Difference between revisions of "Firo (XZC)"
m (1 revision imported) |
|||
Line 14: | Line 14: | ||
* [https://cryptobriefing.com/privacy-coin-zcoin-will-rebrand-firo-november/ From] [[Crypto Briefing]] (27-10-2020): | * [https://cryptobriefing.com/privacy-coin-zcoin-will-rebrand-firo-november/ From] [[Crypto Briefing]] (27-10-2020): | ||
"''Zcoin was originally built on the Zerocoin protocol, a system that is closely related to [[Zcash]]’s Zerocash protocol. In December 2019, it introduced a new protocol (Sigma) which offered various improvements such as anti-counterfeiting measures."'' | "''Zcoin was originally built on the Zerocoin protocol, a system that is closely related to [[Zcash]]’s Zerocash protocol. In December 2019, it introduced a new protocol (Sigma) which offered various improvements such as anti-counterfeiting measures."'' | ||
== Audits & Exploits == | |||
* [[Bug bounty]] program can be found [https://firo.org/2018/07/15/firo-vulnerability-bounty-program.html here] (21-11-2022) and goes up to 50k. | |||
=== Bugs/Exploits === | |||
==== Zerocoin Protocol Vulnerability and Lelantus Future ==== | |||
* Got a serious [https://zcoin.io/further-disclosure-on-zerocoin-vulnerability/ vulnerability] back in 4-2019. It basically meant their protocol was broken and most projects utilizing Zerocoin stopped their private send functions afterwards. Projects affected were: ZCoin itself, [[Pivx (PIVX)|PIVX]], [[Veil]], [[GravityCoin (GXX)|Gravity Coin]], [[NavCoin (NAV)|Navcoin]] (who was developing a Zerocoin variant called ZeroCT on their [[testnet]]) and [[NIX (NIX)|NIX]]. On 19-4-2019 core developer [[Peter Shugalev]] found the root cause of the issue and confirmed that it was a failure in the cryptography of the Zerocoin protocol and that it affected all Zerocoin implementations. Forged coins were created, but not exceeding 1% of the circulating supply. The issue was not from a coding error, but from a cryptographic flaw in one of the proofs in the Zerocoin protocol that has existed since its inception. | |||
* Afterwards ZCoin [https://zcoin.io/further-disclosure-on-zerocoin-vulnerability/ decided] (26-4-2019) to abandon the Zerocoin protocol. ''"Although we believe that Zerocoin can be fixed given sufficient time, we have decided not to dedicate further resources to it. This is in line with our [[roadmap]] to transition away from Zerocoin to [https://zcoin.io/what-is-sigma-and-why-is-it-replacing-zerocoin-in-zcoin/ Sigma], which has no trusted setup, security proofs for all its proof systems, and it has a much simpler construction along with its performance benefits."'' | |||
* From [https://zcoin.io/what-is-sigma-and-why-is-it-replacing-zerocoin-in-zcoin/ their website] (20-3-2019): | |||
''"Sigma is a precursor to our next gen privacy protocol [[Lelantus]] developed by our cryptographer [[Aram Jivanyan]] which further builds on Sigma and greatly expands its functionality and privacy features by removing the need for fixed denominations in minting and spending. Deploying Sigma gives us the necessary time to develop Lelantus properly while it undergoes academic peer review and further improvements."'' | |||
==== Lelantus issues ==== | |||
* [https://www.coindesk.com/privacy-coin-firo-disables-protocol-investigate-suspicious-transactions From] [[CoinDesk]] (27-2-2021): | |||
''"The team behind the privacy coin Firo has identified multiple Lelantus transactions that are “suspicious,” [https://forum.firo.org/t/lelantus-disabled-temporarily/1486 according] to project steward Reuben Yap. In response, developers have activated their emergency switch to temporarily disable Lelantus to give them time to investigate and identify the issue. “Our core team is working with several parties, including engineers from [[Trail of Bits]] (who audited our Lelantus cryptographic library), another cryptographer and a black hat to identify the issue."'' | |||
