On Thu, Apr 5, 2018 at 7:26 AM, Natanael <natanael.l@gmail.com> wrote via cryptography@metzdowd:
Zero-knowledge proofs (and other topics)
Bitcoin BTC and subsequent coins, all of them until no more than ~2 years ago, rolled out with massive downgrade to how fiat cash / banking work... in that entire blockhain transaction history both exists, and is visible to all. Without so much as consent or notice or pemission by anyone or anything, anyone can divine and rummage significant of your history at will forever. Horrible downgrade. Yet such existance and visibility are not requirements to a functional currency. Only that UTXO set [1] are considered by the system to be valid, thus acceptable and trusted as future inputs. Not required are the privacy destroying, colorable arbitrary fungibility breaking, forever datamined, unneeded disk bloating, etc nature of this major feature downgrade to existing p2p / proxied fiat. Back then perhaps true ZK crypto privacy or any other cryptographically strong privacy method was unknown / unimplemented. You may think of more methods. However system software network design validating and keeping only the UTXOs was more than likely possible. Of course to keep rogues software from datamining... strong crypto way is still needed. And having that, then all participants will discard all spent records as inefficient, forever unvisable, dead weight. You must think up such designs. Today strong privacy is generally thought at least possible, and has two different approaches implemented and deployed in active networks competing live in the marketplace today. You must review methods and approaches in the research, and further consider of how to move beyond entry level scale and even tx types there. Generally in coins... is up to users to choose use enable or disable privacy capable coins by default, per-tx, or other basis. And to you to awaken, where others may fail, why such coins exist. Cypherpunk philosophy cannot survive in any coin that is non private or readily blockable... only when encoded in coins that are only / selectably private, running as / in fully encrypted and resistant networks, with DEXs, mining, etc all as part. Which means that non private cryptocurrencies will not survive any different than fiat central in long term. You may think of many reasons why. Survivability is from and of many things... including elements of such philosophy. Much can and must be improved and implemented there. [1] Basic ledger transfers, yet even as possible to multisig, operations, contracts, etc.