Did the Infinite Growth really happen? The founder of Zcash responded to the four questions of the market
After the Ironwood upgrade, the user can personally verify that Zcash has no excess hair。
Original title: Four Questions About the Orchard Vulnerability
Original by Jason McGee, Shield Labs CEO, Zooko Wilcox, Zcash Founder
Original: Qin Xiaofeng, Odaily Daily Planet
Other OrganiserOn June 5th, Beijing time, the privacy project Zcash was blown up by a new generation of privacy pools, Orchard, where there was a key forgery loophole, and Zcash currency ZEC once fell to a minimum of $250。
AFTER 10 DAYS OF FERMENTATION, THE PANIC IN THE MARKET SUBSIDED AND ZEC PRICES WARMED UP, AND TODAY THEY RETURN TO $500. (RECOMMENDED FOR READING)"INFINITE PRINTING" LEAKS FOR FOUR YEARSI'm not sure
This morning, the founder of Zcash, Zooko Wilcox, once again published a long paper addressing market concerns。
He indicated that the Orchard loophole was more likely to be unexploited and that legitimate Orchard funds could be recovered; that the current user was unable to verify for itself whether the Zcash supply had exceeded the standard, but that the Ironwood upgrade would seal the Orchard pool and restore this certification capability; and that no other forged loophole had been identified in the ongoing review, but it was fully established that more work was needed。
Recent Orchard loopholes have raised important questions about the availability of Zcash and the security of user funds. The multiplicity of topics in the discussions made it difficult to understand the practical impact of the gap on users. The paper attempts to separate these issues and to explain their meaning to users one by one。
Orchard's loophole raises four important questions:
1. Has the Orchard loophole ever been used
Can legitimate Orchard funds be recovered
Can users verify that the supply of Zcash has not increased
How do we know that there are no other forgeries
Orchard, has the hole ever been used
Unknown. We do not believe that the possibility of being used previously is significant, although it cannot be completely ruled out. We believe that the loopholes may not be exploited for three reasons:
Although many of the world ' s top passwordists and security researchers have been continuously reviewing this loophole for many years, it has not been previously discovered. Its ultimate discovery was not by chance; it was discovered by Taylor Hornby of Shield Labs, with the aim of proactively identifying such security loopholes before the malicious assailants could obtain them。
Taylor uses advanced AI Auxiliary Safety Research techniques and custom-built self-defined tools designed to identify the minor defects left out by others, which are more difficult for people who are not familiar with the Zcash code library。
Once the loophole was discovered, the Zcash developer (led by the Zcash Open Development Labs team) quickly, in coordination with the mine pool, temporarily frozen the Orchard pool and deployed repair procedures, thus limiting the window of opportunity for any attack。
The use of encrypted currency loopholes is common, and the attackers usually realize them as quickly as possible, especially after the loopholes are made public. In order for the attackers to profit from this loophole, they need to convert the forged ZEC into a valuable asset, which usually leads to ZEC moving out of the Orchard pool through the turnkey mechanism。
IF THAT LOOPHOLE HAS BEEN EXPLOITED BEFORE IT IS REPAIRED, WE EXPECT EVIDENCE TO EMERGE BY NOW. HISTORICALLY, THE USE OF LOOPHOLES IN ENCRYPTED CURRENCY HAS OFTEN BEEN A "SNATCH" EXERCISE, RATHER THAN A STRATEGY TO HIDE MONTHS OR EVEN YEARS LIKE 4D CHESS。
Can legal Orchard funds be recovered
We believe it is, because we believe that that loophole has never been exploited. If this is correct, all legitimate Orchard funds can still be fully recovered。
On the other hand, if a forgery occurred in Orchard, the existing trans-shipment mechanism would limit the total volume of migration to the amount of ZEC that entered the pool legally。
As a result, if the counterfeit money precedes the transfer of legal funds, users will not be able to recover some or all of the legitimate Orchard funds。
We believe that this is unlikely to happen. For more cautious users, however, it is recommended that ZEC be removed from Orchard。
Before doing so, however, they should understand the following:
the transfer of funds to the transparency pool (i.e. to the t address) will reveal the amount and timing of the transfer, and the funds will be publicly linked to that t address。