''This is the second in a pair of challenges that has arisen since the launch on Jan. 14. Less than a week later, Firo [https://twitter.com/firoorg/status/1351703001849757697?ref_src=twsrc%5Etfw%7Ctwcamp%5Etweetembed%7Ctwterm%5E1351703001849757697%7Ctwgr%5E%7Ctwcon%5Es1_&ref_url=https%3A%2F%2Fatozmarkets.com%2Fnews%2Ffiro-cryptocurrency-network-suffers-51-attack%2F experienced] a 51% attack that forced it to push a hotfix to address the issue. The Firo devs were able to disable the Lelantus protocol based on a previous vote that gave the core team the ability to temporarily “turn off and on features like Lelantus, chainlocks and instant send.”'' | |||
* [https://www.coindesk.com/privacy-coin-firo-lelantus-protocol-relaunch From] [[Coindesk|CoinDesk]] (1-3-2021): | |||
''"The Firo privacy coin’s Lelantus protocol has been reactivated following a [[Hard Fork|hard fork]] on April 22. The hard fork took place on [https://firoblockexplorers.com/block/2deb36b9810d005410fe994c27a7457b488236d61fda556e71f768feec377fff block 365544].'' | |||
''The protocol was [https://www.coindesk.com/privacy-coin-firo-disables-protocol-investigate-suspicious-transactions disabled] due to a number of suspicious transactions while the Firo team investigated. This was the second recent obstacle for the protocol, which also [https://www.coindesk.com/privacy-coin-firo-currently-experiencing-51-attack underwent] a [[51% Attack|51% attack]] earlier this year."'' | |||
==Governance== | |||
=== Admin Keys=== | |||
===DAO=== | |||
=== Treasury=== | |||
== Token == | == Token == | ||
=== Launch === | === Launch === | ||
Line 23: | Line 49: | ||
== Technology == | == Technology == | ||
* [[Whitepaper]] can be found [insert here]. | * [[Whitepaper]] can be found [insert here]. | ||
* Code can be viewed [ | * Code can be viewed [https://github.com/firoorg/firo here]. | ||
*Consensus mechanism: | |||
* | *Algorithm: | ||
=== Transaction Details === | *[[Virtual Machine (VM)|Virtual Machine]]: | ||
* Capacity ([[TPS]]): | * Development language used: | ||
====Transaction Details==== | |||
*Capacity ([[TPS]]): | |||
* [[Latency]]: | * [[Latency]]: | ||
=== How it works === | === How it works === | ||
Line 34: | Line 62: | ||
* [https://cryptobriefing.com/privacy-coin-zcoin-will-rebrand-firo-november/ From] [[Crypto Briefing]] (27-10-2020): | * [https://cryptobriefing.com/privacy-coin-zcoin-will-rebrand-firo-november/ From] [[Crypto Briefing]] (27-10-2020): | ||
"''Zcoin allows users to destroy old coins and obtain new coins that have no previous [[transactions]]. Zcash describes this and other features as a form of “one-click privacy” as easy to use as cash."'' | "''Zcoin allows users to destroy old coins and obtain new coins that have no previous [[transactions]]. Zcash describes this and other features as a form of “one-click privacy” as easy to use as cash."'' | ||
=== Fees === | |||
=== Upgrades === | |||
*[https://cryptobriefing.com/privacy-coin-zcoin-will-rebrand-firo-november/ From] [[Crypto Briefing]] (27-10-2020): | |||
''"Lelantus will offer new features, including “on-by-default” privacy, smaller proof sizes, faster transaction times, and greater ease of use. The update software will be released on Nov. 30, 2020, and will be active on [[mainnet]] by January 2020.'' | |||
''Zcoin will release its Lelantus upgrade on Nov. 30, 2020, coinciding with its Firo rebrand. However, the Lelantus upgrade will not be active on mainnet until January 2021."'' | |||
=== Mining === | === Mining === | ||
* Firo uses the FiroPoW algorithm targeted at [[GPU|GPUs]] ([https://firo.org/about/faq/ 21-11-2022]): | |||
''"FiroPoW is a mining algorithm for GPU mining and designed to be both [[FPGA]] and [[ASIC]] resistant. FiroPoW follows ProgPoW’s 0.9.4 spec with a small change to have the algorithm randomly change with every [[block]]. The starting DAG size will be slightly over 4GB and will increase by 8MB every 1300 blocks (~4.5 days). This DAG size has been chosen to support most modern graphics cards."'' | |||
