
Edward Snowden: Zcash Is 'Most Interesting Bitcoin Alternative' - mbgaxyz
https://www.coindesk.com/edward-snowden-zcash-is-most-interesting-bitcoin-alternative
======
thisisit
In case people don't open the link or miss the disclosure:

Disclosure: CoinDesk is a subsidiary of Digital Currency Group, which has an
ownership stake in Zcash Company, the for-profit entity supporting zcash's
development.

~~~
colecut
but does Snowden have any stake?

~~~
tambienben
I'm suspicious of this.

~~~
tambienben
For those of you who are down voting, perhaps you could explain why this case
might be different from any other value hype. What happened to trust no one--
verify?

~~~
Fnoord
Its different because Snowden has credibility.

He didn't receive any money for the movie Snowden (it was donated to The
Guardian instead) [1]. He didn't sell any of the NSA data. He doesn't have a
track record of profiting, apart from working (like we all do) and receiving
some donations.

So the claim that _Snowden_ is a proponent of Zcash because he has invested in
it has no merit. There is zero proof for such statement, and his track record
doesn't suggest it either.

[1]
[https://en.wikipedia.org/wiki/Snowden_(film)](https://en.wikipedia.org/wiki/Snowden_\(film\))

~~~
tambienben
>So the claim that Snowden is a proponent of Zcash because he has invested in
it has no merit.

Maybe you're using hyperbole. The /suspicion/ at least, has plenty of merit. I
agree that doing something like that would go against his track record, but
believing a subjective statement on face value doesn't keep that track record
intact (except in your own mind, maybe).

I trust Snowden's opinion as much as anyone here, but you can't ignore basic
precautions simply because someone is popular for "the right reasons".

I very much think that Mr. Snowden would agree with my frame of mind on this.
You may disagree.

~~~
Fnoord
> The /suspicion/ at least, has plenty of merit.

Merit? I've seen no merit whatsoever. A vague conspiracy theory, that's what
I've seen.

> I trust Snowden's opinion as much as anyone here, but you can't ignore basic
> precautions simply because someone is popular for "the right reasons".

What you propose doesn't fall under basic precautions; it is a conspiracy
theory. And one consisting of very little theory, I'm afraid.

For the record your two quotes:

"I'm suspicious of this."

"For those of you who are down voting, perhaps you could explain why this case
might be different from any other value hype. What happened to trust no one--
verify?"

You're trying to shift the blame. The burden of proof lies at you.

~~~
tambienben
So you would trust anything he says on face value? Regardless of what he might
stand to gain? My only point is that having a substantial amount of faith in
anyone, when the stakes are high, is folly. That's the entire point of
blockchain technology. I'm not openly accusing him of anything. Im only
stating that, as for myself, I regard the statement (given its content) with a
reasonable amount of suspicion. Again, you may disagree.

~~~
spurcell93
I wonder if you're conflating skepticism with suspicion. I don't believe it's
a meaningless distinction.

~~~
tambienben
I concede to your point. I should probably have used different language.

------
lawn
Labeling Monero as "amateur crypto" detracts from his credibility a lot. The
crypto Monero uses is older and more tested than the new crypto in Zcash and
the development in Monero seems very professional. It's not perfect of course
but it's far from amateurish.

~~~
kristianov
Don't buy Monero though.

~~~
jMyles
Why? (feel free to link me an informative discourse on the matter)

~~~
lawn
It's just a reference to the Monero devs saying "Don't buy Monero" as they
don't want to make the financial recommendation to invest in a coin under very
active development.

------
vt_mruhlin
I heard about these guys on NPR's Radiolab podcast a couple months ago, and
the whole thing gave me a creepy feeling.

