,
11 tweets,
3 min read
Read on Twitter
(fixed) Zcash counterfeiting vulnerability: z.cash/blog/zcash-cou…
"This vulnerability is so subtle that it evaded years of analysis by expert cryptographers focused on zero-knowledge proving systems"
Reality is bleeding edge crypto is risky; second inflation bug they've had.
"This vulnerability is so subtle that it evaded years of analysis by expert cryptographers focused on zero-knowledge proving systems"
Reality is bleeding edge crypto is risky; second inflation bug they've had.
(first being caught prior to release)
BTC has categorically worse privacy than ZEC on L1, but the trade-off is a safer system re: total loss. Had this been exploited, it could have easily been a hundreds of millions of dollars loss.
BTC has categorically worse privacy than ZEC on L1, but the trade-off is a safer system re: total loss. Had this been exploited, it could have easily been a hundreds of millions of dollars loss.
On BTC an inflation bug is very likely to get caught quickly, even if exploited, because of the transparency. That might be a few days shutdown at worse: awful, but survivable even in the worst case.
On a personal note, this part is interesting. Based my interactions with them, sounds like they deleted it publicly, then managed to actually lose it for real. WTF 
Remember my interactions with Zooko:
That's after the bug is fixed, so no need to make up a story; if they were being honest they'd admit they screwed up and actually lost it, which the blog post glosses over.
That's after the bug is fixed, so no need to make up a story; if they were being honest they'd admit they screwed up and actually lost it, which the blog post glosses over.
Zcash has gotta be the least honest competent team in crypto.
Also, their story that the transcript was hardly downloaded shows how right my criticisms of the lack of auditing was: basically no one had actually checked that the ceremony was correct which they refuted multiple times.
For instance the "deterministic" build broke ~1mth after.
For instance the "deterministic" build broke ~1mth after.
Really frustrating thing about this for me personally is I've been told privately by a few people that members of the Zcash team had been telling people in the cryptography community behind my back that I was incompetent and lying about the lack of auditing of the MPC, etc.
Assuming that's true, the most charitable explanation is that they were wrecking my reputation for their cover story; the least charitable is they're happy to lie about their critics. Nasty bunch of people either way.
I was pointed towards a bit of public corroboration, e.g. Matthew Green liking this dumb tweet:
By itself of that's pretty harmless and easily forgiven, but in conjunction with other claims and everything else, more productive to stop dealing with them.
By itself of that's pretty harmless and easily forgiven, but in conjunction with other claims and everything else, more productive to stop dealing with them.
Screenshot because Emin has blocked half of crypto. :)
