Wow, that hot mess of crypto voodoo explains the Z-Crash. What's next, animal sacrifice and spirit cooking?
Peter Wuille Fact:
Trusted third parties are security holes, unless the third party is Peter Wuille.His post appears more positive than I expected, but I think there is some more subtle trolling going on.
The over-all tale is an incredible "Cyberpunk Desert Bus" epic where he notably one-ups the Zcash insiders in his approach to op-sec. (With a nice little jab against Zooko in Section 2 for taking weeks to bother messaging him over a secure channel with a pgp key.)
Two weeks later on Oct 14th Zooko contacted me again via Signal, saying he “Still [hadn’t] gotten around PGP-signing my Signal fingerprint” and asking if I could be a part of either the Oct 15-16th ceremony, or Oct 22-23rd ceremony. I ignored the message until later that day Zooko finally sent me a PGP-signed email confirming the Signal safety numbers (and for that matter, his phone number!)
But in terms of bigger picture, he notes:
Nothing you will read below changes the fact that you’re trusting me and five other participants not to collude. Full stop. End of story. It is IMPOSSIBLE for myself and the other participants to prove to a third party that we did not collude to keep the secret key. If you do not believe you can trust me, you should stop reading now.
And:
More importantly, verifying Zcash private transactions is orders of magnitude slower than verifying Bitcoin transactions: tens of milliseconds compared to a few microseconds. This is so slow that if Zcash users used private transactions frequently, even without attacks mining Zcash could become unprofitable for all but the largest mining pools even due to slow block propagation effects; if small miners were not forced out of business the Zcash network could even have difficulty maintaining consensus.
In my opinion the Zcash team has been irresponsible, maybe even dishonest, in their choice of block interval and size parameters.
And:
As of writing, I’m not aware of any efforts to independently audit the deterministic build process used to create the compute node DVDs that every participant in the trusted setup used. This means there’s a massive single point of failure in the whole process that completely undermines the value of the multi-party computation.
Until the software and deterministic builds are audited, the entire ceremony is a bunch of crypto hocus pocus.
All emphasis original.
Just the right aMOUNT OF PARANIOA. Damn caps lock.
