I Asked a Security Friend — What do you think of BlackBytes and ZEC?

I asked my security friend Noah Ruderman the following question:

What do you think of BlackBytes and ZEC?

— — — — — — — — — — — — — —
Noah: currently the only cryptocurrencies that are worth taking seriously for privacy use either the zerocoin protocol, the cryptonote protocol, and the zcash protocol. the future of privacy in cryptocurrencies are zero-knowledge proofs, where a statement is proved without revealing anything the information. for example, the cryptonote protocol uses ring CT, where the transaction amounts are shielded while still proving that the sum of the inputs are equal to the sum of the outputs in a transaction without leaking the amounts involved.

I have never heard of Byteball as a serious contender in privacy in any way and so i think that it is likely not taken seriously for a reason. i do not know much about this project but their use of off-chain transactions for privacy is very unlikely to be provably secure. for security, you want provable security. zero-knowledge proofs are provably secure.

ZEC uses the zerocash protocol but i have a lot of reservations about the project. first, the transaction sizes and computational resources required for private transactions are too large to be feasible for the average person. basically, the cryptography is great and has a lot of potential but trying to roll it out before it’s even practical is rushed and sloppy. second, the zerocash and zerocoin protocols require a trusted setup to prevent the creation of infinite coins which is a huge flaw. in security, we don’t like to trust people on principle. again, these protocols are being rushed out prematurely. third, ZCash has all the wrong ingredients for it’s inception. funded by VCs and other investors. the company incorporated in the United States where they could receive national security letters and be pressured by the US govt. the founding members do not care about real privacy as they have stated several times publicly that they are open to making ZEC compatible with law enforcement which by definition requires weakening the privacy of ZEC. i get the strong impression that they do not understand the concept of an unfriendly government or that *their* government could ever be the bad guy. and forth, the money distribution of ZCash is overly enriching the founders and investors. 20

20% of block rewards go to the founders for the first 4 years, meaning 10% of the total money supply ever created. that is WAY too much as a founders fee and a totally unfair distribution. in general, this sort of unfairness really turns off the community to adopting a monetary supply they (correctly) perceive to be unequal in distribution. ZCash would have been better off with a public ICO.

That said, ZEC is a serious contender for privacy. their success in this field is almost entirely contingent on reducing the space and computational requirements for generating private transactions, and I am not confident that they will be able to bring it down to something reasonable.

— — — — — –
If you’re working on something cool in cryptocurrency, you should join my titans of fintech group with 300+ fintech and cryptocurrency founders on facebook or email me at kumar(at)engineersf.com.