Author: Adam Back 2013-05-14 14:09:02
Published on: 2013-05-14T14:09:02+00:00
Adam Back, a cryptographer who played an important role in the development of Bitcoin, raised concerns about taint and revocability in cryptocurrencies. He argued that "ecash should not be revocable" and highlighted that Bitcoin currently has a partial problem because of taint which risks making coins unspendable or spendable only with certain users or at a discount. Although the policy coded for Bitcoin says that all coins are equally acceptable, people can unilaterally reject them based on their taint. However, so far, revocability has not been an issue yet. Back also explored whether the taint issue could be fixed efficiently without blinding or ZKP of set membership. He suggested committing to a payment and locking a coin without identifying oneself until the commitment is released. This would be like a self-issued green coin with no need for trust, which can be immediately cleared. The recipient would have to be committed to at the same time to prevent double-spending. Furthermore, Back discussed blinding-based unlinkability in a distributed cryptographic payer/payee anonymous system like Sander & Ta Shma and zerocoin. These systems have been based on zero-knowledge proof (ZKP) of set membership, which is expensive. Zerocoin improved the ZKP with a relatively efficient (but still cut-and-choose) proof. Commitments are also another related concept that could address the taint issue.
Updated on: 2023-06-06T16:54:18.157993+00:00