I think it's worth paying the "genius" tax. Though controversial, the tax manifests in the form of inflation and will help fund a company that can get things running and stable.
Of all the qualms I have with Zcash, I think that their mining fee is one of the cleaner ways in the ecosystem to fund altcoin development. This technology takes a lot of effort, and a lot of salary money to develop. And then you have to do marketing, PR, bizdev, etc.
re: qualms:
- trusted setup makes me uneasy
- could have picked more than 5 people for signing party
- cryptography is really scary - lots of assumptions, lots of things that haven't really stood the test of time or the examination of experts
- equihash was a poor decision, and a confusing one given that it's pretty well understood that complex hashing functions are counterproductive (and we've seen this play out already for Zcash, things are just getting started)
- The 'slow start mining' was also a really bad idea, and I would almost suggest that it's abusive to the community. More than $100,000 of trade volume happened over Zcash at prices that are 1000x the current price of Zcash. It should have been easy to understand that this would happen.
Mostly, I would urge people not to use Zcash for situations that require real anonymity. E.g. wikileaks accepting donations, or routing around captial controls in oppressive countries. And this is because I do not believe that the cryptography will hold up. There's too much of it, it's too new, and it's too interesting (e.g. a lot of aspiring undergrads and grads are looking to make their mark on the world, and breaking Zcash would be a great way to do that). I believe that your privacy will be compromised retroactively, and not due to bugs but due to actual cryptographic breaks. And then you're back to the Bitcoin network where everyone can see everything, and you're vulnerable.
> Mostly, I would urge people not to use Zcash for situations that require real anonymity. E.g. wikileaks accepting donations, or routing around captial controls in oppressive countries. And this is because I do not believe that the cryptography will hold up. There's too much of it, it's too new, and it's too interesting
I would disagree; the cryptography that people are more skeptical of in Zcash involves soundness of the zero-knowledge proofs. (i.e., if counterfeiting could occur) Privacy is protected by standard cryptographic assumptions that are relied on in other systems.
The slow start was a good way to avoid unfair distribution in the beginning phase when miner implementations were still being written, deployed, tested, debugged, ported and optimized.
In fact I would advocate for a zero-day start, where the first few hundred blocks following genesis have exactly 0 reward, coupled with an overestimated initial difficulty, so people have some less stress-full time to get set up and sort out technical problems.
The crazy initial prices are abusive to no-one except the fools who pay them.
We will have to agree to disagree. Inflation is a trade-off - it hurts people holding the coin but it increases distribution.
I generally hold the opinion that you should not create traps for speculators, that's exactly what slow start mining is.
I think there are better ways to prevent unfair early distribution, such as a more responsive difficulty adjustment algorithm (per the work of maaku), or even just a longer inflation taper. Instead of mining half the entire supply in just 4 years pick something a bit slower.
Or do something like let Bitcoin holders as of X date collect a proportionate amount of coins in a premine. Then you get to borrow from some of the distribution that Bitcoin has already achieved.
---
And you are right as far as traders only hurting themselves. Nobody aware of the inflation schedule bought above $1k per coin, I'm almost certain of that. But I think what happened is akin to throwing a bunch of black belts into an arena with people who have never been in a fight before. Sure, they might have chosen to be in the arena, but are you free of responsibility when they get hurt? Especially if they did not realize they would be fighting champions?
Perhaps a weak metaphor. But I think disingenuous to call someone a fool simply because you had more information than they did. It doesn't seem right to me to use that to justify predatory behavior.
Thinking further, you could have achieved something similar by refusing to allow coins to be traded for X weeks. E.g. no coins at all can be sold until the first 2 weeks of mining become available all at once.
It's fair-ish distribution, without the absurd trading game that followed the Zcash release.
> There's too much of it, it's too new, and it's too interesting (e.g. a lot of aspiring undergrads and grads are looking to make their mark on the world, and breaking Zcash would be a great way to do that). I believe that your privacy will be compromised retroactively, and not due to bugs but due to actual cryptographic breaks. And then you're back to the Bitcoin network where everyone can see everything, and you're vulnerable.
Which component do you think is most likely to break?
Privacy of ZCash is not affected by the underlying cryptography; the zero knowledge proofs used enjoy perfect zero knowledge, which does not rely on any cryptographic assumptions.
Basically yes. Strictly speaking privacy also relies on assumptions about Curve25519 (with a Blake2b-based key derivation function) and ChaCha20, but those are standard and uncontroversial.
Of all the qualms I have with Zcash, I think that their mining fee is one of the cleaner ways in the ecosystem to fund altcoin development. This technology takes a lot of effort, and a lot of salary money to develop. And then you have to do marketing, PR, bizdev, etc.
re: qualms:
- trusted setup makes me uneasy - could have picked more than 5 people for signing party - cryptography is really scary - lots of assumptions, lots of things that haven't really stood the test of time or the examination of experts - equihash was a poor decision, and a confusing one given that it's pretty well understood that complex hashing functions are counterproductive (and we've seen this play out already for Zcash, things are just getting started) - The 'slow start mining' was also a really bad idea, and I would almost suggest that it's abusive to the community. More than $100,000 of trade volume happened over Zcash at prices that are 1000x the current price of Zcash. It should have been easy to understand that this would happen.
Mostly, I would urge people not to use Zcash for situations that require real anonymity. E.g. wikileaks accepting donations, or routing around captial controls in oppressive countries. And this is because I do not believe that the cryptography will hold up. There's too much of it, it's too new, and it's too interesting (e.g. a lot of aspiring undergrads and grads are looking to make their mark on the world, and breaking Zcash would be a great way to do that). I believe that your privacy will be compromised retroactively, and not due to bugs but due to actual cryptographic breaks. And then you're back to the Bitcoin network where everyone can see everything, and you're vulnerable.