-
Notifications
You must be signed in to change notification settings - Fork 8
/
Copy pathq_and_a.html
185 lines (154 loc) · 12.8 KB
/
q_and_a.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="">
<title>
Q & A | Zerocoin Project
</title>
<meta name="description" content="">
<meta name="author" content="">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<!--[if lt IE 9]>
<script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link href="/media/css/bootstrap.min.css" rel="stylesheet">
<link href="/media/css/bootstrap-responsive.min.css" rel="stylesheet">
<link href="/media/css/style.css" rel="stylesheet">
<link href="/media/css/stickyfooter.css" rel="stylesheet">
<link href="/media/css/nav.css" rel="stylesheet">
<link href="/media/css/typography.css" rel="stylesheet">
<link rel="shortcut icon" href="/media/images/favicon.png">
<link rel="apple-touch-icon" href="/media/images/apple-touch-icon.png">
<link rel="apple-touch-icon" sizes="72x72" href="/media/images/appleimgim-touch-icon-72x72.png">
<link rel="apple-touch-icon" sizes="114x114" href="/media/images/apple-touch-icon-114x114.png">
<script>
var _gaq = [['_setAccount', 'UA-40085231-1'], ['_trackPageview']];
(function(d, t) {
var g = d.createElement(t),
s = d.getElementsByTagName(t)[0];
g.src = '//www.google-analytics.com/ga.js';
s.parentNode.insertBefore(g, s);
}(document, 'script'));
</script>
</head>
<body class="q_and_a">
<div id="wrap"> <!-- Wrap for sticky footer -->
<div class="row-fluid">
<div class="span7 offset3">
<div class="navbar">
<a class="btn btn-navbar collapsed" data-align="left" data-toggle="collapse" data-target="#foobar">
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</a>
<div class="nav-collapse" id="foobar">
<ul class="nav">
<li><a href="index">Home</a></li><li><a href="people">People</a></li><li class="active"><a href="q_and_a">Q and A</a></li><li><a href="talks_and_press">Papers, Press, etc</a></li></ul>
<div class="pull-right twitter-div" >
<a href="https://twitter.com/zerocoinproject" class="twitter-follow-button" data-show-count="false" data-show-screen-name="false">Follow @zerocoinproject</a>
<script>!function(d,s,id){var js,fjs=d.getElementsByTagName(s)[0],p=/^http:/.test(d.location)?'http':'https';if(!d.getElementById(id)){js=d.createElement(s);js.id=id;js.src=p+'://platform.twitter.com/widgets.js';fjs.parentNode.insertBefore(js,fjs);}}(document, 'script', 'twitter-wjs');</script>
</div>
</div>
</div>
</div>
</div>
<div class="row-fluid banner">
<div class="span6 offset3" />
<h1>
<a class="brand" href="index.html">
<img src="/media/images/zq_bw_72.png"/>erocoin Project
</a>
</h1>
</div>
</div>
<div class="row-fluid">
<div class="span6 offset3">
<p>Questions and Answers:</p>
<div class="toc">
<ul>
<li><a href="#why-do-i-care">Why do I care?</a></li>
<li><a href="#will-zerocash-be-deployed-in-bitcoin-the-currency">Will Zerocash be deployed in Bitcoin the Currency?</a></li>
<li><a href="#can-i-use-it-now">Can I use it now?</a></li>
<li><a href="#whats-this-about-a-backdoor">What’s this about a backdoor?</a></li>
<li><a href="#could-you-put-a-backdoor-in-it">Could you put a backdoor in it?</a></li>
<li><a href="#what-about-criminal-use-of-zerocash">What about criminal use of Zerocash?</a></li>
<li><a href="#what-about-the-balance-between-accountability-and-privacy">What about the balance between accountability and privacy?</a></li>
</ul>
</div>
<h3 id="why-do-i-care">Why do I care?</h3>
<p>Bitcoin is, in a lot of ways, less private than a bank account.
With a bank, you only disclose your finances to the bank and their designees.
With Bitcoin, you disclose it to the world since the block chain and all your transactions
are public. Naïvely, you might think this is not an issue,
since your name is not associated with your Bitcoin address(es)/public key(s).
However, it is not very hard to identify who an address
belongs to based on spending patterns. So if you have any desire for your
neighbors or retailers not to know what you spend your money on, you should be
interested in techniques to anonymize Bitcoin. Zerocoin is the only
solution to this that offers provable anonymity even if <em>everyone</em>
running the network is out to get you.</p>
<h3 id="will-zerocash-be-deployed-in-bitcoin-the-currency">Will Zerocash be deployed in Bitcoin the Currency?</h3>
<p>No. The Bitcoin core devs rightly decided that Zerocoin was too cutting edge to deploy in Bitcoin itself and, specifically in the case of the old Zerocoin protocol, had too many performance concerns. Although the Zerocash protocol fixes the performance concerns, the other issue is still present and we think rather valid: Bitcoin has a lot to lose and so needs to be cautious. </p>
<p>Bitcoin refers to a protocol and software stack originally developed by Satoshi Nakamoto. It also refers to the Bitcoin currency, which is one of several crypto-currencies that use Nakamoto’s protocol or a variant. This leads to some confusion in terminology: when our paper and parts of this website refers to Bitcoin, we are usually referring to Bitcoin the protocol and codebase that underlies both Bitcoin the currency and numerous other altcoins, not the actual currency itself.</p>
<h3 id="can-i-use-it-now">Can I use it now?</h3>
<p>Not yet. We are planning on releasing an alt-coin using the Zerocash protocol.
