The first zero-knowledge protocol breaks, again

Leo Zhang

By Leo Zhang

It was cool while it lasted.

A group of cryptography researchers just published this paper illustrating ways to exploit the security loopholes in the Zerocoin protocol. Proposed as an extension to Bitcoin in 2013, Zerocoin was ahead of its time as the first project to address the pseudo-anonymity issue in Bitcoin using zero-knowledge proofs. Basically, Zerocoin achieves unlinkability through a two-part process: first is the "mint" that generates a token with unique serial number, and second is the "spend" process that checks the validity of the serial number. In the attack model described below, the researchers were able to steal serial numbers from other users in order to "mint" and "spend" coins.

A cryptographic flaw in Zerocoin (and two critical coding issues)
(Tim Ruffing, Sri Aravinda Krishnan Thyagarajan, Viktoria Ronge, and Dominique Schröder)

"As soon as this spend transaction performed by the attacker is confirmed, the nodes in the cryptocurrency network record this serial number as used. As a result, the honest user cannot spend her zerocoin anymore. Whenever she tries, her spend transaction will be rejected as a double-spend, because the serial number has already been recorded as used. This effectively burns the zerocoin of the honest user!"

This is not the first time Zerocoin protocol has been exploited. Zcoin, the first software implementation of the Zerocoin protocol, was hacked in 2017. The hacker created 370,000 tokens out of thin air.

It is worth noting that the Zercoin code repository is no longer maintained, and the original team has moved on to work on Zcash. And yet--new forks still pop up:

The researchers contacted the developers of these forks to fix the issues. The projects affected are: Zcoin, PIVX, SmartCash, and Hexx.

Other discussions that took place today

Stable coins: a broken idea

Excellent explanation of how Bitcoin's Lightning Network works

A user's perspective and introduction to blockchain governance
(Richard Red)

"From the perspective of a Bitcoin user, I have little hesitation in declaring that Bitcoin’s governance is broken. Confusion is the tip of the iceberg, an iceberg made of vitriol and hate. Let’s revisit the Bitcoin Cash and Segwit2X examples again briefly."

The one true Bitcoin
(The Verge, by Adrianne Jefferies)

"'The bottom line is that the world is dominated by closed monopolistic, state-owned, manipulated, controlling, surveillance-based currencies that pose a fundamental existential threat to democracy and liberty in the world,' he said. 'We are at a crossroads and the crossroads is not between Bitcoin and Bitcoin Cash.'"

Meni Rosenfeld on Bitcoin Cash

The anti-ASIC revolt: just how far will crypto's war on miners go?
(Coindesk, by Rachel Rose O'Leary)

"One discussion that this chaos has brought back to the forefront is ethereum's interest in scrapping mining by moving from proof-of-work to proof-of-stake. Buterin told developers at a recent meeting that ASICs would be flushed out with the upgrade so there isn't much to worry about (although there still isn't a date nailed down for that change)."

This coal power plant is being reopened for blockchain mining
(CNET, by Claire Reilly)

"According to a spokesperson from Hunter Energy, it expects roughly 5% of the energy from the power plant will be used for blockchain related processes."

Visualizing how vulnerable is each state to a trade war
(howmuch.net)

"We can quickly learn a lot about the American economy by looking at this kind of data. The average state generates about 20% of its economic activity through international trade of one kind or another. Six states get more than 30% of their GDP this way. Three states with huge economies are extremely reliant on trade: California ($2,734B total GDP with 22.4% from trade), Texas ($1,692B total with 31.2% from trade), and New York ($1,550B total with 13% from trade)."

Economists understand little about the causes of growth
(The Economist)

"A clearer understanding of how growth happens, and why growth-boosting institutions sometimes wither or fail to take root, could raise the living standards of billions of people. The economics of growth should therefore be central to the discipline, even though the questions it poses are objectively hard, and the answers rest more in history and politics than in elegant mathematics."