The Electric Coin Company (ECC)—which helps to maintain privacy coin Zcash—thinks it has come up with a solution to one of Zcash’s biggest self-acknowledged flaws. Halo, a new idea announced today, offers a means to create private transactions without a trusted setup.
The trusted setup is a potential flaw that could allow the entire blockchain to be controlled by one party—if it was compromised or rigged. Imagine a locksmith who creates a padlock and gives you the key; you’ve got to trust the locksmith that he didn’t make a copy and won’t rob your house later. Zcash’s system creates a plausible scenario where there is a backdoor to transactions, which a lot of people don’t like. Halo, discovered today by the ECC’s engineer and cryptographer, Sean Bowe, could put an end to the problem.
A trusted setup is currently needed to create zero-knowledge proofs, the complex cryptography that Zcash uses to make private transactions possible. (This is where user data is kept hidden from the blockchain but transactions can still be made.) And while Zcash goes to great lengths to try to make it a decentralized process, with as many parties as possible involved—helping to make the chances of being hacked small—it’s still a fundamental weakness for the nascent privacy coin.
The solution aims to achieve the same goals of secure, private transactions that Zcash offers, but without the trusted setup. Bowe’s new technique, published in a paper co-authored by colleagues Jack Grigg and Daira Hopwood, uses proofs to verify other proofs without the need for any third party.
The ECC claims this allows for, “practical, scalable and trustless cryptographic proving systems."
The ECC is making Halo free to everyone worldwide. “Both the paper and the prototype implementation are available under an open source license. There is no patent or other restrictions to its use,” reads the announcement. (Which is good considering how badly the ECC has handled its hoo-ha with the non-profit Zcash Foundation over the Zcash trademark.)
While, Halo hasn’t been implemented yet, the ECC has bold expectations for this new piece of technology. Not only is this good for Zcash, it stated, but, “it is also good for the entire fabric of a decentralized internet.”