Topic: Thoughts on Zcash? - page 55. (Read 123380 times)

Thanks for the link. I'm sure there will be some money to be made from this (it is being hyped but various folk in crypto - good luck trading it for the first few months though). However it is EVERYTHING that crypto shouldn't be.

USgov VC funded, not trustless,  for the benefit of a single private entity, not decentralised, high hardware requirements for client (this is never going to take off as an exchange medium in China, Africa, S America if you can't use a mobile phone to make payments).

Adding the fact that the golden key could break anonymity (whatever the article says) and could be used to magic wand coins into existence and that we have to trust that all copies have been destroyed?

Fishy.

Chris Angel, Zcash and the Golden Key

https://decentralize.today/chris-angel-zcash-and-the-golden-key-e9289e917dea#.82kafn9t6

Nice summary. Besides. The way Bitcoin is traced back to it's owners will be no different from this project.

http://time.com/3689359/bitcoins-track-anonymous/

All the big names behind it indicate another highly speculative asset to hedge against BTC.

a genuine way of adding more features on bitcoin if theres anyone able to pull it off its gmaxwell, but the problem with a ring signature or other anonymizing sidechain is that its not much better than a mixer, everyone will be able to watch the bitcoins coming in and out of it, there is also the misconception that the sidechain code will be bitcoin-only, other bitcoin-clones can fork it and implement it before the bitcoin code even gets to a public release candidate because the code will need to go through testnet first, thats the same that is going to happen to Zcash, there are already groups waiting for the code go green to fork it without the founders premine and corporate links, the problem is that the features are not really that exciting next to Cryptonote, the worst being the anonymous transactions not being the default mainly because of how bloating they are on the blockchain.

I haven't looked enough into it, and maybe Zcash contains some good ideas.  But for sure, as it is presented, there's something fundamentally fishy about it.

In fact, "to reward the founders", IMO, the best thing to do is to make a special genesis block with a single, exceptional "coinbase transaction" giving a known single "instamine" amount to "the founders", and that's it.  That's way, way simpler, clearer, more open, and cryptographically acceptable way of doing things than this funny 20% of mining rewards during 4 years.

so ridiculous premine and a gaping security hole. when did that ever stop a coin from being a huge hit? hang on to your hats.

“I have not failed. I've just found 10,000 ways that won't work.”
― Thomas A. Edison

Zcash is just another way to not make an anonymous crypto, there are several other evolutionary dead ends I believe, shadowcash, dash, ethereum contracts, bitcoin sidechains, are just as untested, buged, suboptimal or vaporware as time always confirms.

If you have some time, what are your thoughts on sidechains?

My problem is not so much with the fact that the "founders" get rewarded (you might think that that is simply normal) but rather the cryptographic implications of this, especially if the goal of the system is to make a cryptographically secure anonymous system.

In order for the founders to be able to get stuff that others cannot get, they must be in possession of a golden key that others don't have, and that mechanism in itself is OR cryptographically unacceptable if obfuscated, OR can easily be forked away if "in the open".  If it is in the open, I don't see why there's not an immediate clone/fork without this reward for the "founders", giving the miners 20% more than on the original.

I do not think that it is scammy. They are just trying to find new ways to pay the investors back. Of course you have to pay them back, it is not a donation. It must be the Zcash founders thought that it is a better idea to the their pay back strategy than organizing an ICO or premine the coin. The 80/20 reward set up is only during the first 4 years. After the first halving it will be 100% reward for the miners.

I can be seen as a compromise between ICO or premine and pure POW mining. It could or could not be a good idea. Only in practice we can see and tell. If the outcome is good then it can be a pay back strategy that can be used by other projects in the future. At least ICO's will be now eliminated.

It is this aspect which makes me think it is cryptographically broken, because in order to be able to do, as founders, what nobody else can, the cryptography cannot be open and clear, because if it is, the "founders" cannot possibly keep their privileged position.   There are only two ways in which I can imagine this is done: there is a golden key for the genesis block, or there is a golden key for the code.   If this golden key mechanism is public, then, as you point out, it is very easy to fork it (if it is the code) or to start a new chain (if it is the genesis block).  If this golden key mechanism is obfuscated, then the system is entirely not to be trusted, because that means there are potential back doors everywhere.
When you see that cryptographic standards go through all the pains to demonstrate that there AREN'T obfuscated golden keys (which was for instance a potentially unjustified suspicion on the DES S-boxes) and use mathematical constants such as Pi and prime numbers if they need "random stuff" to prove that it is not hiding any golden key, you can imagine what kind of error would be an obfuscated golden key in a block chain.

