Bad news for Zcash?

https://mobile.twitter.com/petertoddbtc/status/919580870477934592

I could make the same statement for many coins out there. Where are the facts? Which line of code does what?

Babbling some “tech tongue” doesn’t make your words true, you should backup your words with facts, and that kid has no facts in his post.

Babble bla bla.

1 Like

needs to prove there’s a backdoor. the fact he didn’t leads me to believe this is FUD. market shrugged it off because this stuff isn’t new from peter.
(also probably means there could be big news for zcash that peter just caught wind of, and didn’t like)

1 Like

I think he has a valid point actually.

not saying he’s wrong… i’m just a dumb trader.
imo, a responsible actor wouldn’t make claims like “backdoor” on twitter with no evidence.
should’ve said “rust implementation is garbage, and needs to be fixed”, or “here’s the backdoor”.
also should’ve been done privately. twitter posts are a trashy way to make accusations

I disagree: I always prefear to lean towards the side of extreme transparency than the opposite. If there are reasonable concerns about the trusted setup (and I think the concern he pints is reasonable), we all better know them sooner than later.

2 Likes

agree to disagree.
make a public claim of “backdoor”
you need proof, imo.

bitcoin “could” be backdoored too.

grand scheme of things it doesn’t matter. market seems to be shrugging-it-off. been around for too long, and’ve seen pete in action. to me, peter’s a bit of a sensationalist. i’ll go-back to ignoring peter like i’ve done for years.

1 Like

There are definitely valid points in the arguments regarding the deterministic builds though I don’t think this is the best way to publicise (i.e. throwing out things like the ceremony could be trivially backdoored, which is clearly just to garner attention).

From my very simplistic understanding of this issue it sounds like these are valid theoretical possibilities for compromise, but the ceremony was designed so that, it if it was, it would be possible to audit so that any such compromises would later be detectable. However, it sounds like this auditing is very difficult to accomplish in practice (although I thought this was done by the external security audit but these issues were not raised).

All that being said there is still no evidence that it actually was compromised.

1 Like

You could, but you’d need to provide at least some type of realistic poc(s) for anyone to take note…

Peter may not be able to confirm such claims, but following on from that tweet, he’s already given us two clear examples as to how a malicious party would be capable of compromising the mpc with no one knowing if it had or hadn’t taken place.
Sure, one might not agree with him critiquing zcash so publicly, but its good to ask these questions and share them so they can be addressed in an open manner.

Absolutly, but in this case he is the wrong person to make a statement like that.

Absolutly agree, what I disliked is how he shared this information:

I’m obviously the ~only person who has actually built the Zcash trusted setup deterministic builds: (link: https://github.com/zcash/mpc/pull/9) github.com/zcash/mpc/pull…
Totally broken.

I feel such a strong “conflict of interest” from this statement right here, I mean, he is literally shitting on zcash with no regard. I’m not saying his statement is false, heck, I didn’t even realized who he was but to put it in perspective:

it’s like the INTEL CTO accusing AMD for having hidden undocumented instructions in their CPU’s with potenial hidden backdoors. Both companys have undocumented instructions, so it would be sooo hypocritical.

good points that another twitter user shared:

That’s why I suggested to set the RTC to the same time in the rerun
Also, find a laptop which was manufactured in the appropriate time window for buying it at that time (in case they used BIOS information)

In conclusion:

ayyy @zooko …was lurking the peter todd twitter thread, and honestly believe you handled this situation very well!

1 Like