While surfing the net, I stumbled upon https://tezos.com -- a very interesting project that does the following:
Tezos is a new decentralized blockchain that governs itself by establishing a true digital commonwealth. It facilitates formal verification, a technique which mathematically proves the correctness of the code governing transactions and boosts the security of the most sensitive or financially weighted smart contracts. Learn more
Now, I noticed that Zooko is on-board as their advisor. That's enough to pique my interest, so I did more reading to find out what the vision of Tezos is when it comes to privacy and anonymity. From their Overview presentation, I noticed the following slide that says (bold is mine):
Privacy preserving transactions and smart contracts are a key feature of modern blockchains. Not only are they a security requirement, they ensure censorship resistance much more effectively than any tweaking of the consensus algorithm. However no solution is perfect yet. Ring signatures, as used in Monero, can still leak some information about senders. Zcash makes an impressive use of zero-knowledge proofs to provide full, information theoretic, anonymity, but the risk – however remote – of undetected hyperinflation in the event of a bug in the proof circuit makes some users uncomfortable.
Our initial plan is to strike a compromise and integrate Zcash’s proof circuit in the protocol, but restrict its operations to a special token issued on the Tezos blockchain. This token will be convertible 1 to 1 with Tezos tokens, but the chain will keep track of how many tokens have been converted so that undetected inflation in the privacy preserving token cannot spill over onto the main token. Users who trust the security of the privacy preserving token will have full use of its functionality while those who don’t will remain protected as long as they do not make use of the privacy feature. This mechanism replicates the economic behavior of a side chain, but on a single ledger.
In the long run, the team intends to replace all operations on the blockchain with zero knowledge proofs. Instead of downloading an entire blockchain a client will be able to download a single proof attesting that the entire blockchain has been validated starting from the genesis hash. However, to that end, they will likely make use of STARKs, zero knowledge proofs similar to SNARKs but which do not require a trusted setup.
Suppose Tezos takes off .. I'm just wondering what the selling point of ZCash will be -- in light of alternatives that can easily incorporate the zero-knowledge proof, the main unique feature of ZCash, into their network, while addressing the key perceived weakness of ZCash like the trusted setup. I know in this nascent crypto-currency world, it makes sense for the different networks/coins to cooperate and support each other (by lending features, helping with implementations etc), but at the same time I'm concerned that there won't be enough that makes people want to own ZCash instead of alternatives. What are your thoughts?