted setup - page 327. (Read 663504 times)
October 27, 2016, 10:49:32 AM
Is a zcoin price drop inevitable in the coming days? Only time will tell. I think it might be good to switch my spare CPUs over to Zcash and buy Zcoin if we do hit a valley in price.
Or I won't flinch and will just leave the CPUs here. Depends on how busy the day is
Or I won't flinch and will just leave the CPUs here. Depends on how busy the day is
October 27, 2016, 10:43:49 AM
there is trust issues with ZCash, its all dependent if people can trust the ZCash devs.
Both coins have there issues its all dependent on which is most trusted while been practical in real world scenarios.
Both coins have there issues its all dependent on which is most trusted while been practical in real world scenarios.
I don't even worry as much about the Zcash devs but more a hacker finding an exploit and keeping his method hidden while he secretly mints coins.
October 27, 2016, 09:27:58 AM
Considering the fact that Roger Ver is invested in both of these coins I would think the best approach is to have one hand in two pies 
. I think there will be a future for both however there is trust issues with ZCash, its all dependent if people can trust the ZCash devs. ZCoin on the other hand has a RSA setup however the Zcoin mint process takes ages to get onto the block chain it took me 12+ hours to be able to spend minted Zcoins.
Both coins have there issues its all dependent on which is most trusted while been practical in real world scenarios.
. I think there will be a future for both however there is trust issues with ZCash, its all dependent if people can trust the ZCash devs. ZCoin on the other hand has a RSA setup however the Zcoin mint process takes ages to get onto the block chain it took me 12+ hours to be able to spend minted Zcoins.Both coins have there issues its all dependent on which is most trusted while been practical in real world scenarios.
October 27, 2016, 08:32:41 AM
Zcoin could still take the inner turn by releasing some slick wallets etc.
But does not seem like dev team has their shit together.
Unfortunate.
But does not seem like dev team has their shit together.
Unfortunate.
October 27, 2016, 07:23:49 AM
At the end of the day, the algo is gonna change very soon, ZCash is launching tomorrow so who knows where the market is heading. There is going to be a major hype around ZCash but which will be the one that is adopted by the masses?
I'm preparing pop corn
October 27, 2016, 07:17:14 AM
At the end of the day, the algo is gonna change very soon, ZCash is launching tomorrow so who knows where the market is heading. There is going to be a major hype around ZCash but which will be the one that is adopted by the masses?
October 27, 2016, 04:17:49 AM
just favours a different crowd; everyone will have a whinge if x mining method isn't within their grasp.
Exactly.
I could be on here crying over every coin with GPU mining ( since I no longer have my rig ).
Instead, I wait till an opportunity to cloud mine comes along & grab it.
Crazy thing is... anyone can cloud mine, they just need to learn how. Ain't rocket science.
Miners thought:
-GPU: dev, switch to cpu please, there are plenty of gpu farm+nicehash mining, i can't do profit with my home 10 gpu, i have bills to pay
-CPU: dev, please switch to gpu, i have 6 gpu to mine and only 1 cpu.
October 27, 2016, 03:50:32 AM
just favours a different crowd; everyone will have a whinge if x mining method isn't within their grasp.
Exactly.
I could be on here crying over every coin with GPU mining ( since I no longer have my rig ).
Instead, I wait till an opportunity to cloud mine comes along & grab it.
Crazy thing is... anyone can cloud mine, they just need to learn how. Ain't rocket science.
October 27, 2016, 03:46:28 AM
I need helping making a pool for this coin,
I have everything ready I just can't get lyra2rev2 algo to work with the stratum I keep getting a lyra2rev2 is not supported algo
https://github.com/wareck/node-multi-hashing
I've added and installed this^, to my nomp package
can someone maybe send me the conf nomp files, I've been working on this for 2 weeks now and have been going insane at every step, but I just cant seem to find any data on getting this algo to work nomp! :/
I have everything ready I just can't get lyra2rev2 algo to work with the stratum I keep getting a lyra2rev2 is not supported algo
https://github.com/wareck/node-multi-hashing
I've added and installed this^, to my nomp package
can someone maybe send me the conf nomp files, I've been working on this for 2 weeks now and have been going insane at every step, but I just cant seem to find any data on getting this algo to work nomp! :/
October 27, 2016, 01:37:55 AM
Being involved with Dash, when the x11 ASICS came, only a handful of manufacturers and they are selling it at exorbitant prices that would probably never break even. A problem that still exists today. I suspect the vast majority of these miners are being retained by the manufacturers themselves.
