From Zcoin to Firo, not just a name change

黄雪姣

读者

2020-12-01 04:52

This article is about 5627 words, reading the full article takes about 9 minutes

Improve usability, enhance anonymity.

AI Summary

Expand

Improve usability, enhance anonymity.

On November 30, Bitcoin sang all the way, breaking through 19,800 USDT in one fell swoop, standing at a historical high. Immediately, old mainstream currencies such as LTC and BCH followed suit. The official arrival of a new round of bull market has become the consensus of most people.

At this time, Odaily noticed that Zcoin, which also has a "long" history, was planning to change its name. Once the name is changed, users who have heard of it but have not participated in it will be even more unrecognizable. This is a big loss for a 4-year-old coin.

So, what is Zcoin's "toss" all about? Do you want to repackage yourself by changing your name? Or is the technology behind it really different?

secondary title

01 Zcoin announced the name change, what is the purpose of refilling the old jar with new wine?

On October 30th, the Zcoin team announced to change the name of the project to "Firo", and the abbreviation of the token was also changed from XZC to FIRO.

Firo was developed based on the "zerocoin protocol" in September 2016. It can be said that it is the same as the "Zcash big zero currency". Therefore, Zcoin is also known as "small zero currency" in the Chinese market. In the past 4 years, this has It has become a big label for it.

By September of this year, Firo completed the first halving of block rewards, and announced a name change a month later. At such a point in time, it can be said that it has been "planned for a long time" to "make a facelift".

According to the official blog, the name change of Firo is mainly based on two considerations.

One is to distinguish it from Zcash. Firo pointed out that although it is also the "privacy genre" of zero-knowledge proof, Firo, which has undergone several major updates, is quite different from the early Zcoin, and is fundamentally different from Zcash, so similar names should not be used anymore.

The second and more important reason is that the name Firo is more in line with the vision of the community.

"Firo is reminiscent of burning, phoenix nirvana and those living things. This not only vividly describes Firo's current combustion-generated privacy mechanism, but also reflects Firo's enthusiasm for privacy as a basic human right. Second, Firo listens to It sounds like money and is catchy, like lira, euro, peso,” Firo wrote on his blog.

“Privacy and money are two things that we believe everyone can use. Our mission is to make it user-friendly and support mass adoption.”

As of yesterday, the name change of Firo officially took effect, and the websitezcoin.iowill redirect tofiro.org, wallets and exchanges will also change Firo's name, code name and logo.

secondary title

02 Can Firo change his life by changing his name?

The Zerocoin Protocol used by Firo and Zcash was originally conceived by academics.

In 2013, Professor Matthew D. Green of Johns Hopkins University and his graduate students Ian Miers and Christina Garman proposed the Zerocoin Protocol, mainly to provide privacy for Bitcoin.

As the first project to implement the Zerocoin protocol, Firo publicly released its testnet at the end of 2015 and officially launched on September 28, 2016.

Firo used its 4 years of actions to step out of Zcash and move towards its own privacy route. Looking at its roadmap, in the past four years, Firo has achieved iterative upgrades far more frequently than other old projects, including:

Change the POW algorithm from Lyra2z to MTP (Merkle Tree Proof, Merkle Tree Proof) to achieve the fairness of different hardware mining;
Iteratively upgraded the privacy technology twice: the Sigma protocol was officially implemented in July 2019, and the Lelantus protocol will be deployed in January 2021;
In May this year, the ZNode master node network and the Chain Lock chain lock mechanism were added to enhance the security and availability of the chain;
And Dandelion, an enhanced privacy route added in 2018, prevents users' IP addresses from being artificially monitored and associated with transactions.

With so many changes, can it separate itself from Zcash and more anonymous coins?

We might as well use a table to briefly understand the similarities and differences between Firo and the three major anonymous coins Dash (Dash), Monero (Monero) and Zcash. These four coins also represent the three most important privacy schools.

Dash and Monero can be called the originator of anonymous coins, which were launched in 2014. Zcash and Firo came later, not until 2016.

From the perspective of the incentive mechanism, the four coins all adopt the PoW mechanism, but Dash and Firo have added a PoS layer to Layer 2.

Called MasterNodes in Dash, these nodes have four major functions: providing currency mixing services, instant payments, generating chain locks against 51% attacks, and community governance. In return, the master node can get 45% mining rewards

In May of this year, based on the Dash master node network, Firo launched Firo ZNode, which is called the "deterministic master node list" to optimize the efficiency of master nodes in completing consensus and reduce the risk of forks or centralization.

