The zerocoin mixer can be periodically reset, forcing all anonymous zerocoins to cash out periodically to basecoins which can be re-minted into the next instance of the zerocoin mixer. In this way, it can be proven that no zerocoins were created out-of-thin-air. All the anonymous mixing that occurs in the zerocoins can remain fully masked because the zerocoins balance can be merged before un-minting back to a basecoin.
So the problem is easily resolved. And the anonymity is not compromised even if the master private key was.
The process of resetting the mixer and forcing people to remint does compromise anonymity. If you were an adversary and wanted to spy on zerocash users, forcing such a reset (and then spying on them while redeeming and reminting) would be precisely one way you could go about doing it. This general pattern is a classic exploit method (e.g. force/trick user to reset password; intercept new password, etc.).
I don't get how you can spy on someone if you don't know who owns what address. They could simply generate a new address for the reset and then send it straight back to the zerocoin layer, no?
This is actually the first time I've heard about it being able to be reset like that. I think that is a pro, not a con. It would give users the peace of mind that no one's printing money from time to time, even though everyone cab be fairly sure that they aren't since the seed will be generated using MPC transparently.
The only thing about this coin I'm not liking is the percentage of each block that goes to a corporation. I hope AnonyMint will free us from corporate tyranny? I guess if you are not implementing ZC technology then someone else will eventually fork it and cut the corporation out of the loop. However, network effects can grow quite fast...