Zcash 2nd Ceremony Call for Review / Participation, @Snowden EFF ACLU Privacy Updates

Fri Dec 22 10:47:18 PST 2017

On Fri, Dec 22, 2017 at 5:09 AM, Georgi Guninski <guninski at guninski.com> wrote:
> On Fri, Dec 22, 2017 at 12:27:50AM -0500, grarpamp wrote:
>> The Zcash Foundation’s Powers of Tau Ceremony
>> https://z.cash.foundation/blog/powers-of-tau/
>
> Don't know if this is true or not, some concerns over zcash:
>
> https://www.coindesk.com/investors-know-trading-zcash/
> What Investors Should Know Before Trading Zcash

RSA was at one time new and insufficiently understood and not
yet reviewed by large numbers of cryptographers and cryptanalysts,
even to this day and in the future some of RSA may be unknown.
Zk-SNARK related crypto is no different.
Continued publication and review will yield better understanding
of its security and any potential weaknesses and breaks.
Calling a crypto new pursuant to that process is fine.
Considering if new crypto is redundant use case and design to
existing well tested crypto families is fine.
Using new crypto in critical applications can be debated.
Simply calling new crypto bad or good without that public
process backing up the finding is wrong.

For coins that offer two modes, any default as to private or transparent
should be left to user choice, with client unset and unusable upon
startup until set pursuant to plainly documented helptext,
with per tx options thereafter. Then this is a non issue.

Many news outlets fail to understand that the docs say that
for the ceremony to fail it is all-must-fail, not one-must-fail.
Review the actual docs and code, determine if they are both
correct and strong.

"Cypherpunk Desert Bus" including intermediate versions and as
Updated on/after 20171010... archive.org, and other internet
commentaries from others available to date...

Yes, it is a good thing that you can search and find all sorts of
material regarding the crypto behind Zerocoin and Zerocash that
needs to continue going through the very serious matter and
process of understanding, reviewing. proving, reproducing
builds and ceremonies, etc. Here are two more papers...

http://zerocoin.org/
http://zerocash-project.org/

Zcash seems actively calling for such review.

People should engage in that review since regardless whether
Zcash any of the other Z coins or even cryptocurrency is of interest,
the new zero knowledge crypto and use cases will apply to a wide
range of applications, thus it really does need to be proven or
debunked by a much wider crypto and applied community.

No different than say both the underlying crypto and ceremonies
of DNS root and CA keys... serious business.

Crap about founders rewards, "volatility", etc could apply to
any coin and isn't part of zk-snark crypto, builds, ceremonies.

Who designed and implemented a crypto could apply, though
usually ends up being transcended / mooted over sufficent
timescales under opensource public analysis.

As with the ongoing "M" mix question, the only way to answer
the "Z" question is to get down to the business of reviewing it...