Zerocoin Protocol, Sigma Protocol and Privacy Coins
In recent days, fragility in the Zerocoin Protocol system came to light. One of the market’s leading privacy coins, Zcoin warned other privacy coins, PIVX, Veil, Gravity Coin, to inform them of the problem in the system. On top of that, these coins urgently issued new updates to prevent the situation and solved the problem.
Then Zcoin official Reuben said in a statement that the problem is not caused by a coding error, but due to a problem with cryptography issue. Furthermore, Zcoin stated that they will continue with the newly developed Sigma Protocol, not Zerocoin Protocol.
But what kind of innovations will Sigma Protocol come with?
The project, which is in the Testnet stage by Zcoin, aims to pass its Mainnet in the next 6 weeks. Although it is a much more advanced system than the Zerocoin Protocol, it is not a completely unbeatable castle like every software, even though it has solved most of its problems. But it can be said that this is a very important step for blockchain technology with a history of 10 years. What are the advantages of Sigma Protocol?
1) Sigma security proofs are fully documented with a much simpler construction making it easier to audit.
2) Sigma removes the trusted setup and brings down proof sizes from 25 kB to 1.5 kB
So what is trusted setup? In my conversation with Zcoin Chief Operations Officer Reuben Yap, he referred to film The Lord of the Rings, selected a simpler method of expression and explained:
So imagine a system where you create a magical lock with a key that master key is like the one ring of Lord of the Rings. With it, you can create coins out of thin air and nobody can tell whether they are real or fake. So, what happens is that because this key is so powerful, it needs to be destroyed in the lava of Mt Doom.
But how do you know if it’s destroyed? Unlike a physical object which you can see, destroyed digital objects can always keep a copy or store it in somewhere. So, basically trusted setup means you need to trust someone or a group of people to destroy the key. If they didn’t destroy it or the ceremony was somehow backdoored, then someone has the one ring and can create money out of thin air. Sigma doesn’t require this type of setup.
With Zerocoin, we had trusted setup but it was like that we didn’t do it ourselves. Someone had an academic competition, created some parameters and destroyed it. The academic competition was to determine how strong this cryptography was and it had a 200.000 bounty on it.
This was back in 1991. No one could have foreseen that those parameters would be used in Zerocoin or Cryptocurrency. It’s kinda like “hey we need a lockbox but instead of creating our lockbox, we used a really old lockbox which we believe the key was lost or destroyed”. Moreover, in that competition, they actually did special care to destroy it but the point was that there was no incentive to backdoor or keep the key. Because otherwise, it would defeat the purpose of the challenge. So, it isn’t so bad Zerocash as used Inzcash.
On the other hand, had to create their own lockbox and initially picked 6 people. It’s kinda like they split the key up into 6 pieces like splitting the ring up. Then each of them destroys their part of the ring as long as one person destroyed their part of the ring, it can never be made whole again. And therefore no one has the ring but the problem is there are other ways maybe someone made a copy of the ring before it was spit.
Split maybe they all colluded and all didn’t want to destroy the precious the incentive to backdoor is very high cause they knew it was a master key to immense wealth, unlike Zerocoin’s trusted setup. This was then kinda made better with the Zcash Powers of Tau ceremony where they said: “Heyyy anyone who wants to help destroy part of the ring can take partttt”. So that it’s not only 6 people but more peeps. But it’s still not ideal because what if there was some secret spell that Sauron cast which makes it a flaw? Anyway trusted setup is just generally not desirable.
3) Sigma’s construction does not suffer from the same flaw as the Zerocoin Protocol
What about other Privacy coins like Veil?
The Veil project has repaired its fragilities in the Zerocoin Protocol by disabling the vulnerable part of the protocol.
Although Zcoin has decided to switch to the Sigma Protocol, the Veil Official said that this issue is still being discussed by their core team. The Veil project, however, rather than the Sigma protocol, would prefer to follow in different ways. It will take some time for the new project, whose work is currently underway, to be made public.
Sigma can be still seen as a type of Zerocoin even though different cryptography it still has the same 4 steps as Zerocoin just different way of getting there.
After all this, the project of the Veil has released 1.0.3 Wallet to avoid security vulnerabilities. You can download the wallet here
The most important point that attracted my attention to the Veil project was the rapid response to this security problem. Immediately after the incident took place, Veil announced that they had solved the problem by publishing a new wallet update.
So what is the Veil project? And what are the special features that make it special?
Veil project is a security project created within the framework of the Zerocoin protocol.
1) Bitcoin Core 0.17.1: The Veil project uses Bitcoin Core 0.17.1 software, Bitcoin core 0.18.0 was released in the last few weeks and the project is expected to adapt to this new version soon. And security vulnerabilities have been minimized and firewalls have been maximized.
2) Zerocoin protocol: Although some fragilities have been experienced in the past few weeks, the Zerocoin Protocol is still the most reliable system. This protocol which is a highly complex and technical system forms the core technology of privacy coins. In a market where even Binance can face with security gaps, anything connected to the Internet can always become the target of hackers. But the Zerocoin Protocol always minimizes these weaknesses.
3) Veil Wallet: When you install the Veil Wallet, you first build a 24-word firewall. These 24 words should only be known by you and should be used again when you re-establish the wallet. In addition, thanks to the technology and Zero and Base coin, your wallet will remain forever inaccessible unless you let it. Veil wallet can now be used on Windows, Linux and macOS systems. Android and iOS wallets are still in under development.
4) Proof of Stake: Stake rewards are available to users to approve blocks by keeping their wallets open. This system, which is a passive income generating method that I like very much, is also used by the Veil project. The stake rates of the Veil project are as follows: 10,000 Veil earns an average of 1 stake per day. 1 stake award is about 50 Veil.
Stake rewards are like lottery. There is no guarantee, if you’re lucky you can win more or less stake awards than promised. But having more coins in your wallet means you’ll win more stakes.
5) Proof of Work: In addition, Veil has integrated the “Proof of Work” system, known as mining, to his hybrid blockchain technology. You need an advanced GPU for mining within the Veil project. You can find the details here
Zerocoin Protocol, Sigma Protocol and Privacy Coins was originally published in Hacker Noon on Medium, where people are continuing the conversation by highlighting and responding to this story.