Breaking News

Zcash second encryption protocol implementation plan, the establishment of initial trust into its greatest challenge



Blockchain coder Cody Burns woke up from his sleep, his hotel room crowded like a "coffin box", which is why he does not have much of Hong Kong's favor.

As the hotel cashier does not speak English (and the hotel's check-in accepts only banknotes), Burns finds the hotel particularly westerner-friendly. However, this is nothing more than a plan for him.

Burns' mission is to enforce the privacy encryption currency zcash's encryption protocol (which Zcash officially refers to as its protocol implementation), a ceremony that has led many participants across the globe to destroy the so-called zcash "trust build process" "Toxic waste" ( toxic waste ).

Burns switched off his cellphone, cut off all the internet connections to his laptop (that is, no one was able to follow him) and then he took the crowded Hong Kong subway so no one doubted him The implementation of "sacraments", which is the secret plan handed over to him by the zcash development team.

He carries two USB sticks, one of them shaped like a spongebob, and the other, like Pikachu, which Burns uses to install the operating system and the zcash virtual machine. In addition, he carries a colorful Rubik's Cube, a product he borrows from a local market as the key to random words mentioned in the famous science fiction novel "The Nervous Rover."

Specifically, what he created was a scene in William Gibson's novels.

At the time, 20 people (including Burns himself) were experiencing a similar weird scenario that showed more than just the difficulty of maintaining online security and privacy, but also demonstrated that cryptographers, in order to secure their next generation of currency, How far are they willing to go?

"It's a two-hour, encrypted software train running on the world's most populous city, at peak times," Burns told coindesk.

"This is really the best way for encryption enthusiasts to end their journey, and my rating is perfect and I will do it again."



Behind the curtain


Even though many prominent cryptocurrency communities are improving their research code to provide greater privacy to users, this deal, which the zcash team calls "Powers of Tau," may be the most unique of these.

Although the process seems too complicated for outsiders, zcash's front-end zk-snarksencryption algorithm will mask the transaction sender, receiver, and even account balances.

It must pass a new trust plan for this particular hard-fork upgrade, and if one can crack the "random" inputs that developers input into the system, they can, in theory, take advantage of the system and can even make it at will They want the number of zcash coins (currently worth $ 316).

At a minimum, ensure that one participant successfully destroys the cryptographically toxic obsolete private key, or the entire system may be compromised.

In this way, many people think that the agreement implementation last year has not been sufficiently successful because it has only six developers, a figure so small that some people have criticized it.

However this time, zcash's first hard-fork upgrade, which means paving the way for faster networks, will have hundreds of people involved, albeit they need technical skills to run code in a secure environment .

According to Andrew Miller, an assistant professor at the University of Illinois at Urbana- Champaign and a consultant to zcash, this step will continue to make zcash the best cryptocurrency of current privacy.

In the agreement to implement the announcement , Miller said:


"As the number of participants increases, it becomes less likely that everyone wants to be compromised."


New proof


This process has been publicly displayed on the zcash mailing list, with those "certification" participants describing the technical security they are taking. Although some people were a bit more or less wasted, all of them implemented their version with reference to Burns.

As another example, Ethereum developer Hudson Jameson and his friend used a rudimentary "Faraday cage" of cardboard boxes covered with tinfoil to shield the computer from attack by attackers, who might try to pass through The computer sends a radio signal (a very common way to steal information) to capture what the computer is counting.

Then, to further (Burns broke the software in his USB stick with only one program running), they destroyed random access memory RAMs, computers, and USB sticks with electric drills and hammers because of the physical damage to the computer, Help to destroy any traces of the program that may exist in the hardware.

"It may seem very interesting," Jameson told reporters, but he felt it makes a lot of sense.


"I am confident in the use of these upcoming public parameters because I'm undermining the randomness of secrecy that is used in the execution of my protocol," he said. "Because of my personal involvement, I do not need to trust the implementation of the protocol Others, whether they are honest or not, or are they being watched. "
All this seems paranoid, and in a way it is indeed. However, this also shows that it is very difficult to ensure the security of online systems. Both hackers and unlimited dictators, they are a great threat.

In my involvement, I tried to use lava lamps to help me achieve better randomness. However, I do not have enough time to write a program that can take advantage of its randomness, so I can only glance at the lights from time to time in the hope that it will make my input more random.

Perhaps this is not the most random, but we already have Jameson's devastating experiment.



Vulnerability still exists?


However, others do not think so.

Despite this complex, distributed precaution that protects the security of zcash, some people are still worried that there may be errors in the implementation of this protocol.

"It's an improvement, but it does not address the issue of confidence building," OkTurtles founder Greg Slepak commented that he has been one of the most outspoken critics of the zcash creation mechanism.

Although this time with more developers involved in the experiment, but he still believes that there are still problems. First of all, all experimental computers are Intel engines used. They are deployed on millions of computers and are therefore possible points of attack.

In addition, participants may not be as careful as they think.


"Every individual involved in the implementation of this agreement is observed, and any sane person will choose to participate anonymously in the plan," he argues.
In contrast, he believes similar cryptanalities are provided by other cryptocurrencies, such as Monero (Monero) and MimbleWimble (forthcoming), without the need to establish initial trust, but it is this Small problems, but it may ruin the main attraction of zcash.

"I'm happy that they are trying to improve on this, and I just objected to the concept of the ceremony agreement," Slepak said.

At the same time, Slepak also expressed his concern that he believes the implementation of this new agreement has changed the minds of others.


"I am not optimistic about the process of being closed and trusting us, but I understand the intention of doing so," Burns said. "The second agreement is more resistant and scalable."

What do you think?