[http://www.radiolab.org/story/ceremony/](http://www.radiolab.org/story/ceremony/)

They describe the whole ceremony the guys go through to generate the random
secret key that seeds their algorithm and needs to be kept secret in order to
prevent anybody from counterfeiting coins. It was an elaborate setup
supposedly designed to prevent people from observing any details they might be
able to use to reverse engineer the algorithm. But, despite all their
insistance on bespoke cloak and dagger shit, there were a lot of times the
process could have been broken:

\- They're supposed to be driving to a randomly selected electronics store to
buy the laptop that will generate the number; but the guy makes an
"unscheduled" stop at a costume store so he can buy a wizard hat (and
potentially hand off information with a third party who wants to know their
destination, or to pick up some kind of surveillance device)

\- When the time comes to type random numbers on the laptop keyboard, the guy
covers his hands and the keyboard. Arguable pro there is that nobody can see
which keys he touches, but the big obvious con is that he can slip that USB
device he picked up at the costume shop into one of the USB ports.

\- People are using their phones while this whole process is going on? Ok,
seems counterproductive to all that paranoid security they were trying to
have...

\- Oh look, they noticed strange indicators that strongly suggested somebody's
phone got hacked and was being used to spy on their skype conversation?
Somebody that paranoid should have immediately shut the process down and
restarted it at a later date. They didn't do that? Something sure is fishy
with the guy running this thing.

tl;dr; I don't trust 'em

~~~
AgentME
Here's Peter Todd's writeup of his part in the setup ceremony:
[https://petertodd.org/2016/cypherpunk-desert-bus-zcash-
trust...](https://petertodd.org/2016/cypherpunk-desert-bus-zcash-trusted-
setup-ceremony) . For what it's worth, he was completely physically separate
from anyone else in the ceremony, and no such shenanigans are described in his
part of it. As long as any one of the 9 did their part correctly, then it's
good. His writeup is not without criticism of the Zcash system though.

~~~
honestlyreally
And here's Peter later talking about his doubts due to the AMT backdoor, with
responses from Zooko.

[https://twitter.com/petertoddbtc/status/861726383730503680](https://twitter.com/petertoddbtc/status/861726383730503680)

------
neuro_imager
Just FYI for anyone not aware - Snowden dismissed Monero on the basis of a bug
that was resolved several months ago.

~~~
the_stc
Yet ignores the founders of zCash saying they can make a backdoor for police
and make it too traceable for criminals.

>Green says that he and his fellow researchers are not interested in
facilitating criminal activity with Zerocoin. "Zerocoin would give you this
incredible privacy guarantee, then we could add on some features which let the
police, for instance, to be able to track money laundering. A back door."

[https://www.newscientist.com/blogs/onepercent/2013/03/bitcoi...](https://www.newscientist.com/blogs/onepercent/2013/03/bitcoin-
zerocoin.html)

That alone scares me off of it, and why we're suggesting people use Monero to
invest with us. I know that was a while ago, and zerocoin isn't zCash but
combined with Zooko's tweets about making zCash too traceable for criminals,
no thanks. The crypto is too new, so who knows how they could go about hiding
a backdoor.

It's so odd anyone would ever work with these guys given their attitude and
statements.

~~~
geofft
That's a very weird statement, and I wish there were some more context behind
it in the article - is this a cryptographic or protocol-level back door, or is
this just the idea that you can start with an anonymous system and add tracing
(but you can't start with a visible system and add anonymity)? It could be
either, and I'm not sure how to read it.

~~~
matthewdgreen
Matt Green here. This statement has been trotted out a lot by people who I
don’t honestly feel are offering it up with any kind of good faith.

As you suggested, all I meant is that once you have a fully anonymous currency
it’s always possible to deliberately weaken that privacy _if you want to_. I
think that sort of decision is up to the currency adopters. But to be clear,
that kind of feature is absolutely not included in ZCash. Anyone who implies
so is selling FUD. Since the ZCash code and design is fully open source this
is easily verifiable, and plenty of people have looked.

For the record: as a researcher I deal with a lot of people who’ve told me
that privacy technology is fundamentally dangerous. One standard response I
give them is that this is crazy: a fully private currency is the right
starting point. If you want to make a fork of ZCash that has less privacy, you
can do that and I won’t stop you. But that isn’t ZCash.