=== Staking === | === Staking === | ||
=== | * From their [https://firo.org/about/faq/ FAQ] (21-11-2022): | ||
''"[[Masternode|Masternodes]] in Firo are incentivized [[Node|nodes]] that host Firo’s infrastructure and provide additional services such as [[51% Attack|51%]] mining attack protection via LLMQ chain locks and instant sends'' | |||
''To prevent [[Sybil Attack|Sybil attacks]], each masternode requires a collateral of 1000 FIRO backing it to prove skin in the game and encourages honest behaviour.'' | |||
''In return for hosting Firo’s infrastructure and their added services, they earn 50% of the [[Block Reward|block reward]]."'' | |||
=== Scaling === | |||
=== Different Implementations === | === Different Implementations === | ||
=== Interoperability === | === Interoperability === | ||
=== Other Details === | === Other Details === | ||
== Privacy Method | == Privacy Method == | ||
* From their [https://firo.org/about/faq/ FAQ] (21-11-2022): | |||
''"Firo through the Lelantus protocol allows you to [[Burn Mechanisms|burn]] your coins to destroy them so that they stop existing and then redeem them later for coins that have no previous [[Transaction (Tx)|transaction]] history. The process of burning and redeeming breaks the links between [[Address|addresses]] making transaction graph analysis very difficult.'' | |||
''The burning process destroys the coin so that they stop existing and therefore their transaction history stops there and cannot be traced.'' | |||
''The redemption process involves giving a [[Zero-Knowledge Proofs|zero-knowledge proof]] that you previously burnt coins, without having to show which were the coins you burnt. The freshly redeemed coins appear as new coins with no previous transaction history and hence have no linkage with the original coins that were burnt. In Lelantus, input and change amounts are also hidden.'' | |||
* [https:// | |||
''"Lelantus | |||
'' | ''Firo's upcoming privacy protocol Lelantus Spark takes this idea further with all amounts being hidden and removing the need to 'redeem'. Users can now pass these coins directly between each other without having to expose the output amount. It also adds Spark addresses that are public shareable but cannot be looked up on the [[blockchain]]."'' | ||
== Oracle Method == | |||
== Their Other Projects == | |||
== Roadmap == | == Roadmap == | ||
* Can be found [ | * Can be found [https://firo.org/about/roadmap/ here]. | ||
== | == Usage == | ||
=== Projects that use or built on it === | |||
=== | == Competition == | ||
* From their [https://firo.org/about/faq/ FAQ] (21-11-2022): | |||
* | |||
''"Firo's privacy protocols Lelantus and Lelantus Spark combines very high anonymity sets (~65,000) while relying on well tested cryptographic building blocks that do not require trusted setup.'' | |||
''This compares very favorably to existing solutions like mixers or even ring signatures that typically have limited anonymity sets per transaction (for e.g. [[Monero (XMR)|Monero]] has a ring size of 11). Models that rely on decoys also have weaknesses where deanonymization becomes easier when paying repeatedly to the same entity. Decoy selection algorithms have to be also carefully selected to avoid reducing the effective anonymity set and if ring sizes are not large enough, can be subject to Sybil attacks. Similarly, [[Mimblewimble]] based coins rely highly on high transaction volumes in a block and also have limited resistance towards Sybil attacks. Firo's use of large anonymity pools and sliding windows greatly alleviate these problems.'' | |||
