Coin Privacy Wars

So I just stumbled upon this and it looks like there is a debate about if Monero is more private than Zcash. I read through some comments and there are people saying that Zcash's private transactions can still be tracked??

Monero transactions are almost instantaneously constructed, vs. an impractical amount of time required to construct a private Zcash transaction.

Zcash's CEO has stated that their private transactions can be made too traceable. Peter Todd, a BTC developer and cryptographer who participated in the Zcash Trusted Setup, has called it a back door. Gregory Maxwell, another BTC developer and cryptographer, has said that Zcash is not unconditionally sound and that its Trusted Setup is a vulnerability.

What are your thoughts?

Listen to this if you want to understand the elaborate ceremony https://soundcloud.com/zcashreview/zcash-review-episode-2-design-of-the-ceremony. Yes it is possible it was compromised, just highly highly unlikely.

As for the "Zcash's CEO has stated that their private transactions can be made too traceable" I can only believe this was taken out of context from a tweet that Zooko made where I believe he was referring to identifying bad actors from exchange activity, the same was as is done for other cryptos. Obviously some people jumped on it to promote their agendas and to spread FUD.

1 Like

Here's what it comes down to ...
Monero attempts to hide TX via obfuscation;
Zcash accomplishes TX fungibility via encryption.
That's all there is to it.

2 Likes

why would anybody care about zcoin? this the zcash forum

1 Like

Sorry I thought this was a discussion about coins that are privacy centred and thought my post was valid considering you'll talk about monero but for some reason hide the content I posted about Zcoin

zerocoin protocol is garbage ...that's why the zerocash protocol exists. you'd figure they'd at least fork the correct protocol.

EDIT - multiple teams that have tried utilizing zerocoin have failed. this goes all the way to anoncoin...

1 Like

Are you sure Zcoin hasn't implemented zerocoin protocol properly? They have a working wallet which mints new coins breaking the connection to the old.

Zcoin uses the zerocoin protocol. They'd be better-off using the Zerocash protocol, and naming their token zcoin. Zerocash protocol is superior ...Otherwise, Zcash would be utilizing the Zerocoin protocol

EDIT - You can implement it, but it's an old, cumbersome version of Zerocash. There's literally no reason to implement Zerocoin

Pivx seem intent on integrating the Zerocoin protocol. It's currently on their testnet and, from what I can gather, they think it's good enough to go live. I don't know but I'm guessing Zerocoin doesn't require a trusted setup nor large proving keys - but Zerocoin proofs are something like 25.6 kilobytes vs Zerocash proofs at about 2 kilobytes (vs transparent, bitcoin style transactions at about 200 bytes...).

btw What's with this 'wars' nonsense? It's just competition - the free market rules.

still waiting on anoncoin to implement zerocoin (they said the same thing)

Zcoin is currently working on Merkle Tree Proofs ( running in testnet soon to go live ) as far as I know this lowers the size considerably. I might mention as well they have nodes in the works as well to lower the transactions sizes further. They also used a trustless set up, but plan to change it to sigma protocol. Just to clarify for kek zerocoin is implemented in Zcoin.

I'm trying to say Zerocoin is worthless ...People implement Zerocoin, it's too cumbersome. Multiple teams have tried it, and they all come to the same conclusion. If the Zcoin team was serious; would've forked Zerocash. Not Zerocoin. The people that designed/developed Zerocoin developed Zerocash because Zerocoin is not a serious scalable option.