Privacy is an essential characteristic of cryptocurrencies. Despite the traditional design, however, this is not the primary focus of cryptocurrencies like Bitcoin (BTC) or Ether (ETH), and rather it is an ancillary benefit of using crypto. The situation is quite different for cryptocurrencies that seek to maximize anonymity when transacting over the network.

Networks like Monero (XMR) and ZCash (ZEC) have grown in popularity, being part of the handful of leading cryptocurrencies by market capitalization based on strong privacy guarantees. Both blockchains offer users virtually complete privacy guarantees – Monero with the CryptoNote technology suite and ZCash deploying the powerful zk-SNARK cryptographic primitives, provide users with virtually complete privacy guarantees.

Related: What Are Zk-SNARKs And How Do They Affect Digital Privacy?

But privacy is more than a technology that hides transaction details. In particular, one of the tricky parts of booting a network with zero-knowledge privacy like ZCash was the configuration issue.

Related: DeFi Can Now Choose to Run Zero-Knowledge Proofs Without Confidence

Known as the “trust setup,” this process is the initial ceremony of generating key parameters for a network that uses zk-SNARKs or other ZKPs for its privacy guarantees. Many users of networks that have trusted configurations, including ZCash and Zcoin (XZC), are completely unaware of the vulnerability created by trusted configurations. As a result, they have been overlooked.

Let’s review the trust setup and how efforts to go beyond it are successful.

Introduction to trust configurations

A trust setup, or what ZCash calls the “parameter generation event” is a process at launching a network where an explicit group of digits tinker with random numbers that function as public parameters to create private transactions. on the network. In the case of ZCash, these public parameters are used by anyone sending protected transactions to build and verify a zk-SNARK.

The reason why a configuration phase is necessary is due to the powerful anonymity of the zk-SNARKs themselves. The finalized public settings, determined by a group of participants, serve as the standard from which users extract network privacy guarantees. Watchers in ZCash cannot view transaction details, so auditing the initial provisioning setup and settings requires a trusted setup as the original launch point.

However, there is a critical problem.

The word “trust” expresses the idea of ​​trusting a group of participants (ie a third party) not to act maliciously during and after the ceremony. During the ceremony, the parameters are decided, but the “toxic waste” which includes the random numbers used must be destroyed by each participant. Otherwise, the party keeping the toxic waste can secretly print counterfeit tokens from the network without batting an eyelid as it would be completely anonymous.

Notably, the network (e.g. ZCash) would continue to operate normally and privacy would not be sacrificed. However, a worse outcome would follow: the network’s monetary policy would be entirely subject to the whims of a malicious party. Devalued tokens would result from excessive inflation and the price of network tokens would collapse.

Crypto as a whole flies in the face of the notion of trust in a third party because these are security holes. As you can see, the idea of ​​trusted setups is a black swan lurking under what appears to be calm waters, potentially capable of disrupting the legitimacy of the network at any time, even though it has privacy guarantees. peak. As Nassim Taleb said:

“Never cross a river if it is on average four feet deep.”

Networks that have strong privacy guarantees (for example, zk-SNARK) but that use a trusted configuration may have negative convex events hidden under a calm and steady provisioning issuance facade. If a ceremony attendee discovers a way to stealthily manipulate a key parameter of other attendees, they can print the native token with impunity and no one would know.

Regardless of the degree of confidentiality, this characteristic of trust configurations makes them irreconcilable with the ethics of cryptocurrencies.

Go beyond the trust configuration

Early privacy networks attempted to conceal the importance of trust installation ceremonies. They would publicly feign a resolute position while advocating stories about key generation attendees coming up with clever methods to ensure that no one would steal key parameters during the ceremony.

Some ceremony attendees took public transportation out of their cities all day during the ceremony and then burned USB sticks containing the keys. Such bizarre tactics have only distracted from the crux of the matter – trust.

Now the narrative changes.

Once users and developers became more aware of the incompatibility of a trusted configuration with the long-term viability of a cryptocurrency, the search to discover an implementation of zk-SNARKS without the configuration became top priority.

To this end, networks like Zcoin have devised the Sigma protocol, and after its implementation in July 2019, a trust setup is no longer required. Suterusu created constant size zk-ConSNARKs with no trust configuration and efficient key parameter generation. Beyond the trust configuration, guarantees of accountability and auditability go to privacy-focused cryptocurrencies. A black swan no longer lurks around the corner, waiting to drop the token in the dark.

Instead, these types of networks are much more robust than their predecessors. Users can be assured of both their transactional privacy and the idea that monetary policy is anchored in the protocol – not subject to the whims of malicious generation event participants. These assurances go a long way in attracting user adoption.

As we prepare for the next wave of crypto users, it’s important to be transparent about the flaws and benefits of cryptocurrencies. When it comes to privacy-focused networks, configuration matters. If there is a reliable setup, users cannot be assured that high inflation rates are blown away in the dark.

Just as they cannot be sure that the Fed is not carrying out quantitative easing in the repo market when it clearly does, only because of its public erasure of the ongoing process.

Confidence configurations are antithetical to the primary reason people adopt cryptocurrencies, especially Bitcoin, as a viable alternative to the existing financial system.

Don’t trust – check it out. Do not invest in reliable configurations.

The views, thoughts and opinions expressed here are those of the author alone and do not necessarily reflect or represent the views and opinions of Cointelegraph.

Dr Huang Lin is the co-founder of Suterusu, a project developing trustless privacy technology. He holds a doctorate. degrees in Applied Cryptography and Privacy-Preserving Distributed Systems from Shanghai Jiao Tong University and University of Florida. He worked as a postdoctoral researcher at the Ecole Polytechnique Fédérale de Lausanne on applied cryptography for genomic privacy and blockchain-based data monetization.