We can't liken it to Bitcoin when it was the only cryptocurrency around but even then it's still only a handful of manufacturers. Bitmain is basically the only one where outsiders can get their hands on the miner easily.
They always talk about 'hash rate' as protection but I would argue that if it requires specialized hardware that only can be obtained from a few sources, that hash rate protection is a bit meaningless. It just makes it easier for the ASICS to dominate.
We can't liken it to Bitcoin when it was the only cryptocurrency around but even then it's still only a handful of manufacturers. Bitmain is basically the only one where outsiders can get their hands on the miner easily.
They always talk about 'hash rate' as protection but I would argue that if it requires specialized hardware that only can be obtained from a few sources, that hash rate protection is a bit meaningless. It just makes it easier for the ASICS to dominate.
October 26, 2016, 11:59:57 PM
So no one has issues with this coin being funneled into the mouths of a handful of people? Botnets and AWS, it's the same shit. Whole reason I've been bringing it up over the last couple weeks. Why would developers pick a random version of Lyra, even if there going to eventually switch?
Worse, why would they have the rows increase with every block?
That's what I meant, it's not Lyra2 or Lyra2v2, it's a weird ass version I guess that doesn't have mature CPU or GPU mining software out for. Obscurity? They don't plan on keeping it either, which makes it all the weirder.
So no one has issues with this coin being funneled into the mouths of a handful of people? Botnets and AWS, it's the same shit. Whole reason I've been bringing it up over the last couple weeks. Why would developers pick a random version of Lyra, even if there going to eventually switch?
Well a lot of these miners/botnets are dumping these mined coins on the exchanges which also allows distribution
With the early stages of any coin, it is always a handful of people who benefit (those who figure out how to get a miner working for the coin and get in early enough).The whole point of this weird Lyra version was to make it CPU limited until they figured out an ideal algo (which they thought would be MTP). You would think that CPU mined algos would be the best in ensuring a fair distribution but due to AWS and botnets, maybe GPU friendly algos are better. But making it GPU friendly does it make it less asic resistant? Granted, the algo right now is in urgent need of replacement and I know that the devs are currently deliberating their options and were actively soliciting opinions on slack.
You could do that with a normal algo if it's just a placeholder. There was no reason to make it a weird version of Lyra unless they wanted to keep it in the handful of peoples hands.
Lyra2 is a CPU algo, they could've used Cryptonote, m7m, yescrypt... There are other choices.
This goes back to the first point, why would you make it a CPU algo which is heavily dominated by botnets and AWS instances? A more uniform distribution would go to GPU miners. They could've just made it a ASIC algo like x11 or sha-256 and it would've accomplished the same thing.
There are plenty of GPU algos that are ASIC resistant and going round about to a handful of people getting the majority of the distribution, both of which you don't want. AWS users and botnets.
It's already hypothesized that the devs are dumping coins... What are also the chances they made this into a coin they could easily mine that others don't have much experience in on purpose? Just happened that this shitcoin got off the ground... somehow. They don't even have a timeline for their new 'real' algo, probably due to the amount of money they're making.
just favours a different crowd; everyone will have a whinge if x mining method isn't within their grasp.
Oh yeah? So you think ASICs are good too? You want a bunch of coins going to a handful of people, right? And people will whine if they are making buttloads of money and don't think other people should too.
ASICs actually ARE good from a network security standpoint. But that's neither here nor there - most people can take the time to learn how to utilize AWS, don't blame others for your laziness.
Yeah, but that's definitely not the only point of mining. The point is the distribution model is messed up, it's not about 'taking the time to do something', its' about making a method that most people don't know how to do and making them waste time figuring it out, while in the mean time the coins are unfairly distributed to those who already have experience. It's no different then ASICs. Anyone can go and buy ASICs. Putting aside private ones, they're on the market and do exist. They're being funneled into the hands of a handful of people.
