, 11 tweets, 3 min read Read on Twitter
(fixed) Zcash counterfeiting vulnerability: z.cash/blog/zcash-cou…

"This vulnerability is so subtle that it evaded years of analysis by expert cryptographers focused on zero-knowledge proving systems"

Reality is bleeding edge crypto is risky; second inflation bug they've had.
(first being caught prior to release)

BTC has categorically worse privacy than ZEC on L1, but the trade-off is a safer system re: total loss. Had this been exploited, it could have easily been a hundreds of millions of dollars loss.
On BTC an inflation bug is very likely to get caught quickly, even if exploited, because of the transparency. That might be a few days shutdown at worse: awful, but survivable even in the worst case.
On a personal note, this part is interesting. Based my interactions with them, sounds like they deleted it publicly, then managed to actually lose it for real. WTF
Remember my interactions with Zooko:

That's after the bug is fixed, so no need to make up a story; if they were being honest they'd admit they screwed up and actually lost it, which the blog post glosses over.
Zcash has gotta be the least honest competent team in crypto.
Also, their story that the transcript was hardly downloaded shows how right my criticisms of the lack of auditing was: basically no one had actually checked that the ceremony was correct which they refuted multiple times.

For instance the "deterministic" build broke ~1mth after.
Really frustrating thing about this for me personally is I've been told privately by a few people that members of the Zcash team had been telling people in the cryptography community behind my back that I was incompetent and lying about the lack of auditing of the MPC, etc.
Assuming that's true, the most charitable explanation is that they were wrecking my reputation for their cover story; the least charitable is they're happy to lie about their critics. Nasty bunch of people either way.
I was pointed towards a bit of public corroboration, e.g. Matthew Green liking this dumb tweet:

By itself of that's pretty harmless and easily forgiven, but in conjunction with other claims and everything else, more productive to stop dealing with them.
Screenshot because Emin has blocked half of crypto. :)
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to Peter Todd
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Follow Us on Twitter!

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!