http://zerocash-project.org/q_and_a
"Zerocash requires a trusted entity to conduct a one-time setup of the parameters of the system. During the setup procedure, secret random bits are drawn and used to compute the public parameters; the random bits are then destroyed, and the parameters are broadcast. "
http://zerocash-project.org/media/pdf/zerocash-oakland2014.pdf
"This work was supported by: ; the U.S. Defense
Advanced Research Projects Agency (DARPA) and the Air
Force Research Laboratory (AFRL) under contract FA8750-
11-2-0211;"
If you held the key to something which could be worth alot of money or sell later on - would you destroy it.....Would you trust that process or if the key is sold to the highest bidder/NSA, unmasking the entire block chain only for them...
Not to mention massive single point of failure! - Crack the private key...the entire currency becomes worthless...
No Thanks....
"Zerocash requires a trusted entity to conduct a one-time setup of the parameters of the system. During the setup procedure, secret random bits are drawn and used to compute the public parameters; the random bits are then destroyed, and the parameters are broadcast. "
http://zerocash-project.org/media/pdf/zerocash-oakland2014.pdf
"This work was supported by: ; the U.S. Defense
Advanced Research Projects Agency (DARPA) and the Air
Force Research Laboratory (AFRL) under contract FA8750-
11-2-0211;"
If you held the key to something which could be worth alot of money or sell later on - would you destroy it.....Would you trust that process or if the key is sold to the highest bidder/NSA, unmasking the entire block chain only for them...
Not to mention massive single point of failure! - Crack the private key...the entire currency becomes worthless...
No Thanks....
There is no private key. There is a one-time setup where random bits are pulled, and you have to trust that entity isn't storing them just like you have to trust your CPU manufacturer hasn't left in backdoors to remotely flip your CPU to Ring 0, that Gavin won't sell the alert key to the highest bidder to spam the system, that whatever altcoin you're using isn't built with backdoored curves, that all miners won't conspire for an attack on the system ect ect.
This uses zero knowledge proofs which allows the system to do valid transactions without knowing the details of who transferred to who. You integrate it with an existing cryptocurrency, Litecoin or anybody else could add Zerocash as a feature.
Apologies - I meant if someone cracks the "random bits" that are used as part of the initial setup...then its worthless.....updated my original post.
The coin is still worth whatever it's value, all Zerocash does is add a feature where you can now trade coins like cash with no trace on the blockchain. So if Zerocash fails then people can read the blockchain like normal and see transactions going to various addresses, which they can already see now. It's unlikely the developers of say, Litecoin would copy /dev/urandom during setup so you can likely trust them. Or trust yourself, if you decided to release your own altcoin and add this feature in.
