The cameras were rolling as Bitcoin Core developer Peter Todd set fire to the computer he’d just used to help bring Zcash to life.
Wearing a gas mask he’d purchased at a local shop near Valemount, British Columbia, he burned the components with a propane torch until they turned almost completely black. His intention was to prevent anyone from ever recovering their contents.
Todd then bagged up the torched components, and drove in a rented car from the sparsely populated setting of the ceremony to the small town of Kamloops, better known for its pulp mill than for being one of the birthplaces of a new cryptocurrency.
The burn ceremony was the final step of a weeks-long process to be described in detail in an upcoming post on Todd’s blog. (Todd was just one of six people around the world conducting their own unique version of the ceremony).
If the defensive measures do what they were intended to do, they should have prevented anyone from using the keystrokes recorded on the various computers from creating undetectable counterfeit cryptocurrency.
If that and countless other steps seem like unwarranted caution consider this: in the two weeks since Zcash launched its global market cap has grown from zero dollars to $3.2m, or an increase of about $200,000 per day. With a long history of comparisons to cyrptocurrency as a possible global currency, the sky is the limit.
The problem is it doesn’t currently appear to be possible to prove the ceremony worked.
With a bit of work perpetrators could surreptitiously ascertain keystrokes using radio signals, traditional cameras, satellites or other methods, according to Todd. If they are able to repeat the events of the ceremony exactl, they would have the almost magical powers to create Zcash out of thin air, and thanks to the zero-knowledge nature of the currency, no one would ever know.
The ceremony is an act of what is called security theater, a term was popularized in the late-2000s by the writings of security expert Bruce Schneier who defined it as “security primarily designed to make you feel more secure.”
But security theater is also a form of deterrence.
Examples range from babies wearing RFID bracelets in hospitals to discourage kidnapping to nations parading war planes and missiles in front of their citizens to make them feel safe.
But the Zcash ceremony highlighted a crucial component of security theater: trust. Do those RFID bracelets actually do anything or are they just plastic strips with pretty shapes printed on them? Do those planes actually have warheads in them or are they little more than empty shells?
As Todd made clear, all this security theater means nothing if the audience doesn’t trust the actors.
From the introduction to the unpublished post:
“Nothing you will read below changes the fact that you’re trusting me and five other participants not to collude. Full stop. End of story. It is IMPOSSIBLE for myself and the other participants to prove to a third party that we did not collude to keep the secret key. If you do not believe you can trust me, you should stop reading now.”
Trust and trustlessness
And therein lies the problem. Do you trust Todd? Do you trust Zcash advisor, Andrew Miller, who is another of the public participants in the ceremony. Or Coin Center director of research Peter Van Valkenburgh? How about Zooko Wilcox, Zcash’s CEO? The identities of two of the other people entrusted to ensure the safety of the system have yet to be revealed.
Though Zcash is built on a trustless protocol, to provide the true anonymity its creators desired, the ceremony reintroduced the element of trust.
“Even if they executed perfectly, there’s another concern that still, ultimately, the only thing that other people have, the other 7 billion people on this planet have, is to trust six people and assume that what they’re saying is absolutely true, and that nobody was able to compromise them,” said Greg Slepak, founder of email security firm Tao Effect, and the non-profit okTurtles (which works to ensure decentralized technologies are used for the benefit of society).
Slepak is an early detractor of Zcash’s so-called “trusted setup” and a vocal skeptic who alleges the security theater designed to discourage attacks may have not actually done what it was designed to do.
In March, Slepak enumerated a series of his concerns about the impending launch of Zcash in a blog post on the okTurtles site. In particular, he called for the Zcash team to be more transparent about the potential risks surrounding the trusted setup prior to the launch.
Then, in September, he published another account of a number of incentives that exist for third-parties to compromise the setup. Specifically, he expressed concern about intelligence agencies from state governments that don’t want to lose the monopoly they have on printing truly fungible currency.
The frustration in Slepak’s voice is noticeable when he talks about his concerns. In Zcash, he sees…