Zerocoin: Anonymous Distributed E-Cash from Bitcoin
(1/33) > >>
Let's discuss this paper:

What are your thoughts on this? I don't understand a lot of the technical stuff in the paper, so I'm interested in hearing your opinions.


Abstract—Bitcoin is the first e-cash system to see widespread
adoption. While Bitcoin offers the potential for new types of
financial interaction, it has significant limitations regarding
privacy. Specifically, because the Bitcoin transaction log is
completely public, users’ privacy is protected only through the
use of pseudonyms. In this paper we propose Zerocoin, a
cryptographic extension to Bitcoin that augments the protocol
to allow for fully anonymous currency transactions. Our system
uses standard cryptographic assumptions and does not introduce
new trusted parties or otherwise change the security model of
Bitcoin. We detail Zerocoin’s cryptographic construction, its
integration into Bitcoin, and examine its performance both in
terms of computation and impact on the Bitcoin protocol.

i gave the paper a read and it is indeed interesting.

the complexity of the scheme is high and has large tx sizes. feels a bit overkill
Binford 6100:
Quote from: behindtext on April 12, 2013, 11:01:29 PM

the complexity of the scheme is high and has large tx sizes. feels a bit overkill

it is targeting much smaller audience, the size is in this case not an issue.
the data of zerocoin public dashboard do not have to be preserved the same way as blockchain.
The most important reason why this will never be used over Bitcoin is that it requires a TRUSTED THIRD PARTY to create the initial parameters. This TTP could, in theory, trace any coin in circulation. So how the Bitcoin community will choose this TTP ?

Why not let the FDIC be this TTP? Oh, yes... this is not the Bitcoin philosophy :)

PS: I designed a protocol that does not have this problem (but have another less important weakness) , but well, never published, so Matthew Green deserved much credit. I hope I can publish it soon...

I will post more about Matt protocol shortly, when finish checking it...


The zerocoin paper doesn't indicate a trusted third party actually it indicates the exact opposite.
Message Index
Next page