Jump to content

Zerocoin protocol: Difference between revisions

From Wikipedia, the free encyclopedia
Browse history interactively
← Previous editNext edit →
Content deleted Content added
VisualWikitext
Zcoin (XZC): linked ASIC
Elishagh1 (talk | contribs)
107 edits
Line 31: Line 31:


===Private Instant Verified Transaction (PIVX)===
===Private Instant Verified Transaction (PIVX)===
PIVX is a [[cryptocurrency]] based on the Zerocoin Protocol, using a [[Proof-of-stake|Proof of Stake]] mechanism to issue new coins and validate transactions.<ref name=":0">{{Cite news|url=https://ca.finance.yahoo.com/news/netcoins-lists-pivx-083000675.html|title=Netcoins Lists PIVX|access-date=2018-11-26|language=en-CA}}</ref><ref>{{Cite news|url=https://ca.finance.yahoo.com/news/pivx-launch-cryptocurrency-exchange-platform-120011296.html|title=PIVX to Launch Cryptocurrency Exchange Platform ZDEX in November|access-date=2018-11-26|language=en-CA}}</ref>
PIVX is a [[cryptocurrency]] based on the Zerocoin Protocol, using a [[Proof-of-stake|Proof of Stake]] mechanism to issue new coins and validate transactions.<ref name=":0">{{Cite news|url=https://ca.finance.yahoo.com/news/netcoins-lists-pivx-083000675.html|title=Netcoins Lists PIVX|access-date=2018-11-26|language=en-CA}}</ref><ref>{{Cite news|url=https://ca.finance.yahoo.com/news/pivx-launch-cryptocurrency-exchange-platform-120011296.html|title=PIVX to Launch Cryptocurrency Exchange Platform ZDEX in November|access-date=2018-11-26|language=en-CA}}</ref> PIVX also became the first the cryptocurrency to implement bulletproofs on the Zerocoin Protocol.<ref>{{Cite web|url=https://coinnewslive.com/pivx-delivers-worlds-first-bulletproofs-implemented-zerocoin-protocol/|title=PIVX Delivers World’s First Bulletproofs Implemented Zerocoin Protocol|date=2018-12-23|website=CoinNewsLive|language=en-US|access-date=2018-12-29}}</ref>


==Reception==
==Reception==

Revision as of 12:55, 29 December 2018

Zerocoin is a privacy protocol proposed by Johns Hopkins University professor Matthew D. Green and his graduate students (Ian Miers and Christina Garman) in 2013 as an extension to the Bitcoin protocol that would add cryptographic anonymity to Bitcoin transactions[1].

History

Due to the public nature of the blockchain, users may have their privacy compromised while interacting with the network. To address this problem, third-party coin mixing service can be used to obscure the trail of cryptocurrency transactions. In May 2013, Matthew D. Green and his graduate students (Ian Miers and Christina Garman) proposed the Zerocoin protocol where cryptocurrency transactions can be anonymised without going through a trusted third-party, by which a coin is destroyed then minted again to erase its history.[2]

While a coin is spent, there is no information available which reveal exactly which coin is being spent.[3] Initially, the Zerocoin protocol was planned to be integrated into the Bitcoin network.[4] However, the proposal was not accepted by the Bitcoin community. Thus, the Zerocoin developers decided to launch the protocol into an independent cryptocurrency.[5] The project to create a standalone cryptocurrency implementing the Zerocoin protocol was named "Moneta".[6] In September 2016, Zcoin (XZC), the first cryptocurrency to implement the zerocoin protocol, was launched by Poramin Insom and team.[7] In April 2018, a cryptographic flaw was found in the Zerocoin protocol which allows an attacker to destroy the coins owned by honest users, create coins out of thin air, and steal users' coins.[8] The Zcoin cryptocurrency team while acknowledging the flaw, stated the high difficulty in performing such attacks and the low probability of giving economic benefit to the attacker.[9] In January 2018, an academic paper partially funded by Zcoin was published on replacing Proof-of-work system with memory intensive Merkle tree proof algorithm in ensuring more equitable mining among ordinary users.[10] In December 2018, Zcoin released an academic paper proposing the Lelantus protocol that remove the need of trusted setup and hides the origin and the amount of coins in a transaction when using the zerocoin protocol.[11]

Architecture

Transactions which use the Zerocoin feature are drawn from an escrow pool, where each coin's transaction history is erased when it emerges.[12] Transactions are verified by zero-knowledge proofs, a mathematical way to prove a statement is true without revealing any other details about the question.[13]

Zerocash

On 16 November 2013, Matthew D. Green announced the Zerocash protocol, which provides additional anonymity by shielding the amount transacted.[14] Zerocash reduces transaction sizes by 98%, however was significantly more computationally expensive, taking up to 3.2GB of memory to generate.[15][16] More recent developments into the protocol have reduced this to 40MB.[17]