It wouldn't surprise me if the devs already had a prviate GPU miner already primed for this coin before it came out or AWS/botnet. There is literally absolutely no reason for it to be a messed up version of Lyra, that is neither the CPU version (Lyra2, which has a GPU miner) or the GPU version (Lyra2v2, which also has a CPU miner).
Going back to talking about 'security' of a coin, how 'secure' is a coin where almost all coins are in the hands of a handful of people? What happens when they decide to dump. While it might be technologically 'secure', it's definitely not 'secure' from a economical standpoint.
ASICs actually ARE good from a network security standpoint. But that's neither here nor there - most people can take the time to learn how to utilize AWS, don't blame others for your laziness.
The thing that gets lost in all of this is mining SHOULD be hard, it's not easy to mine gold, why should crypto mining be the same? To me the more difficult to accomplish such a task, the more value it gives to it.
I work hard at my dayjob to accumulate extra funds to buy crypto, likewise why shouldn't a miner have to put in a little work to get their share as well?
Why should it be hard and what constitutes being 'hard'? It could be economically 'hard', meaning if you don't have money, you can't mine. Is that what you're looking for? Or are you looking for a obscure method that no one knows about except you, so while they're busy figuring it out you make a lot of money? Is that hard for you?
I assume you're not the only one that has to make money to mine. Get off your high horse. No one gets free hardware, software, and time. Most miners aren't well off and many have loans.
That's completely putting aside it's unhealthy to funnel all the mined coins into a handful of accounts that can be dumped and overlooking that statement coming from someone who is make a inordinate amount of money and doesn't want anyone else taking part in it... IE greed.
Continuing on the trend of something being 'hard'. Lets say someone has spent years acquiring hardware and spent a lot of time building a GPU farm. You are new to the game and you don't have any funds, hardware, and all you have is time. Do you think their 'hard work' has no value because you don't have the same 'hard work' they do (GPUs)? When do you get to decide that their 'hard work' is now worthless because you don't like the fact they can earn more money then you?
Oh and something being 'hard to mine' doesn't serve to the greater good of a coin. Market value has nothing to do with how hard something is to mine... Contrary to that, if there are a handful of people who are mining, it makes a coin economically very insecure (IE they can dump and destroy the market).
October 26, 2016, 09:17:56 PM
I heard many people talking about this coin in this forum. What is the difference between this coin and other anon coins?
I am just a layman and don't understand all the technical jargons. If anyone can explain to me, I can decide for myself whether this coin is worth buying.
I am just a layman and don't understand all the technical jargons. If anyone can explain to me, I can decide for myself whether this coin is worth buying.
What i need to find out is also how does Zerocoin scale compared to Zcash/Monero and that would be an important question to answer.
Great draft! Thanks
Also curious about scalability, if crypto adoption really kicks in I'm sure we will see some stalled networks.
This link explains it somewhat: http://blog.zcoin.tech/zcoin-and-zcash/
Basically Zcoin trades off larger storage space on the blockchain in favour of faster compute times and lesser memory requirements on the client side.
Quote
Zcoin’s private transactions are not memory-intensive as with Zcash. On a quad-core benchmark server, generating a private transaction with “Zerocoin mint” and “Zerocoin spend” consumes ~10 seconds of compute time. Thus, sending a private transaction with Zcoin could be between 5-200 times faster than Zcash, depending on device.
On the other hand, Zcoin’s private transaction sizes are about 50 times larger than Zcash’s transaction sizes. This will not be a limiting issue for several reasons. One easy fix would be to update Zcoin to support pruning:
In his whitepaper, Satoshi had mentioned “pruning” as a solution to Bitcoin’s potential future scalability issue. Surprisingly, it’s not discussed often. When there is greater demand for Zcoin transactions than its capacity, Zcoin can build pruning into the protocol. This way, the storage requirements for Zcoin could be minimal.
