Anonymity or Auditability?


#1

With Lelantus, we have an important choice to make. We can still retain some form of auditability by forcing all coins to always come back to the base layer. This means that even if there’s inflation, this will be limited since if it exceeds the number minted, it will raise a warning.

Lelantus can be further extended to allow people to transfer coins to each other with hidden amounts WITHOUT bringing it back to the base layer. This offers very high anonymity since it’s direct p2p with the values hidden too. Inflation is kept in check through the use of range proofs and balance proofs relying that both proofs are correct to ensure that coins aren’t created out of thin air. This is similar to the kind of checking that is provided by Monero/Grin as well. The main issue with this is if there is a flaw, you can create hidden inflation and since you don’t need to ever bring it to the base layer, it can remain hidden forever.

I’ll need to speak to our cryptographer, Aram as to weigh the risk of this but appreciate everyone’s thoughts. Or whether my assumptions on whether such inflation can remain hidden. (will get Aram to weigh in here).


#2

My thought process on the value we get out of Provably Sound money:

  1. This is emerging technology and hence, will introduce bugs.
  2. Bugs in code can be found many years after code is introduced.
  3. Code is exposed to all for trust and security, but also is used to identify exploits.
  4. Auditability allows for a warning system, and assists in root cause that a vulnerability is being exploited.
  5. Auditability results in faster turnaround for identifying and pressure to fix exploits immediately to all in the ecosystem, resulting in a more transparent and trustworthy community. The con to this is that complex fixes that require a lot of time could introduce more risk if improperly done.

My preference based on this line of thinking: Complete anonymity would be great to add at some point, and timing the maturity of the technology is critical. I believe full anonymity should be the ABSOLUTE last piece of technology added to Zcoin, potentially several years after all other technologies have proven themselves. Otherwise, we lose a valuable tool to build trust in the technology.

Another possible solution is to make the feature of anonymity a voting toggle for nodes/miners or something of the like, so when large technology updates go out auditability could be turned back on as needed. Or developing some way to continually audit the chain without knowing who has what, zero knowledge style.


#3

For a currency to be a form of sound money, its supply MUST be auditable. This is why Zcoin and Dash are far better coins than Zcash or Monero.

Now Zcoin has a HUGE advantage over Zcash in light of the recents developments:

For Zcoin to keep its edge and gain momentum, and be usable as a store of value, it is my opinion that supply auditability must be prioritized in the long term. Otherwise, the integrity of its economy would just be an assumption that there is no unknown bug or flaw being secretly exploited.

In a few years, the rapid advances of artificial intelligence will make sure that any flaw in the code will be quickly discovered and secretly exploited by AI agents, whether publicly recognized or not.

Trusting the code is not sufficient anymore if optimal security is the goal.