~~~
the_stc
I don't mean it in bad faith. I am one of the people you and Zooko talk about
preventing from using zCash. That's very offputting and since I cannot audit
zCash it makes me nervous. People tell me zcash is very advanced and thus hard
to understand and audit for other people too: newer crypto.

I am not implying any backdoor, just that it seems you are sympathetic to such
works. I don't follow Zooko's explanation that he wasn't talking about zcash
but about some other unmentioned layer. If it's a generic statement about all
currencies, why bring it up and mention zcash in the same breath?

------
Feniks
Its curious to see, I travel around a bit and I'm always astounded how many
countries still use cash and have backwards banking infrastructure.

You'd think transferring money from one account to another should be near
instantaneous and require no third party. If bitcoins can shake the rest of
the world into the modern age I'm all for it.

~~~
jedbrown
> backwards banking infrastructure

You're describing the United States, right?

------
Jordanpomeroy
Why does anyone care what Snowden thinks about crypto currency? He was a
SharePoint administrator. I don't understand why his opinion is relevant.

Don't get me wrong, I'm grateful for his sacrifice, and I think he deserves to
be pardoned.

~~~
wlesieutre
Before he was known for the NSA leaks he was still a privacy activist who
helped teach people about cryptography. It's not totally unrelated, especially
since Zcash's selling point is that it offers more privacy than Bitcoin.

[https://www.forbes.com/sites/runasandvik/2014/05/27/that-
one...](https://www.forbes.com/sites/runasandvik/2014/05/27/that-one-time-i-
threw-a-cryptoparty-with-edward-snowden/)

~~~
EGreg
ZCash is only as secure as you trust 9 people and their ceremony. There's
gotta be a way to do consensus about zero-knowledge proofs that's a little
more... you know ... decentralized.

[https://petertodd.org/2016/cypherpunk-desert-bus-zcash-
trust...](https://petertodd.org/2016/cypherpunk-desert-bus-zcash-trusted-
setup-ceremony)

[https://www.reddit.com/r/Monero/comments/6a26rh/peter_todd_h...](https://www.reddit.com/r/Monero/comments/6a26rh/peter_todd_having_doubts_about_zcash_ceremony/)

Before you guys start saying, banks don't trust Bitcoin either because
transactions are controlled by like 5 mining pools and the occasional lucky
lottery winner. If they blacklist your address, your "permissionless" currency
starts looking a lot more like a frozen bank account.

There are better ways :)

~~~
kobeya
> There's gotta be a way to do consensus about zero-knowledge proofs that's a
> little more... you know ... decentralized.

Not really, no. There is no known scheme that has similar properties but non-
trusted setup. There's not a proof that it's impossible either, so something
might get invented. But at the moment, no.

That said I share the criticism. Even with trusted setup it could have been
done much better.

~~~
gojomo
If I understand correctly a recent presentation by Eli Ben-Sasson, one of
ZCash's scientists, there is now at least one ZK system with this
'transparent' property (needing no trusted setup), but it is not _yet_
practical for a blockchain currency. See Ben-Sasson on "STARK":
[https://www.youtube.com/watch?v=HJ9K_o-
RRSY](https://www.youtube.com/watch?v=HJ9K_o-RRSY)

~~~
kobeya
Maybe. The STARK paper hasn't been published yet as far as I know. All we have
is claims.

~~~
EGreg
Well, as I said, there's gotta be a way. It just has to be invented and tried
:)

------
mtgx
Not Monero, which already has a proven track record of being um...untrackable?

------
brentis
Love the assertion of critical thinking taking place. Nets out to be petty
banter.

I think at any given time Snowden doesn't have a lot of liquid assets to do a
Jamie Dimon and swing the markets on a trade. Hence I think his intentions are
sound coupled with his known scruples.

Monero was found traceable recently. Period. Fixed or not doesn't matter, to
him it's a risk for a) being tracable b) having bugs.

Lastly, it's a tweet from one person getting wrapped around the axel
overthinking it. Next.