By stubbing off branches in the merkle tree to save storage space, pruning could be built into Zcoin in a similar fashion as described in Satoshi’s whitepaper
On the other hand, Zcoin’s private transaction sizes are about 50 times larger than Zcash’s transaction sizes. This will not be a limiting issue for several reasons. One easy fix would be to update Zcoin to support pruning:
In his whitepaper, Satoshi had mentioned “pruning” as a solution to Bitcoin’s potential future scalability issue. Surprisingly, it’s not discussed often. When there is greater demand for Zcoin transactions than its capacity, Zcoin can build pruning into the protocol. This way, the storage requirements for Zcoin could be minimal.
By stubbing off branches in the merkle tree to save storage space, pruning could be built into Zcoin in a similar fashion as described in Satoshi’s whitepaper
October 26, 2016, 09:08:21 PM
For those interested in knowing how Zcoin's implementation of Zerocoin compares to other current anonymity solutions:
https://github.com/zcoinofficial/zcoin/wiki/How-does-Zcoin-compare-to-other-anonymity-methods%3F
https://github.com/zcoinofficial/zcoin/wiki/How-does-Zcoin-compare-to-other-anonymity-methods%3F
Quote
Bitcoin and preceding alternative cryptocurrencies have attempted to solve this problem through the use of transaction mixers or ring signatures. However, they score poorly on this metric called the traceability set. The traceability set is a key metric to understanding how private a cryptocurrency is. The traceability set in formerly proposed solutions is limited by the size of the mixing cycle or ring signature. Each mixing cycle or ring signature is limited by the number of transactions per cycle, which is transitively limited by the the block size of the cryptocurrency. Thus, the traceability set in previous attempts at privacy tends to only be a few hundred.
With ZCoin utilizing the Zerocoin protocol, the traceability set is on a dramatically higher magnitude. Instead of having a traceability set limited to the few hundreds, ZCoin has a traceability set that encompasses all minted coins in the ZCoin system. Thus, the magnitude of the traceability could be in the order of millions, rather than hundreds. So its privacy level is magnitudes higher than all previous cryptocurrency.
The other problem is that tumbling methods are only secure under the assumption of a lack of topological analysis and pre-existing network data, which is an incorrect threat model. As I mentioned earlier, there have been multiple research papers demonstrating that taking a separate network topology like Facebook can be used to de-anonymize a cryptocurrency as long as a long chain of transaction history exists. With all previous cryptocurrencies, a long chain of transactions is publicly viewable on the blockchain and prone to topological analysis.
With ZCoin, this long chain of transaction history simply does not exist, and there is zero information leakage about the sender and receiver of a transaction, so it is not prone to topological analysis and so the link between the sender and receiver disappears.
ZCoin uses zero-knowledge cryptographic proofs. A zero-knowledge proof is a method in which one person can prove to another person that a given statement is true, without conveying any information apart from the fact that the statement is indeed true.
With ZCoin utilizing the Zerocoin protocol, the traceability set is on a dramatically higher magnitude. Instead of having a traceability set limited to the few hundreds, ZCoin has a traceability set that encompasses all minted coins in the ZCoin system. Thus, the magnitude of the traceability could be in the order of millions, rather than hundreds. So its privacy level is magnitudes higher than all previous cryptocurrency.
The other problem is that tumbling methods are only secure under the assumption of a lack of topological analysis and pre-existing network data, which is an incorrect threat model. As I mentioned earlier, there have been multiple research papers demonstrating that taking a separate network topology like Facebook can be used to de-anonymize a cryptocurrency as long as a long chain of transaction history exists. With all previous cryptocurrencies, a long chain of transactions is publicly viewable on the blockchain and prone to topological analysis.
With ZCoin, this long chain of transaction history simply does not exist, and there is zero information leakage about the sender and receiver of a transaction, so it is not prone to topological analysis and so the link between the sender and receiver disappears.
ZCoin uses zero-knowledge cryptographic proofs. A zero-knowledge proof is a method in which one person can prove to another person that a given statement is true, without conveying any information apart from the fact that the statement is indeed true.
October 26, 2016, 03:28:58 PM
ASICs actually ARE good from a network security standpoint. But that's neither here nor there - most people can take the time to learn how to utilize AWS, don't blame others for your laziness.