Zerocash utilizes succinct non-interactive zero-knowledge arguments of knowledge (also known as zk-SNARKs), a special kind of zero-knowledge method for proving the integrity of computations.[18] Such proofs are less than 300 bytes long and can be verified in only a few milliseconds, and contain the additional advantage of hiding the amount transacted as well. However, unlike Zerocoin, Zerocash requires an initial set up by a trusted entity.[19]

Developed by Matthew D. Green, the assistant professor behind the Zerocoin protocol, Zcash was the first Zerocash based cryptocurrency which began development in 2013.[20]

Cryptocurrencies

Zcoin (XZC)

In the late 2014, Poramin Insom, a student in Masters in Security Informatics from Johns Hopkins University wrote a paper on implementing the zerocoin protocol into a cryptocurrency with Matthew Green as faculty member.[21] Roger Ver[7] and Tim Lee were Zcoin's initial investors.[22]

On 20 February 2017, a malicious coding attack on Zerocoin created 370,000 fake tokens which perpetrators sold for over 400 Bitcoins ($440,000). Zerocoin team announced that a single-symbol error in a piece of code "allowed an attacker to create Zerocoin spend transactions without a corresponding mint".[23] Unlike Ethereum during the DAO event, developers have opted not to destroy any coins or attempt to reverse what happened with the newly generated ones.[24]

In October 2018, an unknown user had uploaded a banned video on Zcoin blockchain in order to avoid Thai government censorship.[25] In November 2018, Zcoin conducted the world's first large-scale party elections for Thailand Democrat Party using InterPlanetary File System (IPFS).[26][27] In December 2018, Zcoin introduced Merkle tree proof, a mining algorithm that deters the usage of Application-specific integrated circuit (ASIC) in mining coins by being more memory intensive for the miners. This allows ordinary users to use Central processing unit (CPU) and Graphics card for mining, so as to enable egalitarianism in coin mining.[28]

Private Instant Verified Transaction (PIVX)

PIVX is a cryptocurrency based on the Zerocoin Protocol, using a Proof of Stake mechanism to issue new coins and validate transactions.[29][30] PIVX also became the first the cryptocurrency to implement bulletproofs on the Zerocoin Protocol.[31]

Reception

One criticism of zerocoin is the added computation time required by the process, which would need to have been performed primarily by bitcoin miners. If the proofs were posted to the blockchain, this would also dramatically increase the size of the blockchain. Nevertheless, as stated by the original author, the proofs could be stored outside of the blockchain.[32]

Since a zerocoin will have the same denomination as the bitcoin used to mint the zerocoin, anonymity would be compromised if no other zerocoins (or few zerocoins) with the same denomination are currently minted but unspent. A potential solution to this problem would be to only allow zerocoins of specific set denominations, however, this would increase the needed computation time since multiple zerocoins could be needed for one transaction.

Depending on the specific implementation, the zerocoin protocol would rely on one or more trusted parties to generate two large prime numbers, p and q, so n = p q. Since n has to be hard to factor, p and q must be unknown to normal users for zerocoin to be secure. The protocol could rely on RSA unfactorable objects to avoid having to have a trusted party for the setup process.[2] Such a setup, however, is not possible with the new Zerocash protocol.

