|
|
|
|
|
|
by ewillbefull
2715 days ago
|
|
|
There is nothing new about this article. The article is pointing out that in addition to the trapdoors of the proving system, it's possible to subvert the arithmetic circuit used as well. The ceremonies used by Zcash have the property that the parameters are perfectly bound to the circuit. Not sure why this isn't mentioned in the article. > This article is about the fact that there could be a backdoor, whose absence can only be proven by revealing all participants' toxic waste. This is incorrect, as stated above. Instead of revealing their toxic waste, we reveal proofs-of-knowledge so we can use pairings to ensure the parameters encode the circuit correctly. |
|
|
I still learned something "new" from the article, I was only aware of the ceremony issue that "everbody knows" of.