Next, let’s look at the hardest privacy technology of each coin.

In essence, the ring signature technology adopted by Monero is similar to Dash's currency mixing technology. The former uses multiple signatures to make it impossible to connect the two parties in the transaction, thereby hiding the relationship between them, which is very similar to the currency mixing technology.

Some people in the industry believe that the privacy of Monero and Dash, which achieve privacy through the principle of currency mixing, is not as high as imagined.

The figure below shows the performance of various privacy technologies summarized by the Layer 2 privacy protocol - Qtum Phantom Protocol (Phantom Privacy Protocol). It can be seen from the figure that the privacy technology with the highest anonymity must be able to satisfy the absolute privacy of the amount and address connection at the same time. Among the five schemes listed, zk-SNARK and MimbleWimble, which both belong to the zero-knowledge proof category, are slightly better.

Going back to the picture at the beginning, in addition to the three major anonymous coins, the privacy technology adopted by Firo may sound unfamiliar to many people, but it is actually a zero-knowledge proof algorithm.

So, how does the most private zero-knowledge proof work?

The characteristic of zero-knowledge proof is that it allows the transaction verifier to only verify that the transaction initiator really owns the currency, without verifying who he sent it to and how much he sent, then complete the transaction and record it on the chain, thus cutting off the link between the address and the transaction. contact.

How does the transaction sender prove its balance?

For example, A wants to transfer a Firo to B, then he submits an anonymous transfer application to the system, and the system will destroy a Firo and generate a property right certificate, which proves that he owns a Firo. Through this proof, A can explain to the verification node that he does have the balance transferred to B, so the verification node mints a brand new Firo without any transaction history for B. This way, we all know that a transaction happened, but we cannot track the link between addresses.

Let's look at the last two items, hidden object and privacy level. Among the four tokens, Monero and Zcash can provide fully anonymous transactions from address to amount, with a higher level of privacy, but at the same time they allow anyone holding a private view key No one reviews the account, and the privacy is slightly compromised.

Dash and Firo are semi-anonymous, the former does not hide the address, and the latter does not hide the transaction amount, but as mentioned above, the tokens transferred anonymously by Firo have no historical records, and no records will be left for future outflows. Each account is like An isolated island, even if the transaction amount is not hidden, the privacy is still good.

On the issue of whether to support non-anonymous transactions, Monero seems to "go all the way to the black", and the entire network is anonymous transactions; the other three all support non-anonymous transactions.

Through the above, you should also see that Firo is a token with strong privacy performance, no less than the three major anonymous coins. Especially compared to Zcash.

secondary title

03 Zero-knowledge proof different from zk-SNARK

Here we also made a clear comparison chart.

As shown in the figure above, both Zerocoin Protocol and zk-SNARK come with a setting called Trusted Setup (pre-trust mechanism).

As its name suggests, this setup requires some important builders (such as the founders and core developers) to generate some secret (public) parameters based on the “master private key” when launching the mainnet, and The key that can set the parameters is then destroyed, and the network can start running. These parameters will form one of the elements of each "Zero-Knowledge Proof" thereafter.

The secret public parameter after destroying the secret key is considered to be a state known to the system but not known to others (including the creator), thus making the process of zero-knowledge proof transactions unknowable, and finally realizing private transactions.

The importance of Trusted Setup to the network is self-evident, but because it is a man-made and centralized operation, it is difficult for people to guarantee that the person who set it up will not keep the secret key of the set parameters and do evil at some point in the future (such as additional issuance Token) .

According to the official blog, Sigma is based on academic papers"One-Out-Of-Many-Proofs: Or How to Spill Secrets and Spend Money"(Jens Groth and Markulf Kohlweiss) improved and upgraded by usingPedersen commitmentAnd other encryption technology to replace the original need for trusted parts (RSA accumulator).

So we see that the important role of Sigma is to remove this initial setting. At the same time, "We also use"DDH-Based Short Accountability Ring Signature"The improved version of Sigma technology in the paper reduces the proof size to 1/17 of the original, and the use of the 256-bit ECC curve in Sigma will also improve the security of the network. ’” Firo wrote on his blog.

Although it is daring to try new technologies, the application of each technology is not decided by brainstorming. The idea for the next-generation privacy protocol Lelantus was formed when the Sigma testnet was released.