'' | ''Solutions relying on [[Zk-SNARK's|zkSNARKs]] such as the Zerocash protocol used in [[ZCash (ZEC)|Zcash]] offer almost global anonymity sets but rely on complicated new cryptography and more exotic assumptions. They also require a trusted setup which for some represents an unacceptable compromise.'' | ||
''Firo aims to achieve a balance of high anonymity combined with well-established cryptographic building blocks that don't require trust. Lelantus Spark also is designed to be modular that would allow parts to be switched out in an easier fashion as cryptographic advancements come along giving very good flexibility. Spark addresses are also very flexible allowing for a variety of view keys for selective transparency and also efficient [[Multi-Signature|multisig]]/threshold signatures. They also do not require interactivity and can be openly posted since they cannot be searched on the blockchain giving enhanced receiver privacy.'' | |||
'' | ''Also as Firo uses the sliding window approach to privacy instead of decoys, existing chain analysis methods such as used for ring signatures or coin [[Coin Mixer|mixers]] would not work.'' | ||
'' | ''You can view a more detailed comparison and analysis on our [https://firo.org/guide/privacy-coin-comparison.html privacy comparison guide]."'' | ||
== Pros and Cons == | == Pros and Cons == | ||
=== Pros === | === Pros === | ||
Line 92: | Line 130: | ||
* Has had [https://www.coindesk.com/privacy-coin-firo-disables-protocol-investigate-suspicious-transactions multiple] bugs and shut downs in its history. | * Has had [https://www.coindesk.com/privacy-coin-firo-disables-protocol-investigate-suspicious-transactions multiple] bugs and shut downs in its history. | ||
== Team, Funding, | == Team, Funding, Partners == | ||
=== Team === | === Team === | ||
* Full team can be found [here]. | * Full team can be found [https://firo.org/about/team/ here]. | ||
* Has a big Russian and Armenian team. | * Has a big Russian and Armenian team. | ||
* [[Poramin Insom]]; Founder, lead developer | * [[Poramin Insom]]; Founder, lead developer |
Latest revision as of 04:52, 21 November 2022
Total supply | 21.400.000 |
---|
Basics
- Fka Zcoin.
- Announced on:
- Mainnet release: The Lelantus protocol was launched in mid-January 2021.
- Based in:
- Privacy coin.
- According to CMC:
"Zerocoin is a cryptocurrency proposed by Johns Hopkins University professor Matthew D. Green and graduate students Ian Miers and Christina Garman as an extension to the Bitcoin protocol that would add cryptographic anonymity to Bitcoin transactions. With Zcoin’s Zerocoin feature, only the sender and receive would be able to ascertain the exchange of funds in a given transaction, as no transaction histories are linked to the actual coins. Zcoin operates a multi-node model where mining nodes verify blockchain transactions and Znodes store blockchain data."
- "Zerocoin as implemented by Zcoin uses a trusted setup performed by a third party in an academic challenge called the RSA Factoring Challenge in 1991 where the incentive to insert a backdoor is low and there was a sizeable bounty on it to break it. Although this is a decent implementation with a low chance of it being compromised, we believe the whole purpose of blockchain is to build systems that do not require trust, and that same principle applies to our privacy system as well. In fact, Zcoin’s initial release in 2016 was delayed as our founder Poramin Insom spent many months trying to remove trusted setup through the use of RSA UFOs which proved to be unworkable and had to settle for the RSA Factoring Challenge parameters."
History
- From Crypto Briefing (27-10-2020):
"Zcoin was originally built on the Zerocoin protocol, a system that is closely related to Zcash’s Zerocash protocol. In December 2019, it introduced a new protocol (Sigma) which offered various improvements such as anti-counterfeiting measures."
Audits & Exploits
- Bug bounty program can be found here (21-11-2022) and goes up to 50k.
