Following the announcement about performance improvements in Confidential Transactions in Bitcoin which you can read about here: https://www.reddit.com/r/Bitcoin/comments/7d5zbc/finally_real_privacy_for_bitcoin_transactions/ I’ve been trying to understand the implications for Zcash.
Firstly any improvements to Bitcoin privacy are welcomed but as Pieter Wuille points out:
Bulletproofs and the Pedersen commitments they operate on are perfectly hiding, but not perfectly binding. This roughly means that if they’re adopted inside Bitcoin, and elliptic curve crypto is (completely) broken, new money can be printed. On the flip side, it does mean that the privacy of anyone who used CT in the past is unaffected.
If I am not mistaken this is precisely the same as Zcash (albeit we also have the trusted setup to worry about) with regards to potential unbounded inflation? Is the difference in CT that this would be detectable in some way or is my understanding correct that a coin can be either offer unconditional privacy (as above and in Zcash) or unconditional soundness but never both?
[edit: I guess the cryptographic assumptions are different too i.e the tech here is more well tested and less likely to broken?]