The thing that gets lost in all of this is mining SHOULD be hard, it's not easy to mine gold, why should crypto mining be the same? To me the more difficult to accomplish such a task, the more value it gives to it.
I work hard at my dayjob to accumulate extra funds to buy crypto, likewise why shouldn't a miner have to put in a little work to get their share as well?
If it's too easy, everybody will do it and it will be devalued.
That's how everything works: a balance is always found, given enough time.
October 26, 2016, 02:59:35 PM
Price should alredy be at 0.03 now, considering that after zcash launch zcoin will be forgotten.
zcash future are 0.24 each (120 usd each zcash).
zcash future are 0.24 each (120 usd each zcash).
Zcash is an LLC registered in the US, which unfortunately very much makes it vulnerable to pressure from FBI and other suits (in fact they could be subpoenad by the NSA just like Lavabit), and it has the toxic waste problem. Zcoin is... I don't know what it is, apparently no registered company at all, and it uses the RSA-2048 number for its crypto setup (as you can see right here), which has been publicly available for 25 years and means there is no possibility of toxic waste in the developers' hands.
Also the Zerocash protocol hides all amounts, which in theory allows an adversary to use an exploit to generate currency while remaining undetected forever, while in Zcoin amounts are public yet transactions are still private, as explained in my other post above.
In essence, Zcoin has its strengths exactly where Zcash has its weaknesses. Not saying Zcash sucks, it certainly is a cool project with an amazing dev team. But to think that Zcoin has no reason to exist when Zcash is out is just foolish.
Agreed with this. I think zcoin could exist along side zcash.
October 26, 2016, 01:01:59 PM
ASICs actually ARE good from a network security standpoint. But that's neither here nor there - most people can take the time to learn how to utilize AWS, don't blame others for your laziness.
That seems like a weird statement coming from you. Most people can learn how to use AWS, but very few people can use them for free or quasi-free.
October 26, 2016, 01:01:24 PM
ASICs actually ARE good from a network security standpoint. But that's neither here nor there - most people can take the time to learn how to utilize AWS, don't blame others for your laziness.
The thing that gets lost in all of this is mining SHOULD be hard, it's not easy to mine gold, why should crypto mining be the same? To me the more difficult to accomplish such a task, the more value it gives to it.
I work hard at my dayjob to accumulate extra funds to buy crypto, likewise why shouldn't a miner have to put in a little work to get their share as well?
October 26, 2016, 10:55:21 AM
Is price zcoin price rising since zcash launch is near or not?
October 26, 2016, 10:54:11 AM
So no one has issues with this coin being funneled into the mouths of a handful of people? Botnets and AWS, it's the same shit. Whole reason I've been bringing it up over the last couple weeks. Why would developers pick a random version of Lyra, even if there going to eventually switch?
Worse, why would they have the rows increase with every block?
That's what I meant, it's not Lyra2 or Lyra2v2, it's a weird ass version I guess that doesn't have mature CPU or GPU mining software out for. Obscurity? They don't plan on keeping it either, which makes it all the weirder.
So no one has issues with this coin being funneled into the mouths of a handful of people? Botnets and AWS, it's the same shit. Whole reason I've been bringing it up over the last couple weeks. Why would developers pick a random version of Lyra, even if there going to eventually switch?
Well a lot of these miners/botnets are dumping these mined coins on the exchanges which also allows distribution
With the early stages of any coin, it is always a handful of people who benefit (those who figure out how to get a miner working for the coin and get in early enough).The whole point of this weird Lyra version was to make it CPU limited until they figured out an ideal algo (which they thought would be MTP). You would think that CPU mined algos would be the best in ensuring a fair distribution but due to AWS and botnets, maybe GPU friendly algos are better. But making it GPU friendly does it make it less asic resistant? Granted, the algo right now is in urgent need of replacement and I know that the devs are currently deliberating their options and were actively soliciting opinions on slack.
You could do that with a normal algo if it's just a placeholder. There was no reason to make it a weird version of Lyra unless they wanted to keep it in the handful of peoples hands.
Lyra2 is a CPU algo, they could've used Cryptonote, m7m, yescrypt... There are other choices.