Bugs/Exploits
Zerocoin Protocol Vulnerability and Lelantus Future
- Got a serious vulnerability back in 4-2019. It basically meant their protocol was broken and most projects utilizing Zerocoin stopped their private send functions afterwards. Projects affected were: ZCoin itself, PIVX, Veil, Gravity Coin, Navcoin (who was developing a Zerocoin variant called ZeroCT on their testnet) and NIX. On 19-4-2019 core developer Peter Shugalev found the root cause of the issue and confirmed that it was a failure in the cryptography of the Zerocoin protocol and that it affected all Zerocoin implementations. Forged coins were created, but not exceeding 1% of the circulating supply. The issue was not from a coding error, but from a cryptographic flaw in one of the proofs in the Zerocoin protocol that has existed since its inception.
- Afterwards ZCoin decided (26-4-2019) to abandon the Zerocoin protocol. "Although we believe that Zerocoin can be fixed given sufficient time, we have decided not to dedicate further resources to it. This is in line with our roadmap to transition away from Zerocoin to Sigma, which has no trusted setup, security proofs for all its proof systems, and it has a much simpler construction along with its performance benefits."
- From their website (20-3-2019):
"Sigma is a precursor to our next gen privacy protocol Lelantus developed by our cryptographer Aram Jivanyan which further builds on Sigma and greatly expands its functionality and privacy features by removing the need for fixed denominations in minting and spending. Deploying Sigma gives us the necessary time to develop Lelantus properly while it undergoes academic peer review and further improvements."
Lelantus issues
"The team behind the privacy coin Firo has identified multiple Lelantus transactions that are “suspicious,” according to project steward Reuben Yap. In response, developers have activated their emergency switch to temporarily disable Lelantus to give them time to investigate and identify the issue. “Our core team is working with several parties, including engineers from Trail of Bits (who audited our Lelantus cryptographic library), another cryptographer and a black hat to identify the issue."
This is the second in a pair of challenges that has arisen since the launch on Jan. 14. Less than a week later, Firo experienced a 51% attack that forced it to push a hotfix to address the issue. The Firo devs were able to disable the Lelantus protocol based on a previous vote that gave the core team the ability to temporarily “turn off and on features like Lelantus, chainlocks and instant send.”
"The Firo privacy coin’s Lelantus protocol has been reactivated following a hard fork on April 22. The hard fork took place on block 365544.
The protocol was disabled due to a number of suspicious transactions while the Firo team investigated. This was the second recent obstacle for the protocol, which also underwent a 51% attack earlier this year."
Governance
Admin Keys
DAO
Treasury
Token
Launch
Token allocation
Utility
Token Details
Stablecoin
Technology
- Whitepaper can be found [insert here].
- Code can be viewed here.
- Consensus mechanism:
- Algorithm:
- Virtual Machine:
- Development language used:
Transaction Details
How it works
- Mineable, Proof of Work algorithm by Lyra2z
- Has Tor integration.
- From Crypto Briefing (27-10-2020):
"Zcoin allows users to destroy old coins and obtain new coins that have no previous transactions. Zcash describes this and other features as a form of “one-click privacy” as easy to use as cash."
Fees
Upgrades
- From Crypto Briefing (27-10-2020):
"Lelantus will offer new features, including “on-by-default” privacy, smaller proof sizes, faster transaction times, and greater ease of use. The update software will be released on Nov. 30, 2020, and will be active on mainnet by January 2020.
Zcoin will release its Lelantus upgrade on Nov. 30, 2020, coinciding with its Firo rebrand. However, the Lelantus upgrade will not be active on mainnet until January 2021."
Mining
- Firo uses the FiroPoW algorithm targeted at GPUs (21-11-2022):
"FiroPoW is a mining algorithm for GPU mining and designed to be both FPGA and ASIC resistant. FiroPoW follows ProgPoW’s 0.9.4 spec with a small change to have the algorithm randomly change with every block. The starting DAG size will be slightly over 4GB and will increase by 8MB every 1300 blocks (~4.5 days). This DAG size has been chosen to support most modern graphics cards."
