It's *very* early, but I've started collecting resources, open questions, and proposed efforts to explore how trustless zk-SNARKs could be useful for a potential future #Monero protocol update:
If you have useful resources or questions, please reach out!
The goal here is to build a go-to resource that marries the promise of trustless zk-SNARKs with the specifics of Monero's payment protocol to ease potential research and interest by Monero developers and researchers, not to push for implementing zk-SNARKs ASAP.
I'll be working on a blog post to detail why they're worth exploring in more depth and what the associated pros/cons are, but a few notes:
- Seraphis is still the path forward for Monero, we're focused on that
- Ring signatures are still working very well in the real world
- Trustless zk-SNARKs are not the same thing as Zcash, they have a much broader usage and much broader academic base, and should be viewed as related but separate topics
- Interest in trustless zk-SNARKs does not imply Zcash is perfect or my goal/ideal
Very hopeful the Monero community can stay open to technology outside of it's norm, explore it, figure out what's useful for Monero and what's not, and push past tribalism to keep Monero ahead of the game.
Much of Monero's protocol was invented or developed for other cryptocurrencies and then built out and improved upon by Monero devs and researchers.
Let's stay open to that while championing "internal" dev/research work like Seraphis that aligns extremely well with our goals.
One further clarification -- this isn't "ring sigs vs zk-SNARKs", zk-SNARKS are a generic proving system with specific properties.
zk-SNARKs are really a different approach to a proving system that could be useful in building a future version of the Monero payment protocol.
• • •
Missing some Tweet in this thread? You can try to
force a refresh
1/ I'm really tired of responding to lots of comments from DERO people claiming they've solved the worlds problems and scamming people with false marketing, so here's a thread breaking down all of their grandiose claims 👇
2/ DERO claims to be using "fully-homomorphic encryption" to prevent nodes from being able to see transaction information.
Not only is this nonsensical (zk-proofs allow verification without revealing data simply) FHE is absolutely unusably inefficient:
3/ For DERO to claim that they're using something that is thousands of times less efficient than more common encryption methods, and that has yet to be implemented in any other fashion due to this inefficiency should discount the rest of their claims off the bat.
2/ First off, no mentions of tracing Monero or tracking it's usage, despite Ciphertrace having used social-engineering to collect XMR addresses from known ransomware entities.
3/ Monero's acceptance (either only-XMR or XMR and BTC) has rapidly risen, and those who accept Bitcoin generally charge a 10-25% premium due to it being "easily traceable".
Here are some excellent wallets depending on your preference to start using today 👇
2/ First off, no matter what wallet you use *save your seed*!!!
Always do so in multiple locations, in ways that you can find and recover, and inform your family or loved ones of how to recover funds as well, just in case.
3/ The first wallet recommendation is @cakewallet (or @MoneroCom), both of which are very simple to use and beautiful, work on both Android and iOS, and have native exchange functionality.
While this is "just" the front-end, this continues the trend of "privacy tools" preempting regulatory pressure to kiss the boot of our benevolent overlords.
#Monero cannot do this by design, and that's what makes it such a powerful tool.
One of the biggest paradoxes of Lightning is that cross-network routing *requires* public knowledge of nodes, channels, and channel UTXOs/balances, but LN is being relied upon to "fix" all of the privacy issues of L1.
These problems are not easy to solve, maybe impossible.
If you reduce the information available about nodes/channels/UTXOs, you necessarily exacerbate an already serious issue -- routing payments gets much harder or even impossible without routing hubs.
Do you want to "easily" route payments, or do you want privacy?
To be clear here, there is no reason multiple exchanges would need to maintenance their wallets at the same time.
No network outage, no bugs, nothing.
This is happening with @binance and several others.
Quick clarification thanks to others pointing it out -- I'm not accusing @FixedFloat of anything, but exchanges like them usually rely on liquidity providers like Binance that are currently undergoing "maintenance" that smells of fractional reserves or paper trading.