You need to get out of the Forums more often . I always keep an eye on Twitter, Reddit, GitHub, the Chat and the ECC Blog, thatâs how I get all my information I convey to you guys.
Like the Company, we believe the chance of an exploit on mainnet is vanishingly small, thanks in large part to their extensive mitigations. But based on our understanding of the exploit, we are concerned that itâs non-zero (however small that may be). Unlike the inflation bugs in Bitcoin and Monero, the way Zcashâs privacy pool works itâs impossible to know if itâs been exploited⌠until Sprout addresses are deprecated. Once deprecated, ostensibly all Sprout holders will have moved their ZEC into Sapling addresses and any Zcash user will be able to detect unintended inflation in the transparent addresses used as part of that transition. This brings new urgency to a privacy-preserving turnstile tool to help users transition from Sprout to Sapling, and itâs one the Foundation would be happy to support in tandem with the Company, along with an accelerated deprecation schedule for Sprout.
Best case scenario: we accelerate the adoption of Sapling and prove without a doubt that an exploit didnât happen. Worst (and very unlikely) case: somehow the bug was exploited, which we detect as the Sprout pool empties and users transition to Sapling addresses. In this case, we will encourage users to follow the guidelines set by the Company here.
I think there are ZEC holders who just arenât paying attention to the project. Which is their prerogative, but definitely has downsides.
This is the whole reason I personally believe the ECC should have frozen the chain and hardforked. Sure with a bit of notice to other projects, but this would also impact horizon users and the such.
It is highly unlikely that the bug was exploited though, so it is a risk analysis thing. I certainly do not have the information to make that call.
The whole, he who moves first wins, is not ideal. tainting transactions so you can see if the pool goes negative then seeing by how much then working out what to do might have been the best solution. but again. I lack the internal information.
. I always keep an eye on Twitter, Reddit, GitHub, the Chat and the ECC Blog, thatâs how I get all my information I convey to you guys.