Staking
- From their FAQ (21-11-2022):
"Masternodes in Firo are incentivized nodes that host Firo’s infrastructure and provide additional services such as 51% mining attack protection via LLMQ chain locks and instant sends
To prevent Sybil attacks, each masternode requires a collateral of 1000 FIRO backing it to prove skin in the game and encourages honest behaviour.
In return for hosting Firo’s infrastructure and their added services, they earn 50% of the block reward."
Scaling
Different Implementations
Interoperability
Other Details
Privacy Method
- From their FAQ (21-11-2022):
"Firo through the Lelantus protocol allows you to burn your coins to destroy them so that they stop existing and then redeem them later for coins that have no previous transaction history. The process of burning and redeeming breaks the links between addresses making transaction graph analysis very difficult.
The burning process destroys the coin so that they stop existing and therefore their transaction history stops there and cannot be traced.
The redemption process involves giving a zero-knowledge proof that you previously burnt coins, without having to show which were the coins you burnt. The freshly redeemed coins appear as new coins with no previous transaction history and hence have no linkage with the original coins that were burnt. In Lelantus, input and change amounts are also hidden.
Firo's upcoming privacy protocol Lelantus Spark takes this idea further with all amounts being hidden and removing the need to 'redeem'. Users can now pass these coins directly between each other without having to expose the output amount. It also adds Spark addresses that are public shareable but cannot be looked up on the blockchain."
Oracle Method
Their Other Projects
Roadmap
- Can be found here.
Usage
Projects that use or built on it
Competition
- From their FAQ (21-11-2022):
"Firo's privacy protocols Lelantus and Lelantus Spark combines very high anonymity sets (~65,000) while relying on well tested cryptographic building blocks that do not require trusted setup.
This compares very favorably to existing solutions like mixers or even ring signatures that typically have limited anonymity sets per transaction (for e.g. Monero has a ring size of 11). Models that rely on decoys also have weaknesses where deanonymization becomes easier when paying repeatedly to the same entity. Decoy selection algorithms have to be also carefully selected to avoid reducing the effective anonymity set and if ring sizes are not large enough, can be subject to Sybil attacks. Similarly, Mimblewimble based coins rely highly on high transaction volumes in a block and also have limited resistance towards Sybil attacks. Firo's use of large anonymity pools and sliding windows greatly alleviate these problems.
Solutions relying on zkSNARKs such as the Zerocash protocol used in Zcash offer almost global anonymity sets but rely on complicated new cryptography and more exotic assumptions. They also require a trusted setup which for some represents an unacceptable compromise.
Firo aims to achieve a balance of high anonymity combined with well-established cryptographic building blocks that don't require trust. Lelantus Spark also is designed to be modular that would allow parts to be switched out in an easier fashion as cryptographic advancements come along giving very good flexibility. Spark addresses are also very flexible allowing for a variety of view keys for selective transparency and also efficient multisig/threshold signatures. They also do not require interactivity and can be openly posted since they cannot be searched on the blockchain giving enhanced receiver privacy.
Also as Firo uses the sliding window approach to privacy instead of decoys, existing chain analysis methods such as used for ring signatures or coin mixers would not work.
You can view a more detailed comparison and analysis on our privacy comparison guide."
Pros and Cons
Pros
Cons
- Has had multiple bugs and shut downs in its history.
Team, Funding, Partners
Team
- Full team can be found here.
- Has a big Russian and Armenian team.
- Poramin Insom; Founder, lead developer
- Peter Shugalev; core dev
- Reuben Yap; first employee and community manager
- Ian Miers, one of the authors of Zerocoin
- Aizensou, dev
- Tadhg Riordan, Developer
- Snguyen, Developer
- Aram Jivanyan; cryptographer
- Andrey Bezrukov; C++ Developer
- Hung Nguyen @ Herofire, Developer
- + Zachary Diebold, Developer
- + Sandra Yap, Media and Relations
- + Sebastian Mack, Community Support
- + Reuben Yap promoted to Chief Operating Officer
Funding
- Tim Lee; first investor