|
|
|
|
|
|
by ewillbefull
3170 days ago
|
|
|
I'm Sean from Zcash, I coordinated the MPC and wrote the software. I messaged you on twitter or emailed you or something about this last year. > it made it sound like I repeated the number uncritically I didn't say you regurgitated it. I said the person you talked to did, presumably after looking at libsnark or an unrelated paper. > The fact that competent experts could be unfamiliar with Zcash's crypto to the degree that they could disagree on basic facts like that is a sign of concern, precisely because it's yet another strong sign that the crypto is quite new. I claim the person you talked to was looking at the wrong curve construction. 2^80 is quite a torch to carry into an argument and no experts that we know have ever suggested a security level less than 2^96. The only "disagreements" about security were far more subtle and reasonable than what your blog post suggested. |
|
|