Edward Snowden, the ex-CIA employee, and a whistle-blower has tweeted his support for the digital currency Zcash. According to Snowden, the founders’ reward has encouraged and finances the team to approach concerns that recognized and patched by them recently. He tweeted
Zcash has patched a vulnerability that could have allowed an attacker to coin infinite Zcash (ZEC).
Zcash Counterfeiting Vulnerability
Ariel Gabizon, an engineer at the Zerocoin Electric Coin Company which is behind privacy-focused cryptocurrency Zcash found the vulnerability before his speech at the Financial Cryptography 2018 conference in March 2018. Eleven months ago the company found a simulation vulnerability in the cryptography holding some sorts of zero-knowledge proofs.
The counterfeiting vulnerability was patched by the Sapling network upgrade that initiated on October 28th, 2018. The vulnerability was explicit to counterfeiting and did not influence user privacy. Prior to its remediation, an attacker could have generated fake Zcash without being disclosed. The counterfeiting vulnerability has been fully solved in Zcash.
On March 1, 2018, Ariel Gabizon, a cryptographer hired by the Zcash Company had found a complex cryptographic flaw in the [BCTV14] paper that explains the zk-SNARK system employed in the primary launch of Zcash. The defect enables an attacker to build counterfeit shielded value.
After discovering the vulnerability, Ariel instantly reached another cryptographer at the Zcash Company, Sean Bowe. After Sean verified the presence of the vulnerability, Zooko Wilcox (CEO of the Zcash Company) and Nathan Wilcox (CTO of the Zcash Company) were instructed. Through precise coordination, the counterfeiting vulnerability was alleviated in the Zcash network without any associated further exposure outside this group of four people.
Edward Snowden has praised Zcash and insisted that the much-debated founders’ reward is crucial to draw the best brains to work on the Zcash project. For him, such a regular amount of the developers enables them to identify problems and patch them before they can be abused by attackers.
To utilize the counterfeiting vulnerability, an attacker would have required to hold data obtained in the big MPC protocol transcript that was available soon after the launch of Zcash.
Disclaimer: This information should not be interpreted as an endorsement of any cryptocurrency. It is not a recommendation to trade. The crypto market is full of surprises and overhyped assets. Do your research before buying anything. Do not invest more than you can afford to lose.