Firo (formerly Zcoin) Comparison - Reading Assignment

Privacy Coins - Ultimate Course
#121

  1. Two primary weaknesses of Monero are the fact that it relies on a single anonymity protocol (Ring Confidential Transactions, or RingCT) and the fact that its anonymity set size (the number of users whose transactions are indistinguishable from one another) is relatively small.

  2. Timing attacks are a type of security attack that exploit differences in the time it takes for a system to perform certain operations. In the context of the Sigma protocol, which is used by Monero to enable anonymous transactions, timing attacks could potentially be used to gather information about the inputs and outputs of a transaction. This could potentially compromise the anonymity of the transaction.

To perform a timing attack on the Sigma protocol, an attacker could potentially monitor the time it takes for a transaction to be processed and attempt to infer information about its inputs and outputs based on this information. For example, if an attacker knows the size of a particular input or output, they could potentially use the time it takes for that input or output to be processed as a way to identify it.

  1. Lelantus introduces a number of enhancements that are designed to improve the efficiency and scalability of anonymous transactions, including support for batching and aggregation of multiple transactions into a single proof.

  2. When compared to Monero, the most important “pro” of Zcash is that it uses zero-knowledge proofs, which are a more advanced and secure form of anonymous transaction technology. This means that Zcash is potentially more resistant to certain types of attacks and provides a higher level of anonymity for its users. The most important “con” of Zcash, on the other hand, is that it is based on a less widely used and tested anonymity protocol, which may make it less tested and less widely adopted than Monero.

  3. It is difficult to determine whether the comparison chart at the end of the article is a fair comparison of the anonymity set sizes of Monero, Zerocoin, and Sigma. This is because the anonymity set size of a privacy-enhancing protocol depends on a number of factors, including the number of users of the protocol, the complexity of the protocol, and the level of adoption of the protocol. As such, it is difficult to make a definitive comparison of the anonymity set sizes of these different protocols without more context.

1 Like
#122

Please note: the article was not intact in the link provided. Here is the correct link:

How Zcoin’s Privacy Technology Compares to the Competition (archive.org)

  1. What two primary weaknesses of Monero are discussed?
  • Dominated by two mining pools which account for > 50% of the hashing power
  • An overwhelming majority (70%) of code contributions since 2017 have come from one individual, however, the percentage has improved from 2021 to present.

  1. One listed weakness of the Sigma protocol is susceptibility to “timing attacks”. Based on your read of the article and your understanding of Zerocoin’s Mint/Spend functions, how are ‘timing attacks’ performed, which information is vulnerable, and how can they be prevented?
    Some care is required when doing Zerocoin mints and spends. Users have to keep coins minted before they intend to spend to prevent timing attacks.

  2. What is Lelantus and how does it improve on Sigma?
    Lelantus further expands on Sigma by removing the requirement for fixed denominations and also allowing for direct anonymous payments that do not reveal amounts. Lelantus is a creation of Zcoin’s cryptographer Aram Jivanyan.

    Lelantus retains all the benefits of Sigma of not requiring trusted setup, but removes the remaining weakness of requiring fixed denominations by utilizing double-blinded commitments and a modification of bullet-proofs to hide transaction amounts.

  3. Read the section on Zerocash and Zcash. When compared to Monero, what is the most important ‘pro’ of Zcash, and what is the most important ‘con’? Explain your choice.
    Pro: The best anonymity set encompassing all coins minted and breaks transaction links between addresses.

Con: Complicated construction and difficult to understand in full meaning that only a handful of people can grasp the cryptography and code and may be prone to errors.

  1. OPINION : Look at the ‘Comparison Chart’ at the end, and ‘Anonymity Set Size’ in particular. Based on your understanding of Monero, Zerocoin and Sigma, is this a fair comparison? I think it looks like a fair comparison.