Firo blogged in early 2019, "Sigma is the predecessor of Lelantus, and the protocol further builds on Sigma, greatly scaling its transactional performance by eliminating the need to fix and spend fixed denominations. Deploying Sigma provides us with Necessary time to develop Lelantus while doing academic/peer review and observing improvements.”

The record of a new cryptography technology needs to be verified over a long period of time. Whether it is Sigma or Lelantus, each step of realization is to solve problems step by step and lay a solid foundation for realizing a qualitative leap.

Based on Sigma, Lelantus added a custom anonymous amount.

In the Sigma phase, the usual way you want to anonymously trade 153 tokens in Firo is to operate transfers of 100 + 50 + 1 + 1 + 1 tokens respectively.

After Lelantus is deployed, you can directly operate on any amount of funds, and you can even have an anonymous account balance, that is, destroy 200 tokens first, but not all of them are spent, but wait until you need to take them out, first compare The original fixed denomination destruction generation scheme is much more convenient.

secondary title

04 Breakthrough of privacy public chains such as Firo

There are many attempts of Firo. In summary, it is to improve usability and enhance anonymity. It also hints at the path Firo has chosen in dealing with external challenges.

We discussed a classic question during the Zcash halving last month -Under the dilemma of privacy public chain, where should privacy coins go?。

Just as some industry insiders said about the "final conclusion" of privacy coins, "For tokens that want to go to the public, pure privacy performance is not suitable as a core value proposition; but looking at the future of privacy, mainstream cryptocurrencies deploy privacy functions may become the ultimate destination of the privacy field.”

image description

data fromnon trumpet, statistical time: 2018.10.10

This reflects to a certain extent that the audience for private vertical public chain stories is becoming increasingly scarce.

In 2018, people have discovered that Dash and Zcash, which support non-anonymous transactions, have a low privacy usage rate. Even the usage rate of Bitcoin’s currency mixing is higher than the privacy transaction usage rate of the two tokens.

In the past two years, the story of the blockchain world has become more abundant. From chain efficiency and cost breakthroughs to practical breakthroughs, we have seen too many choices that can make the blockchain world better. Privacy is of course just needed, but it can also be added to these new public chains as one of the functions. At that time, why is it necessary to use non-anonymous coins?

In dealing with this problem, we have seen that tokens represented by Dash choose to change their ways and plan for transformation.

In October 2019, Raico, the head of the Dash Chinese community, said in an interview with Odaily, "Dash is instant payment by default, and anonymous payment is only an option. This shows that what Dash wants to do is not an anonymous currency, but a payment digital currency, Digital Cash (digital cash).”

More privacy coins represented by Firo choose to carry out anonymity to the end.

With the Lelantus upgrade next month, Firo will move from optional anonymity to default anonymity.

“When anonymity needs to be checked, few people choose to do so, avoiding the extra step of conducting anonymous transactions. But this will reduce the anonymity of the system, because the fewer people use the function, the relative deanonymization will be The easier it is. So our goal is to be anonymous by default when transacting.”

In this regard, Reubster, the head of the Firo project, once answered this question when answering in the AEX community.

"We do see that public chains such as Ethereum have goals and plans to integrate private transactions. They have the advantage of utilization rate, but they do not have the advantage of absolute privacy. The privacy needs of other public chains are mostly for specific scenarios, not Sufficient privacy, because the bottom layer of the public chain is not private, but a certain link is private, so when you use it, there may be a side effect of no money here, and people will notice you and monitor you through other links Even analyze your transactions. Therefore, I believe that the completely anonymous and private public chain is irreplaceable.”

In terms of usability, in addition to expanding the speed and convenience of anonymous transactions in depth, Firo is also developing the tokenization platform Elysium horizontally, allowing users to create highly anonymous tokens on Firo.

In addition, similar to Zcash, Firo is also entering the Ethereum ecosystem as a special asset for circulation.

According to the data from Noeasy, the current lock-up volume of the Firo ZNode master node is 5.86 million FIRO, and the lock-up tokens account for 52% of the circulating tokens. Small. Now, these locked-up tokens can already enter Ethereum through StakeHound.

On October 30, the cross-chain DeFi bridge StakeHound officially released the FIRO anchor token stakedFIRO on Ethereum. As a result, "investors no longer need to choose between Znode pledge or participation in DeFi."

According to the official introduction, the current locked value of FIRO in StakeHound has reached 850,000 US dollars.

On the roadmap released this year, we have also seen more ambitious plans of Firo, including the exploration of using ProgPOW to replace the MTP consensus algorithm, and the exploration of application scenarios after the launch of Elysium, etc.

References: