Monday, April 29, 2013

Will ZeroCoin Be the Anonymity Lifesaver that Protects Bitcon Holders from Snooping Governments?

alan.szepieniec comments with regard to my earlier post:
Hats off to the cryptographers at John Hopkins University. However, I am afraid Zerocoin is not going to be plugged in to Bitcoin. Ever.

Firstly, while I have no reason to doubt that Zerocoin is sound, it is more heavy-weight cryptographically -- more difficult to understand than Bitcoin. I suspect that even the Bitcoin community will have a knee-jerk disgust of things they don't understand.

Secondly, Zerocoin requires a trusted set-up procedure. If the participants are corrupt (or corrupted), then the anonymity is lost forever. The requirement of trust, even for a once-in-the-lifetime-of-Bitcoin event, runs counter to the very philosophy of Bitcoin.

Thirdly, the incorporation of Zerocoin with Bitcoin would require larger blocks that take longer to verify. This is going to get a lot of pushback from the miners because they prefer shorter, easily verified blocks. Over time, this will even out because the cost of a larger block is offset by the transaction fees. However, as long as miners mine for the block reward and not for the fees, they do not stand to lose anything by rejecting blocks or specific transactions if that gives them an edge in finding the next block first.

My guess is the following will happen: the researchers publish their code and launch an alternate Bitcoin to "prove" it works. The ongoing efforts to incorporate Zerocoin in Bitcoin will fail. The stand-alone Zerocoin will thrive. However, it will never overtake Bitcoin in popularity as Bitcoin enjoys the network effect. Moreover, most people believe Bitcoin is anonymous already or at least sufficiently anonymous. They will not understand the advantages Zerocoin has over Bitcoin, and will be discouraged from learning as the mechanics are much more complicated than those of Bitcoin.


  1. Check out Ripple. It's a pretty interesting new protocol that aims to deal with a lot of these issues.

    1. "Ripple was created by OpenCoin Inc. We will be releasing all the source soon. Our intent is for Ripple to exist without a central authority."

      So basically, it's currency managed by a commercially inclined centralized authority who refuses to release the code to the scrutiny of the open source community? I suspect the official reason is "the code is not yet finished". If it aims to be a grassroots currency, then surely it can do no long-term harm to release the code -- and get the feedback -- now?

      Ripple is merely riding a wave of publicity. I like what they promise to do. It's time they actually do it. It's time they show something of worth, something people don't have to trust.

  2. People will learn the difference between a bitcoin and a zerocoin when they get a knock on the door from the IRS...