ZCash is scammy. 20% founders reward on mined coins are a no-go

"80% of the newly created ZEC will go to the miners, and 20% ZEC to the founders."
https://z.cash/blog/funding.html


Someone should fork it out and make a better version 

Thank you for sharing the articles. I have been looking at zcash and I was confident until I saw your post. I will read the articles more thoroughly and I will ask more questions here and at the zcash forum to see what they think and also their arguments and defense.

I agree that Zcash, with its fundamental flaws, should be a non-event, but I'm assuming that logic and research will outweigh Zcash's marketing and PR...and that's a bad assumption on my part. History shows us that marketing tends to have more influence on more people than logic and reason. Check out the Zcash website and look at all of the academics, bankers, and industry titans that are part of the Zcash team. They will use their influence, which is broad and far-reaching, to push their product when it's time for release. You can bet they will have a large marketing campaign (twitter, reddit, web sites, forums, etc.). They stand to make loads of money from a flawed product and they will do whatever is necessary to defend that potential income (as banks and governments do). But if people aren't yet tired of making bankers and governments rich, they can use Zcash. It is nonsensical to me that anyone would trust bankers and governments with their private financial information, especially after Cyprus, Greece, Snowden, and looming negative interest rates.

Some may say, "But they require a trusted setup which is inherently insecure." Yes, it is. People who actually do research will understand that. But Microsoft and Apple both produce products with known security problems, including back doors, and nobody seems to mind and people continue to buy their products in droves when more secure products exist (i.e. Linux). Why? Marketing and market saturation. I can see this happening with Zcash: an inferior product that has massive amounts of influence and marketing but is foundationally flawed. People tend to go for hype.

I'm just posting this in case anyone who truly wants an completely trustless, private, untraceable, fungible, and decentralized cryptocurrency will look into this for themselves. They'll find that Zcash has lots of flash, and it will work, but it won't have the attributes listed above (although they will tell you it does). They should go with what is completely trustless, private, untraceable, fungible, decentralized, and open source (coin named in previous post).

I'm very interested in the anonymity aspects, and my respect for monero comes from its cryptographic technology, and not the other way around.  I like DASH because it tried to implement anonymity as best as it could in bitcoin technology, but cryptonote's technology of Monero is simply better at it.  Now, if Zcash improves significantly on that, I can only applaud that.  However, there are some things that I read about Zcash (but, contrary to monero, I haven't wrapped my mind yet around how it works) that one would need to trust anything.  If that is true, then Zcash is dead-born.  In crypto, everything should be verifiable from scratch, open source, and open math.
I don't see how such is possible with a company that can assign itself a certain fraction of monetary creation, because that implies a non-centralized aspect in the cryptography (not all players are equal, because some have an element that can assign them coins that others, in principle, can't).  In as much as this is true, there's nothing that can save zcash. 

Cryptographic systems are to be open, known algorithms with no hidden keys/backdoors in it.  With what I read, I have the impression, but I can be wrong, that zcash doesn't follow that principle.

@c789 is spot on here.

Zcash could never be trusted with a trusted setup.  There is no way of knowing if someone had a golden key to unlimited coins. 

Would Bitcoin be as trusted as it is if there even was the slightest chance that someone could create unlimited coins without anyone knowing.

This is interesting.
Clones with extra additions tend to be better than the source if they are done well.
While there are things that could be better in Monero, I am not sure z-cash will do it good (but I don't mind at all nice surprises!!). And the market will tell if the "innovations" of z-cash are something useful indeed or not.
When is any ETA for z-cash launch?

I think once Z-cash comes out Monero will most likely be redundant unless it innovates with some new feature that Z-Cash doesnt have.

Z-cash will be the new standard for the anonymity niche market which is currently Monero's only selling point.

Ethereum has lost all credibility...move on

Like I said in my post, "How would you (or anyone else) know?" And then there are the other problems mentioned in the links I posted.

Trusting people in crypto is completely unnecessary. To have to trust someone is a fundamental, inbuilt flaw, and flaws can be exploited.

I'm not including open-source source code in this statement because anyone can look through and verify the code. I am saying that a completely decentralized, trustless system is a much better system, if not the absolute best. Zcash is centralized and requires trust. Caveat emptor.