• The transfer of funds from Orchard pool to Sapling pool would reveal the amount and timing of transfers, but, unlike the transfer to t address, it would not link the funds to a particular address or transaction history。
• Sapling pool relies on a credible ceremony in 2018. Relying on the security of this credible set-up is an additional risk that users should be aware of。
• As far as we know, YWallet and Zkool are currently the only self-serving Zcash wallet that is widely used and supports Sapling pool。
:: Transferring funds to new wallets or hosting services would introduce additional risks, including user errors, software deficiencies, hosting party risks or other unforeseen issues。
In general, we consider the above risk to be moderate。
If your funds are currently stored in a safe wallet, it would be reasonable to leave them there, given our assessment that prior forgery is unlikely to occur. It may also be reasonable to transfer funds elsewhere if you have a safe way of doing so. Users can draw different conclusions depending on their own circumstances。
Can users verify that the supply of Zcash has not increased
NOT YET. THE PREVIOUS EXISTENCE OF THE LOOPHOLE PREVENTED THE USER FROM INDEPENDENTLY VERIFYING WHETHER THE ZEC THAT WAS CIRCULATING IN THE CURRENT SHIELD POOL DID NOT EXCEED THE CORRECT AMOUNT。
However, as we pointed out earlier, the upgrading of Ironwood restored this capability. The reasons are shown in the figure below。
The proposed upgrade of the network has solved this problem by adding the assurance that there are no more unknown forgeries and by blocking the Orchard pool. New funds are no longer available and the pool funds are no longer revolving。
The only remaining route left is through the existing trans-door mechanism, which ensures that ZECs transferred from the Orchard pool do not exceed the number of legal entries。
This change restored the ability to verify the integrity of Zcash supplies。
Currently, if there are counterfeit funds in the Orchard pool, they can continue to circulate in the pool. This is no longer possible after the upgrade. Whether or not the forgery occurred, any person who operated the node could verify that the ZEC in circulation would not exceed the correct amount。
Users do not have to wait for funds to be moved out of Orchard, nor do they need to infer possible behaviour on the part of the attackers or other users. The agreement itself provides verifiable assurance that the excess ZEC cannot continue to circulate within Orchard and push up the supply。
This is important because the long-term credibility of Zcash depends on the ability of users to verify the integrity of their supply. Ironwood has restored its ability to independently verify whether the supply restrictions of the protocol have been enforced。
How do we know there are no other forgeries
We are not entirely certain yet, but we have reason to believe that there are no other loopholes. Shield Labs and several other teams have been carefully examining whether there are other forgeries in the Zcash agreement。
This includes searching for additional loopholes with the help of Anthropic, shortly before Mythos was suspended, using the unpublished Mythos AI model. We plan to share more details about the review and its findings in the follow-up Boeed。
TO DATE, NO OTHER FORGERIES HAVE BEEN DETECTED. THE HIGH LEVEL OF EXPERTISE, EFFORT AND ADVANCED AI SUPPORT ANALYSIS INVOLVED IN THE SEARCH GAVE US GREATER CONFIDENCE THAT NO SIMILAR LOOPHOLE HAD BEEN DISCOVERED。
In addition, we are working with projects such as Tachyon Project to provide additional assurances that there are no more forgeries in Zcash. We will further elaborate on this in future literature。
Conclusions
Orchard's loophole presents four important issues:Whether the loopholes have been used, whether legitimate Orchard funds can be recovered, whether users can verify that the supply of Zcash has not increased, and whether other undiscovered forgeries exist。
We do not see the possibility of having been used previously, so that legitimate Orchard funds can be recovered and the current supply of Zcash is safe. We are also increasingly convinced that there are no other undiscovered forgeries, based on continuous review by many independent researchers and teams。
However, users are not yet able to verify the safety of Zcash supplies, and they should not have relied on our assessments — or those of any other person。
The proposed upgrade of the network addresses this problem. Through the storage of the Orchard pool, it restored the user ' s ability to independently verify the security of Zcash supply. Users no longer need to judge whether a forgery has occurred to verify whether the supply restrictions of the agreement have been complied with。
Original Link