We are currently in the process of finishing a release version of the client, based on the Bitcoin 0.9.1 codebase: there’s a big difference between research software, and a working release grade client we can stand behind. Our goal is to release this code in a production-quality form that the community can use to stand up a real, functioning currency. We will be providing further updates on this site.</p>
<h3 id="whats-this-about-a-backdoor">What’s this about a backdoor?</h3>
<p>There is no backdoor and there never was. This was a misinterpretation of the following quote in the original paper and a less than ideally phrased answer in an interview. </p>
<blockquote>
<p>Since all Bitcoin transactions are public, anonymous
transactions are necessary to avoid tracking by third parties
even if we do not wish to provide the absolute anonymity
typically associated with e-cash schemes. On top of such
transactions, one could build mechanisms to partially or
explicitly identify participants to authorized parties (e.g.,
law enforcement). However, to limit this information to
authorized parties, we must first anonymize the underlying
public transactions.</p>
</blockquote>
<p>The idea was even if you are one of the “if you haven’t done anything wrong, you
have nothing to hide [from the government]” people (an assertion that we by no
means agree with), you’d still want privacy from the general public. After all,
we have banking secrecy laws for a reason – you don’t want your neighbors
knowing your financial details even if you want the FBI to know everything
about criminals or terrorists. Even if you wanted that world, you’d
need something like Zerocoin to make sure only the “good guys” could use it.</p>
<h3 id="could-you-put-a-backdoor-in-it">Could you put a backdoor in it?</h3>
<p>Not covertly. The paper has a provably secure protocol in it which is anonymous
(technical note: anonymity holds even if the trusted set up is screwed with, so no that’s not a backdoor), so absent modifications there is no way to
track users. The software will be open source and so any attempt to modify the protocol by inserting a backdoor would be rather obvious.</p>
<p>As with any protocol (Bitcoin included), the government could mandate an overt
locked “frontdoor” so to speak. On a technical level, these kind of things tend
not to <a href="https://en.wikipedia.org/wiki/Clipper_chip#Vulnerability" title="Clipper
Chip">work</a> for decentralized systems. Moreover, since Zerocoin will be open source
any version that had such a frontdoor in it would likely be forked and have it
removed. </p>
<h3 id="what-about-criminal-use-of-zerocash">What about criminal use of Zerocash?</h3>
<p>Zerocash’s privacy guarantees are designed to benefit legitimate users who do not want their financial details made public. There is a concern, as always, that decentralized anonymous payments will facilitate laundering of ill-gotten funds by criminal users. As we now explain, however, Zerocash barely affects the status quo for criminal users, who already have strong incentives to hide their activity, while it provides notable benefits to legitimate users. </p>
<p>First, the main difficulty with money laundering does not typically lie in how to privately transfer money from one person to another, but in how to make the eventual income appear legitimate: for regulatory purposes, one still has to present credible sources to justify the income, regardless of the technical means by which it was transferred. In this respect, Zerocash does not help.</p>
<p>Second, even without the “help” of Zerocash, criminal users can already anonymize their activities via existing financial systems (e.g., by using cash) or Bitcoin (e.g., by using mixes). Thus, the introduction of yet another method to anonymously move money is of little consequence.</p>
<p>Finally, Bitcoin is increasingly subject to regulation that narrows the gap between it and traditional financial systems. For instance, Bitcoin exchanges are required to identify customers conducting sufficiently-large transfers to/from traditional currencies. Presumably such regulations would apply to Zerocash exchanges as well.</p>
<h3 id="what-about-the-balance-between-accountability-and-privacy">What about the balance between accountability and privacy?</h3>
<p>Zerocash extensions can accommodate various choices of balance between accountability and privacy.</p>
<p>For instance, there are promising techniques for preventing money laundering without violating the
privacy of legitimate users (e.g., <a href="https://www.cs.jhu.edu/~susan/papers/CHL06.pdf" title="Balancing Accountability and Privacy Using E-Cash ">CHL06</a>). Roughly, the idea is to build the cryptographic protocol so that, once the total amount paid between any two users (over any number of payments) exceeds some public threshold, the payments are not private. Zerocash could incorporate such techniques (though the initial prototype does not do so).</p>
<p>More generally, the underlying zk-SNARK cryptographic proof machinery is flexible enough to enforce a wide range of policies. It can, for example, let users prove that they paid the taxes due on all transactions, without revealing those transactions, their amounts, or even the amount of taxes paid. As long as the policy can be specified by efficient “nondeterministic” computation, it can (in principle) be enforced using zk-SNARKs and added to Zerocash. This can help to verify and enforce a wide range of compliance and regulatory policies in manner that is non-invasive to privacy. Morever, once codified, policies will be enforced even in the presence of corrupt employees among the authorities.</p>
<p>This raises intriguing research, policy, and engineering questions over what policies are desirable and practically realizable.</p>
</div>
</div>
<div id="push"></div> <!-- for sticky footer-->
</div> <!-- / sticky footer wrap -->
<div id ="footer" class="row-fluid footer">
<div class="span6 offset3">
<p>Created by <a href="http://hms.isi.jhu.edu/index.php/people/11.html">Ian Miers</a> <a href="https://twitter.com/imichaelmiers">@imichaelmiers</a></p>
</div>
</div>
<script src="//ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js"></script>
<script>window.jQuery || document.write('<script src="/media/js/libs/jquery-1.9.1.min.js">\x3C/script>')</script>
<script src="http://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.2/js/bootstrap.min.js"></script>
<!--[if lt IE 7 ]>
<script src="/media/js/libs/dd_belatedpng.js"></script>
<script>DD_belatedPNG.fix('img, .png_bg'); // Fix any <img> or .png_bg bg-images. Also, please read goo.gl/mZiyb </script>
<![endif]-->
</body>
</html>