References

  1. ^ "PIVX to Launch Cryptocurrency Exchange Platform ZDEX in November". Retrieved 26 November 2018.
  2. ^ a b Miers, Ian; Garman, Christina; Green, Matthew; Rubin, Aviel D. (May 2013). Zerocoin: Anonymous Distributed E-Cash from Bitcoin (PDF). 2013 IEEE Symposium on Security and Privacy. IEEE Computer Society Conference Publishing Services. pp. 397–411. doi:10.1109/SP.2013.34. ISSN 1081-6011.
  3. ^ Morgen, E Peck (24 October 2013). "Who's Who in Bitcoin: Zerocoin Hero Matthew Green". IEEE Spectrum. Archived from the original on 4 September 2014. Retrieved 6 August 2018.
  4. ^ Janus, Kopfstein (23 April 2013). "Gold 2.0: can code and competition build a better Bitcoin?". Ther Verge. Archived from the original on 20 June 2018. Retrieved 7 August 2018.
  5. ^ Carrie, Wells (1 February 2014). "Hopkins researchers are creating an alternative to Bitcoin". The Baltimore Sun. Archived from the original on 27 November 2017. Retrieved 7 August 2018.
  6. ^ "Moneta - Engineering an ideal cryptocurrency". Moneta.cash. Archived from the original on 3 February 2015. Retrieved 11 August 2018. {{cite web}}: Unknown parameter |dead-url= ignored (|url-status= suggested) (help)
  7. ^ a b "Cryptocurrency Zcoin Have Just Released 'French Drop' Their Best Privacy Update Yet". Business Insider. Zcoin team. 1 March 2018. Archived from the original on 7 August 2018. Retrieved 7 August 2018.
  8. ^ Tim, Ruffing; Sri Avavinda, Krishnan; Viktoria, Ronge; Dominique, Schröder (12 April 2018). "A Cryptographic Flaw in Zerocoin (and Two Critical Coding Issues)". Chair of Applied Cryptography. Germany: University of Erlangen-Nuremberg. Retrieved 9 September 2018.
  9. ^ Reuben, Yap. "A statement on the paper "Burning Zerocoins for fun and profit"". Zcoin.io. Archived from the original on 9 September 2018. Retrieved 9 September 2018.
  10. ^ Alex, Biryukov; Dmitry, Khovratovich. "Egalitarian computing" (PDF). arXiv.org. Cornell University. Archived from the original (PDF) on 29 December 2018. Retrieved 29 December 2018. {{cite web}}: |archive-date= / |archive-url= timestamp mismatch; 10 November 2018 suggested (help)
  11. ^ "Lelantus: Private transactions with hidden origins and amounts based on DDH" (PDF). Zcoin. Archived from the original (PDF) on 29 December 2018. Retrieved 29 December 2018. {{cite web}}: |archive-date= / |archive-url= timestamp mismatch; 20 December 2018 suggested (help)
  12. ^ "What You Need To Know About Zero Knowledge". TechCrunch. Retrieved 21 December 2018.
  13. ^ "Can This Man Build a Better Bitcoin?". Fortune. Retrieved 21 December 2018.
  14. ^ Matthew D. Green [@matthew_d_green] (16 November 2013). "We designed a new version of Zerocoin that reduces proof sizes by 98% and allows for direct anonymous payments that hide payment amount" (Tweet). Retrieved 16 September 2015 – via Twitter.
  15. ^ "Zcash Integration Guide - Zcash". Zcash. Retrieved 26 November 2018.
  16. ^ Eli Ben, Sasson; Alessandro, Chiesa; Christina, Garman; Matthew, Green (18 May 2014). "Zerocash: Decentralized Anonymous Payments from Bitcoin". 2014 IEEE Symphosium and Security. doi:10.1109/SP.2014.36.
  17. ^ "Privacy Coin Zcash Completes "Sapling" Network Upgrade". Retrieved 26 November 2018.
  18. ^ Ben-Sasson, Eli; Chiesa, Alessandro; Tromer, Eran; Virza, Madars (2014). "Succinct Non-Interactive Zero Knowledge for a von Neumann Architecture". USENIX Security.
  19. ^ "What You Need To Know About Zero Knowledge". TechCrunch. Retrieved 19 December 2018.
  20. ^ "Zcash, a Harder-to-Trace Virtual Currency, Generates Price Frenzy". Retrieved 26 November 2018.
  21. ^ Reuben, Yap. "An Interview with Poramin Insom, Zcoin's lead developer and founder". zcoin.io. Archived from the original on 24 August 2018. Retrieved 8 September 2018.
  22. ^ Reuben, Yap. "A message from our new investor in Zcoin, Tim Lee". Archived from the original on 29 December 2017. Retrieved 13 August 2018.
  23. ^ Osborne, Charlie. "The risky business of bitcoin: High-profile cryptocurrency catastrophes". ZDNet. Retrieved 21 December 2018.
  24. ^ Rob, Price (20 February 2017). "A single typo let hackers steal $400,000 from a bitcoin rival". Business Insider. Archived from the original on 11 August 2018. Retrieved 11 August 2018.
  25. ^ David, Hundeyin (12 November 2018). "Activists Use Crypto to Protect 'Rap Against Dictatorship' from Government Censorship". Yahoo Finance. Archived from the original on 29 December 2018. Retrieved 29 December 2018.
  26. ^ Jimmy, Aki (13 November 2018). "Thailand Uses Blockchain-Supported Electronic Voting System in Primaries". Nasdaq.com. Archived from the original on 29 December 2018. Retrieved 29 December 2018.
  27. ^ Jintana, Panyaarvudh; Kas, Chanwanpen. "Reliable voting TECHNOLOGY". The Nation (Thailand). Archived from the original on 3 December 2018. Retrieved 29 December 2018.
  28. ^ "Zcoin Moves Against ASIC Monopoly With Merkle Tree Proof". Finance Magnates. 6 December 2018. Archived from the original on 6 December 2018. Retrieved 29 December 2018.
  29. ^ "Netcoins Lists PIVX". Retrieved 26 November 2018.
  30. ^ "PIVX to Launch Cryptocurrency Exchange Platform ZDEX in November". Retrieved 26 November 2018.
  31. ^ "PIVX Delivers World's First Bulletproofs Implemented Zerocoin Protocol". CoinNewsLive. 23 December 2018. Retrieved 29 December 2018.
  32. ^ Peck, Morgan E. (24 October 2013). "Who's who in Bitcoin: Zerocoin hero Matthew Green". IEEE Spectrum. Institute of Electrical and Electronics Engineers. ISSN 0018-9235. Retrieved 31 January 2014.
Retrieved from "https://en.wikipedia.org/enwiki/w/index.php?title=Zerocoin_protocol&oldid=875855427"