goddamn just add it to vertcoin, theres no one left anyway which had a problem with Zerocoin and theres been a shitload of time and money invested in vtc by its community already, theres absolutely no fucking reason to just create another coin.
Fucking this x1000
I see where you guys are coming from, but consider this:
The accumulator requires an RSA modulus of unknown factorization, so we used the RSA modulus of unknown factorization from the world renowned RSA factoring challenge.
We implement zerocoin, not zerocash. And yes, we said generating transaction is less than a second, with verification time less than a minute
There's only a handful of even modestly secure primes p and q from that list, from 1536-bits to 2048-bits, with which to use to get N = pq. Key lengths of 2048 bits are unlikely to be secure within the next 5-15 years. As far as I can tell, whoever factors these first gets to spend all your zerocoins ever. It's also totally and trivially quantum insecure due to Shor's algorithm.
That you admit proof verification is measured in single to double digit seconds means that both DDoS of a node is trivial and block verification time is insane; you just need to spam invalid proofs from a number of unique IPs to computationally knock a node off the network, and generating a block with more than a few transactions will be an impossibility to propagate throughout the network before another competing block is published, resulting in massive amounts of orphans and a totally insecure blockchain. You could store the verifications over time in a cache, but it's incredibly easy for an attacker to simply not publish these and then publish a block with say, 200 valid zerocoin transactions and totally screw up the network.
That you're not even storing the niZKPs on chain is another huge problem affecting network consensus based on history.
Personally, potentially risking both established consensus on a live network, and also risking transactions being at risk on that same network seems like pretty good reasons to not want to hop right into a zerocoin implementation on a pre-existing chain, especially when zerocoin had only one or two other live implemtations that aren't even fully involved yet, and at least one of which isn't going so hot. The devs have mentioned they intend to have zerovert as a side chain.
If it became part of vert as a side chain, and they really follow through, then that might be the addition you were looking for?
What if this ends up going sideways? I would not like to see VTC at risk because of piling risky, alpha level software on top of risky, alpha level software.
Maybe I'm wrong though? Knowing there's serious risks, what do you think? I don't think this was ever even brought up or mentioned in VTC.