~~~
tX84
> Fixed or not doesn't matter, to him it's a risk for a) being tracable b)
> having bugs.

So Zcash should be a risk to him then:

a) Zooko's tweet about making it traceable.

b) Zcash's bugs:

.i) Right after launch, they discovered private transactions couldn't be mined
- [https://www.cryptocoinsnews.com/zcash-bug-prevents-
private-t...](https://www.cryptocoinsnews.com/zcash-bug-prevents-private-
transactions-soon-after-launch/)

.ii) Security vulnerabilities, bugs, attack vectors, etc -
[https://z.cash/tag/bugs.html](https://z.cash/tag/bugs.html)

------
c3534l
If all you have is a cryptocurrency, then I don't think you have anything that
interesting. They've proven useful for buying drugs, but beyond that they've
not created many new business opportunities. I don't have an exhaustive
knowledge of cryptos, but Ethereum is extensible which is interesting. GNU
came out with a crypto that they say is unsuited for illegal activities. Being
even more secure than Bitcoin just makes you more appealing to an even smaller
set of Bitcoin users.

~~~
mrb
« _beyond that they 've not created many new business opportunities_»

What an understatement. As of 2 years ago, at least 729 Bitcoin businesses
were created¹, received $1 billion in investments², and employed thousands of
persons.

¹[https://venturescannerinsights.wordpress.com/2015/09/04/the-...](https://venturescannerinsights.wordpress.com/2015/09/04/the-
state-of-bitcoin-in-six-visuals/)

²[http://money.cnn.com/2015/11/02/technology/bitcoin-1-billion...](http://money.cnn.com/2015/11/02/technology/bitcoin-1-billion-
invested/)

~~~
c3534l
Investments are the opposite of what I'm talking about. Where are the returns?
What are the new businesses? If you throw a million dollars into a hole, you
can't say the useless hole industry is a million dollar idea. If you build a
new railroad line, tell me what cities it connects, not how much people have
spent building it. I'm well aware there's interest in bitcoin. But the only
industry, besides itself, that it's revolutionized is drugs. And it doesn't
offer a way to grow, there's no innovating on bitcoin. There's innovating on
crypto, and because of that it's that innovation that has the potential to
matter. Fine, it's private. Is that it? That's not enough.

~~~
mrb
Bitcoin revolutionizes payments. There is major growth happening because there
is simply no other system that works as well as Bitcoin for fast international
payments, as it works for all ("permissionless"), 24/7 (doesn't close on
weekends and bank holidays), and quickly (10min block time).

See for example the growth and use of Bitcoin witnessed by payment processor
BitPay: [https://blog.bitpay.com/bitpay-
growth-2017/](https://blog.bitpay.com/bitpay-growth-2017/)

It's hard to quantify exactly how much Bitcoin helps the economy on a global
scale beyond these BitPay stats, because of the inherent decentralized nature
of the tech. But we know it reduces payment friction, so it indirectly
increases economic activity of its users.

------
DonbunEf7
This article mentions Zcash, which means that folks will be showing up shortly
to talk about Monero.

~~~
hackerboos
Every crypto-currency has it's zealots but that's not to detract from what
Snowden said about Monero, labelling it "amateur crypto".

Ring signatures have been around longer than zk-snarks so time will tell on
that comment.

I do however believe Zcash could be doing a better job for privacy, notably by
mandating private transactions once the new "JUBJUB"optimizations have been
merged [0].

[0] - [https://z.cash/blog/cultivating-sapling-faster-
zksnarks.html](https://z.cash/blog/cultivating-sapling-faster-zksnarks.html)

~~~
tambienben
Any idea how well alternatives like zcoin might hold up over time?

~~~
hackerboos
I don't know much about Zcoin. Looks promising if the description is to be
believed.

------
627467
Am I spreading FUD or isn't it that zcash has had overt support/investment
from US 3 lettered agencies?

~~~
AlexCoventry
Unless you provide some kind of convincing citation, it's FUD as far as I'm
concerned.

------
summer_steven
I thought Zcash was only for Israelis?

