How can everyone be sure no backdoors will be in Zcash?


#1

Love the project and I have been following since the early Zerocoin days. My concern would be the perception of potential back doors. Of course governments want back doors for their own reasons, and in my view will strongly oppose anon currencies in time, that is fairly obvious. They likely have no idea about this tech yet as Bitcoin is still new to them, but once they understand the potential, they will be very afraid of it.

So, how can the community be assured there will be no back doors in Zcash? Will it be open source? Is there some way non code experts can be sure their anonymity is perfectly anonymous? Can the NSA or FBI come to Zcash later and demand that a backdoor is put in? What plans do you have to protect Zcash from this and assure the community this is not a risk? Thank you.


#2

I think Z Cash will have to be open sourced in order to validate no back doors are in place.


#3

That is what I would have to imagine as well, just checking. :slightly_smiling:


#4

@Cryptoclub Zcash is already open-sourced! You can follow along at our public repository:

https://github.com/zcash/zcash


#5

I trust Zcash team, respect their works on Zcash, it's a fantastic team.


#6

I trust them as well, I was just thinking of the typical fud that would come around. As it is open source there really isn't anything to worry about. Some will always be paranoid even then, but there is no solution for that.


#7

The source code will be open source, any bugs in ZCash will lead to significant price drop. I don't think it is in the interest of the ZCash team to have bugs. At the moment I think they are relying on the public to find bugs. I hope there will be an external audit of the code, something like the one ethereum had.
#FuckThe1%


#8

There can never be any surety even if it is open source. SSL is still being attacked even after 2 decades of existence. The benefit with open source is that the discovery of bugs and patches are usually swift and more often than not the attackers are white hat hackers with the intent to make the system robust.

In the case of zcash however, things will be a lot different due to it having potential monetary values. It will attract the black hats as much as (if not more) the white hat hackers. The ones that attack the money supply (as discovered recently in github) are obviously the most dangerous as unlike a transparent blockchain (Bitcoin), the supply is not there to even be viewed by anyone.


#9

"A warrant canary is a method by which a communications service provider aims to inform its users that the provider has not been served with a secret government subpoena. Secret subpoenas, including those covered under 18 U.S.C. §2709(c) of the USA Patriot Act,
provide criminal penalties for disclosing the existence of the warrant
to any third party, including the service provider's users."

Maybe this would be helpful?


#10

"A warrant canary is a method by which a communications service provider aims to inform its users that the provider has not been served with a secret government subpoena. Secret subpoenas, including those covered under 18 U.S.C. §2709(c) of the USA Patriot Act,
provide criminal penalties for disclosing the existence of the warrant
to any third party, including the service provider's users."

Maybe this would be helpful?"

That is a very good idea imho.


#11

My biggest concern is the generation of the initial parameters. Something needs to be done for me to trust that. I have already posted about it though


#12

I don't understand why this is not more of a concern for many. TTP setup is a trust issue that needs resolving. I know Zcash was working with Ethereum for a trustless setup and ther is a Github repository, but this major issue is not answered.


#13

If the Zcash team fail to generate initial parameters that perform 'as advertised', there is nothing stopping others from doing better. While I accept that mistakes can be made, I find it much less likely that the Zcash developers would squander all their effort to make a quick buck by deliberately deceiving a relatviely small group of early adopters.

Either way, this project is too interesting for me to only spectate for fear of losing a few measley dollars.