Staked Poll on Zcash Dev Fund Debate

In the case where the recipient does not move the funds, the sender gains an advantage relative to every honest voter, because it has the thing that the funds paid for. For example, it could in principle send the funds to an exchange (decentralized or not), in exchange for another token which it exchanges for ZEC, and then vote again with essentially the same money (minus exchange fees / inefficiency).

The original protocol by @sonya doesn’t have this problem, and IMHO should be used in preference.

2 Likes

Yep, this is a completely valid point, and what @amiller was getting at. I was thrown off by “the vote wouldn’t have been authorized by the recipient of the UTXO”, which I read as meaning that the recipient address couldn’t control whether it receives funds. This is obviously impossible to control for any address that has been made public, and my point was that it shouldn’t ever be assumed that a recipient agrees with a transaction that it is an output of. But this was beside the point of the actual adversarial condition, which is essentially a cross-protocol attack (between the voting protocol and the exchange redemption process).

3 Likes

I still don’t fully understand the UTXO approach, and now I’m not clear on whether it’s better or not?

The poll schedule will shift to match ZF’s delay (announced today).

I’ll write a blog post with step-by-step instructions once the unknowns are worked out.

7 Likes

I think you should use the original protocol you proposed. It’s secure enough for this purpose and it doesn’t involve any operations that are not supported by commonly used wallets.

1 Like

I’m very uncomfortable with telling people to compromise their privacy in order to exercise their voting rights.

Requiring people to unshield funds is exactly that, especially given the lack of tooling to prevent trivial linkability by amount. Made worse by the above concerns about IP address linkability.

I also worry about the security-of-funds aspect. People using cold wallets would need to either move funds out of their cold wallet (taking a risk), fiddle with their cold wallet private key (taking a risk and lacking tooling), or forego voting using their full holding.

The conjunction of the two of pretty bad. I conjecture that many “serious” ZEC holders use cold wallets or shielded funds, for good reasons. If these are effectively excluded from the vote, it’s unclear what sample we’re getting.

This might still be acceptable as a one-time temporarily solution for an advisory vote, but it must not become a recurring or binding mechanism.

3 Likes