Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Announcements (Altcoins)
Re: Official Anoncoin chat thread (including history)
by
SmokingSkull
on 22/09/2014, 14:44:15 UTC
Quote from: rsa_ufo_attack on September 22, 2014, 02:41:52 PM
Quote from: SmokingSkull on September 22, 2014, 02:34:54 PM
Quote from: rsa_ufo_attack on September 22, 2014, 02:28:09 PM
Quote from: lunokhod2 on September 22, 2014, 02:18:10 PM
No, you don't need to trust anyone. You can verify how the accumulator works before compiling your code if you like. (ignore back on.)

We will be able to verify how the accumulators works with the opensource code but the problem is no that.
The problem is that Gnosis will generate the keys (RSA) of these accumulators. Even if he use RSA-UFO to generate them, he have the control of all the generation operation.
There is nothing trustless. You need to trust that Gnosis is honest and will not keep the factors to forge zerocoin proofs and then infinite ANC.
Source: https://wiki.anoncoin.net/Zerocoin#Zerocoin_in_practice (Section: Criticisms, fourth paragraph)

The fourth paragraph clearly states that the original Zerocoin approach has the flaw you thinking of. However in the last sentence it says that Anoncoin will use RSA_UFOs and generate them by using Sanders 1999.

Can you even read?

EDIT:
Of course you have to trust Gnosis that the coding is correct. But you need to trust any other developers as well when you use any program on this world. Like I said before, If you don't trust anybody you will live in a box.

Ok if you are too ... (I'll be polite) to understand I ask you:
1) Who will use RSA-UFOs to generate these keys?

Reponse is Gnosis.

2) Then if Gnosis will use RSA-UFOs to generate the keys of accumulators. Where is the trustless setup? You need to trust that Gnosis is honest and will not keep the factors for him to forge zerocoin proofs and then infinite ANC.

1 - We used the source code to do so.
2 - He used "hashing"