This goes back to the first point, why would you make it a CPU algo which is heavily dominated by botnets and AWS instances? A more uniform distribution would go to GPU miners. They could've just made it a ASIC algo like x11 or sha-256 and it would've accomplished the same thing.
There are plenty of GPU algos that are ASIC resistant and going round about to a handful of people getting the majority of the distribution, both of which you don't want. AWS users and botnets.
It's already hypothesized that the devs are dumping coins... What are also the chances they made this into a coin they could easily mine that others don't have much experience in on purpose? Just happened that this shitcoin got off the ground... somehow. They don't even have a timeline for their new 'real' algo, probably due to the amount of money they're making.
just favours a different crowd; everyone will have a whinge if x mining method isn't within their grasp.
Oh yeah? So you think ASICs are good too? You want a bunch of coins going to a handful of people, right? And people will whine if they are making buttloads of money and don't think other people should too.
October 26, 2016, 09:37:01 AM
I heard many people talking about this coin in this forum. What is the difference between this coin and other anon coins?
I am just a layman and don't understand all the technical jargons. If anyone can explain to me, I can decide for myself whether this coin is worth buying.
I am just a layman and don't understand all the technical jargons. If anyone can explain to me, I can decide for myself whether this coin is worth buying.
Hi Shanem,
I have done a draft writeup for this
Most cryptocurrencies including Bitcoin rely on public ledgers where all transactions are public and the history of a coin can be traced from its inception. Some have tried to make it harder to do this by using coin mixers/tumblers but they involve trusting the mixer/tumbler in that they won't steal your money and that they aren't secretly recording how the coins are being mixed. Zerocoin technology allows the anonymization of coins that doesn't require you to put your trust in a mixer.
The easiest way to visualize Zerocoin tech is a huge jar where everyone who wants to anonymize their coins places their coins in the jar without revealing who they are and then at will, when they show the requisite proof that they did put coins in the jar, they are entitled to redeem any other person's coin in the jar that is of the same value thus the link between the coin that was put in the jar and the new coin she has taken out of the jar is broken. This is alike to having everyone put a quarter in the jar and have it sit there and when they want to spend their coin, they can then dip into the jar and pull out a quarter.
There are other anonymity solutions such as Monero's ring signatures or Dash's private send or Zcash's zerocash implementation. Each has their respective pros and cons.
With Zerocoin, some of its perceived advantages are:
a) Ability to choose whether to do a public or private transaction (which you can't do with Zcash or Monero) (some may see this as a weakness and prefer anonymity by default)
b) Very much less computationally intensive than Zcash to generate transactions so regular computers can still use Zcoin.
c) No need to place any trust in mixers or wait for it to be mixed (such as in Dash)
d) Possibly greater anonymity than Monero since Monero requires it to be 'mixed' with similar denominations transactions in the past so if your denomination is rather unique, it may stand out. However as time passes, this becomes less of a problem.
e) Based on very well reviewed cryptography compared to Zcash which is based on cutting edge tech. With Zcash, the sender, recipient and value are not revealed at all. From an anonymity standpoint this is great however if a bug is discovered and a hacker can secretly mint coins, this is very hard to detect! Total supply of Zcash cannot be determined.
f) Arguably less controversial 'parameter' generation than Zcash. Zcash relies on the initial secret being destroyed and they have figured out a way in which unless all participants collude to not destroy the secret, then the secret is destroyed. Zerocoin uses parameters generated from an a academic challenge (https://github.com/zcoinofficial/zcoin/wiki/Parameters-in-set-up-phase-for-Zerocoin-in-ZCoin)
There are also drawbacks to Zerocoin's implementation of course which is why all these solutions have a role:
a) Locked to fixed denominations 1, 25, 50, 100 for Zerocoin. Meaning you can only put fixed denominations in the jar.
b) When you choose to put a coin in the jar and immediately redeem a new coin, there might be some analysis that can guess that the person putting in and taking out is the same person.
c) Still computationally intensive compared to Monero
What i need to find out is also how does Zerocoin scale compared to Zcash/Monero and that would be an important question to answer.
Great draft! Thanks
Also curious about scalability, if crypto adoption really kicks in I'm sure we will see some stalled networks.
Jump to: