Your memory is only partially right. There is a potential problem with trusted setup. They have said they play to do this in some public ceremony with multiple parties so that unless ALL of those parties collude, the minting process is safe.
If all parties colluded they could print a unlimited number of coins undetected, however the privacy of transactions would not be affected. Essentially it is an economic threat of a poorly designed setup allowing parties to collude to print unlimited coins. There is not a privacy threat from collusion.
If all parties colluded they could print a unlimited number of coins undetected, however the privacy of transactions would not be affected. Essentially it is an economic threat of a poorly designed setup allowing parties to collude to print unlimited coins. There is not a privacy threat from collusion.
Good god that is like a million times worse. So they'd be able to 'print' unlimited quantity of money undetected ? And we trust that this inner circle present at the seeding ceremony are trustworthy !
LucyLovesCrypto is right and describes the weaknesses, and potential threats of it perfectly. I also elaborated on it here -> https://forum.bitcoin.com/post16245.html#p16245
Umm... no he is not correct. They have already stated how they are going to generate the seed.
After a little research, they seem to have figured out a good way to do this using multi party computation. Using MPC to generate the seed was talked about in the original version of Zerocoin, and it seems like they will use their own version of it for Zerocash. If you look into the (now proven false rumors) that Anoncoin was going to implement Zerocoin there is a lot of discussion about MPC. The whitepaper for the MPC math they will use to generate the seed is written by the authors of the Zerocash whitepaper. https://forum.z.cash/t/trusted-setup-phase/68/2
