Topic: Time to revisit the 'Symbiotic Zerocoin alt-chain' (Read 2431 times)
Interested!
Can't wait for this new technology. I hope it lives up to the hype.
Zerocoin is now called zerocash and will be launching as an alpha in April or May. This was announced about a week ago. Proofs are now less than 300 bytes in size thanks to SNARK.
There is a discussion on this proposal in the Zerocoin subreddit:
http://www.reddit.com/r/ZeroCoin/comments/1vk3ol/the_best_way_to_launch_zerocoin_as_a_betacoin_of/
http://www.reddit.com/r/ZeroCoin/comments/1vk3ol/the_best_way_to_launch_zerocoin_as_a_betacoin_of/
So proof of work --> proof of burn --> zero knowledge proof?
With the hope that the bitcoin community would be open to future full convertibility back and forth via proof of burn? I'd be surprised to see that happen.
With the hope that the bitcoin community would be open to future full convertibility back and forth via proof of burn? I'd be surprised to see that happen.
Several months ago d'aniel proposed releasing Zerocoin as an altchain with one way convertibility from bitcoins to zerocoins, where zerocoins are generated by destroying bitcoins:
https://bitcointalksearch.org/topic/adapting-to-the-release-of-zerocoin-248865
He called this a 'symbiotic Zerocoin alt-chain' because the success of this alt would support the value of Bitcoin, while the hashing power of the Bitcoin network would secure the new Zerocoin alt-chain.
adam3us expanded on the idea in November, calling it "bitcoin staging" aka betaCoin:
https://bitcointalksearch.org/topic/m.3611878
At the time of d'aniel's post, Mike Hearn cited some problems with Zerocoin that made it unusable:
Since then, Matthew Green's team has apparently reduced the size of the zero-knowledge proofs by 98% and have claimed they will release a usable version of the eletronic cash system in May.
This could make the creation of a symbiotic Zerocoin altchain, or betaCoin, worthwhile. A symbiotic release would benefit Bitcoin, the adoption rate of Zerocoin, and cryptocurrency in general.
One additional advantage of this type of release of Zerocoin is that it would be compatible with a future change in Bitcoin to integrate Zerocoin as a full extension with two-way convertibility, in the event that the beta release of Zerocoin proves secure and efficient.
https://bitcointalksearch.org/topic/adapting-to-the-release-of-zerocoin-248865
He called this a 'symbiotic Zerocoin alt-chain' because the success of this alt would support the value of Bitcoin, while the hashing power of the Bitcoin network would secure the new Zerocoin alt-chain.
adam3us expanded on the idea in November, calling it "bitcoin staging" aka betaCoin:
https://bitcointalksearch.org/topic/m.3611878
At the time of d'aniel's post, Mike Hearn cited some problems with Zerocoin that made it unusable:
ZeroCoin is not merge-able not because it would create a much harder time staying decentralised. It's unmerge-able because the performance is so poor it would break things completely.
It's worth reading the original paper very carefully before forming any opinions on ZeroCoin. When I read it I discovered a serious error in their analysis but it was too late for the paper to be fixed. Namely that they thought that because blocks are created every 10 minutes, if it takes 10 minutes to verify a block then that's ok. Not correct! You need to be able to verify a block within seconds, not minutes. Otherwise the whole consensus algorithm just fails.
The maths behind ZeroCoin is fascinating, but unless they made dramatic improvements we're getting way ahead of ourselves talking about alt coins and implementations. This isn't some kind of finely nuanced tradeoff on which reasonable people can disagree. ZeroCoin is just not usable in its current form in any coin, alt or no.
And that's ignoring the issue of how you initialise the system in a trustworthy manner, which is still an open research problem. If you don't solve that then you're back to having a central banker which rather defeats the point of crypto-currencies.
It's worth reading the original paper very carefully before forming any opinions on ZeroCoin. When I read it I discovered a serious error in their analysis but it was too late for the paper to be fixed. Namely that they thought that because blocks are created every 10 minutes, if it takes 10 minutes to verify a block then that's ok. Not correct! You need to be able to verify a block within seconds, not minutes. Otherwise the whole consensus algorithm just fails.
The maths behind ZeroCoin is fascinating, but unless they made dramatic improvements we're getting way ahead of ourselves talking about alt coins and implementations. This isn't some kind of finely nuanced tradeoff on which reasonable people can disagree. ZeroCoin is just not usable in its current form in any coin, alt or no.
And that's ignoring the issue of how you initialise the system in a trustworthy manner, which is still an open research problem. If you don't solve that then you're back to having a central banker which rather defeats the point of crypto-currencies.
Since then, Matthew Green's team has apparently reduced the size of the zero-knowledge proofs by 98% and have claimed they will release a usable version of the eletronic cash system in May.
This could make the creation of a symbiotic Zerocoin altchain, or betaCoin, worthwhile. A symbiotic release would benefit Bitcoin, the adoption rate of Zerocoin, and cryptocurrency in general.
One additional advantage of this type of release of Zerocoin is that it would be compatible with a future change in Bitcoin to integrate Zerocoin as a full extension with two-way convertibility, in the event that the beta release of Zerocoin proves secure and efficient.
Jump to: