Can someone respond to this:
http://zerocash-project.org/"Zerocash improves on an earlier protocol, Zerocoin, developed by some of the same authors, both in functionality (Zerocoin only hides a payment's origin, but not its destination or amount) and in efficiency (Zerocash transactions are less than 1KB and take less than 6ms to verify)."
What will the size of our Zerocoin transactions be?
If the transactions are large and blockchain bloat is an issue, is there a way we can develop a "lite" wallet such as used by Shadowcoin (who is also working on zk-snarks btw). Spending Zerocoins from mobile devices (without a ton of storage space) would be a great feature!
Besides RSA UFO generation (to ensure Zerocoin can be minted in a trust free manner) does Zerocoin have any other advantages over Zerocash?
Zerocoin mint transactions will be only slightly larger than normal transactions, with about 128 bytes per minted coin.
Zerocoin spend transactions will have a small part that lives in the blockchain, and then about 125 KB that does not get stored in the blockchain.
Using 8 cores on a 2.4GHz Core i7, Zerocoin spends would take about 3 seconds to generate, and 0.5 s to verify. It's not completely out of the question that a modern smartphone with an optimized libzerocoin could do this, with some battery drain.
Minting zerocoins, storing them, and using Anoncoin balances that were previously received from zerocoins could all be handled easily by a mobile app.
I don't think anybody knows a procedure for generating the zk-SNARK parameters in a manner that doesn't require trust from the users. There's no way for an outside party to prove that they destroyed the sensitive data used to generate the parameters; anybody who has access to this data would be able to create unlimited currency units, completely destroying the currency. Worse, it would go undetected until it hits the exchanges and the value plummets. This is why it's so important to have trustless parameter generation!