Zerocoin: Anonymous Distributed E-Cash from Bitcoin
<< < (2/33) > >>
This is the first thing written about Bitcoin that's been worth reading in quite a while.

Neat, so this is the replacement for mixers.
Quote from: DeathAndTaxes on April 12, 2013, 11:31:44 PM

The zerocoin paper doesn't indicate a trusted third party actually it indicates the exact opposite.

PAGE 3, first column:

" With no trusted parties, the accumulator and its associated witnesses must be publicly computable and
verifiable (though we are willing to relax this requirement to include a single, trusted setup phase in which parameters
are generated). "

PAGE 4, second column:

"We note that the Setup routine may be executed by a trusted party"

The point is that by choosing RSA as the crypto function, they require a TTP.

Maybe it could be adapted to other crypto function, but it will change all the procedures, since they use the internal mathematical properties of RSA.

My point is that it doesn't require a trusted third party.  Yes they seem horrible naive (academics usually are).  A privacy "coin" where the govt has the backdoor key has essentially no utility.  Bitcoin's pseudo-anonymous capabilities are more that sufficient for "casual anonymity" (not wanting your wife to know where you spend your money).  Anyone interested in something stronger isn't going to be ok with backdoors.
Sorry about the Off-topic: If someone out there wants to write/implement my proposal for an anonymity layer for Bitcoin, and has in depth knowledge of crypto and math, then I'd gladly co-author the paper on APPECoin...
Message Index
Next page
Previous page