Do you think a new value pool for Orchard 6.2 is a good idea?

Now that dust is settling, I think implementing Taylor’s recommendation:

Create a new shielded pool identical to Orchard (or Orchard+ZSAs in NU7) and update
wallets to automatically move funds so that the turnstile-enforced upper bound on the
amount of potentially-stolen funds decreases over time. [1]

Should be done to restore confidence that the vulnerability has not been exploited before.

5 Likes

Orchard could additionally be made withdraw-only, accelerating the process :person_shrugging:

3 Likes

Doesn’t matter. Damages have been done.

D

Well, RIP crypto then because even Bitcoin had an inflation bug, and smart contracts get hacked every month.

2 Likes

Exactly. All thanks to AI.

But I believe blockchain will still be useful, especially for tokenization of RWAs.

It is also ‒ and perhaps more ‒ important to ensure that people can have confidence that such a bug cannot reoccur. So far, each shielded pool has implemented the latest-and-greatest, shiny new state-of-the-art proof system.

But they have all used only one proof system.

It is time to consider requiring multiple redundant proofs, using several different, independent proof systems. Such a belt-and-braces approach will ensure that a vulnerability with a single proof system does not mean that confidence is lost in the entire pool.

Separately, perhaps also a mechanism could be introduced as part of the block creation process to generate a proof that the balance of the new shielded pool is correct.

3 Likes

…which from now on will no doubt be consulted before any changes are deployed, and applied to released code whenever there’s a new model.

I think it will be useless. You can’t force people to migrate (just look at Sprout) so you will never be able to prove the vulnerability was not exploited by using it.

Hm… Partially conflicted. Yes to your point, but a ~25k ZEC risk is different than a ~5 million ZEC.

The counter-point is that maybe +1 ZEC is as disastrous (no recovery path) as 1 million.

I think it will be useless. You can’t force people to migrate (just look at Sprout) so you will never be able to prove the vulnerability was not exploited by using it.

Yes, you can. It is purely down to developers’ choice that you can make new Sprout deposits.

1 Like

No need for a new pool, just make the current one auditable:

1 Like

Yes! If that possible, then it is the optimal solution.

1 Like

Sprout deposits have been disabled for 6 years ZIP 251: Deployment of the Canopy Network Upgrade

1 Like