On the Zcash Counterfeit Flaw Fix: Questions to Ponder
Upon the news the Zcash team fixed a flaw last year that could’ve allowed for the unchecked creation of counterfeit ZEC, many in the cryptoverse have applauded the response and a new post-mortem report. Likewise, skeptics have found the case disconcerting. But the episode does generate questions worth considering, both for the neutral and opinionated alike.
Subscribe to the Bitsonline YouTube channel for great videos featuring industry insiders & experts
‘A Flaw in the Underlying Math of Zero-Knowledge Proofs’
On February 5th, the Zcash team published a report detailing their fix of a counterfeiting bug last year that bad actors could have leveraged to discreetly counterfeit ZEC, one of the cryptocurrency ecosystem’s top privacy coins.
I'm so proud of the Electric Coin Company team today. 11 months ago, we discovered a "Worst Case Scenario" bug—a flaw in the underlying math of the Zero-Knowledge Proofs that prevent counterfeiting. Here's what we found and how we protected users. https://t.co/dv34Qh41R0
— zooko (@zooko) February 5, 2019
“The counterfeiting vulnerability was fixed by the Sapling network upgrade that activated on October 28th, 2018,” the report’s authors said.
“The vulnerability was specific to counterfeiting and did not affect user privacy in any way. Prior to its remediation, an attacker could have created fake Zcash without being detected. The counterfeiting vulnerability has been fully remediated in Zcash and no action is required by Zcash users.”
The Zcash team’s fix in Sapling and their associated report have quickly generated applause around the cryptocurrency ecosystem, including from the likes of privacy advocate and famous National Security Agency leaker Edward Snowden.
A lot of people wonder why I like #Zcash despite the Founder's Reward. Here's a reason: that tax funds a quality team that catches and kills serious bugs in-house, before they get exploited. Some other projects learn about bugs like this only AFTER people have lost money. https://t.co/i9MD1CpeNx
— Edward Snowden (@Snowden) February 5, 2019
On the flip side, skeptics have highlighted the report’s finding that the underlying cryptography was complex enough that the vulnerability went unnoticed for years, even as billions of dollars of ZEC were transacted in that span. Monero (XMR) lead maintainer Riccardo Spagni suggested “moon-math” was the problem.
"No-one can hack Zcash because no-one can audit Zcash" https://t.co/8GxkQoPWUY
— Peter Todd (@peterktodd) February 5, 2019
Beyond the applause and the concern, there’s room for questions in the wake of the fix whose answers may prove productive for stakeholders throughout the cryptoeconomy.
On the Lessons to Be Learned: What’s Next?
First, what should be done to cultivate more expertise around cryptocurrencies? Since few people in the world had the knowledge needed to understand the flaw in the first place, how can more experts be cultivated and deployed so that all stakeholders in the maturing cryptoeconomy have better assurances?
And what about how the Zcash team’s response will affect approaches to future incidents around the space?
As Open Privacy Research Society Executive Director Sarah Jamie Lewis has noted, “[…] interesting longer term questions come to mind, like how announcements of future operational mistakes will trigger speculation that they are a cover story for grand cryptographic bugs.”
Moreover, with this Zcash counterfeit bug fix and Bitcoin’s long-hidden “malicious inflation” bug last year as examples, should more be done to raise general awareness around the currently experimental nature of cryptocurrencies? Is it best to assume for now that top projects have hidden vulnerabilities that reviews and audits have missed?
And what should other cryptocurrency projects take away from the Zcash team’s response? What elements of the Zcash team’s approach should be emulated? Was the in-house performance such that the episode should be characterized as a win for the Zcash Founder’s Reward? Should they have done anything differently?
Lastly, let’s say an attacker had discovered the Zcash counterfeit vulnerability before it had been fixed in Sapling. What would the appropriate response have been from the Zcash team? How should projects react to actual incidences of malicious inflation?
There aren’t necessarily right or wrong answers to these questions. But simply asking them out loud and in good faith can mark small steps toward the wider maturation of the cryptocurrency space.
What’s your take on the Zcash counterfeit bug? What lessons do you personally take away from the episode? Let us know in the comments section below.
Images via Zooko Wilcox-O’Hearn, Pixabay