Firo (XZC)

Firo

Total supply	21.400.000

Basics

• Fka Zcoin.

• Announced on:
• Mainnet release: The Lelantus protocol was launched in mid-January 2021.
• Based in:
• Privacy coin.
• According to CMC:

"Zerocoin is a cryptocurrency proposed by Johns Hopkins University professor Matthew D. Green and graduate students Ian Miers and Christina Garman as an extension to the Bitcoin protocol that would add cryptographic anonymity to Bitcoin transactions. With Zcoin’s Zerocoin feature, only the sender and receive would be able to ascertain the exchange of funds in a given transaction, as no transaction histories are linked to the actual coins. Zcoin operates a multi-node model where mining nodes verify blockchain transactions and Znodes store blockchain data."

• "Zerocoin as implemented by Zcoin uses a trusted setup performed by a third party in an academic challenge called the RSA Factoring Challenge in 1991 where the incentive to insert a backdoor is low and there was a sizeable bounty on it to break it. Although this is a decent implementation with a low chance of it being compromised, we believe the whole purpose of blockchain is to build systems that do not require trust, and that same principle applies to our privacy system as well. In fact, Zcoin’s initial release in 2016 was delayed as our founder Poramin Insom spent many months trying to remove trusted setup through the use of RSA UFOs which proved to be unworkable and had to settle for the RSA Factoring Challenge parameters."

History

• From Crypto Briefing (27-10-2020):

"Zcoin was originally built on the Zerocoin protocol, a system that is closely related to Zcash’s Zerocash protocol. In December 2019, it introduced a new protocol (Sigma) which offered various improvements such as anti-counterfeiting measures."

Audits & Exploits

• Bug bounty program can be found here (21-11-2022) and goes up to 50k.

Bugs/Exploits

Zerocoin Protocol Vulnerability and Lelantus Future

• Got a serious vulnerability back in 4-2019. It basically meant their protocol was broken and most projects utilizing Zerocoin stopped their private send functions afterwards. Projects affected were: ZCoin itself, PIVX, Veil, Gravity Coin, Navcoin (who was developing a Zerocoin variant called ZeroCT on their testnet) and NIX. On 19-4-2019 core developer Peter Shugalev found the root cause of the issue and confirmed that it was a failure in the cryptography of the Zerocoin protocol and that it affected all Zerocoin implementations. Forged coins were created, but not exceeding 1% of the circulating supply. The issue was not from a coding error, but from a cryptographic flaw in one of the proofs in the Zerocoin protocol that has existed since its inception.
• Afterwards ZCoin decided (26-4-2019) to abandon the Zerocoin protocol. "Although we believe that Zerocoin can be fixed given sufficient time, we have decided not to dedicate further resources to it. This is in line with our roadmap to transition away from Zerocoin to Sigma, which has no trusted setup, security proofs for all its proof systems, and it has a much simpler construction along with its performance benefits."
• From their website (20-3-2019):

"Sigma is a precursor to our next gen privacy protocol Lelantus developed by our cryptographer Aram Jivanyan which further builds on Sigma and greatly expands its functionality and privacy features by removing the need for fixed denominations in minting and spending. Deploying Sigma gives us the necessary time to develop Lelantus properly while it undergoes academic peer review and further improvements."

Lelantus issues

• From CoinDesk (27-2-2021):

"The team behind the privacy coin Firo has identified multiple Lelantus transactions that are “suspicious,” according to project steward Reuben Yap. In response, developers have activated their emergency switch to temporarily disable Lelantus to give them time to investigate and identify the issue. “Our core team is working with several parties, including engineers from Trail of Bits (who audited our Lelantus cryptographic library), another cryptographer and a black hat to identify the issue."

This is the second in a pair of challenges that has arisen since the launch on Jan. 14. Less than a week later, Firo experienced a 51% attack that forced it to push a hotfix to address the issue. The Firo devs were able to disable the Lelantus protocol based on a previous vote that gave the core team the ability to temporarily “turn off and on features like Lelantus, chainlocks and instant send.”

• From CoinDesk (1-3-2021):

"The Firo privacy coin’s Lelantus protocol has been reactivated following a hard fork on April 22. The hard fork took place on block 365544.

The protocol was disabled due to a number of suspicious transactions while the Firo team investigated. This was the second recent obstacle for the protocol, which also underwent a 51% attack earlier this year."

Governance

Admin Keys

DAO

Treasury

Token

Launch

Token allocation

Utility

Token Details

Stablecoin

Technology

• Whitepaper can be found [insert here].
• Code can be viewed here.
• Consensus mechanism:
• Algorithm:
• Virtual Machine:
• Development language used:

Transaction Details

• Capacity (TPS):
• Latency:

How it works

• Mineable, Proof of Work algorithm by Lyra2z
• Has Tor integration.
• From Crypto Briefing (27-10-2020):

"Zcoin allows users to destroy old coins and obtain new coins that have no previous transactions. Zcash describes this and other features as a form of “one-click privacy” as easy to use as cash."

Fees

Upgrades

• From Crypto Briefing (27-10-2020):

"Lelantus will offer new features, including “on-by-default” privacy, smaller proof sizes, faster transaction times, and greater ease of use. The update software will be released on Nov. 30, 2020, and will be active on mainnet by January 2020.

Zcoin will release its Lelantus upgrade on Nov. 30, 2020, coinciding with its Firo rebrand. However, the Lelantus upgrade will not be active on mainnet until January 2021."

Mining

• Firo uses the FiroPoW algorithm targeted at GPUs (21-11-2022):

"FiroPoW is a mining algorithm for GPU mining and designed to be both FPGA and ASIC resistant. FiroPoW follows ProgPoW’s 0.9.4 spec with a small change to have the algorithm randomly change with every block. The starting DAG size will be slightly over 4GB and will increase by 8MB every 1300 blocks (~4.5 days). This DAG size has been chosen to support most modern graphics cards."

Staking

• From their FAQ (21-11-2022):

"Masternodes in Firo are incentivized nodes that host Firo’s infrastructure and provide additional services such as 51% mining attack protection via LLMQ chain locks and instant sends

To prevent Sybil attacks, each masternode requires a collateral of 1000 FIRO backing it to prove skin in the game and encourages honest behaviour.

In return for hosting Firo’s infrastructure and their added services, they earn 50% of the block reward."

Scaling

Different Implementations

Interoperability

Other Details

Privacy Method

• From their FAQ (21-11-2022):

"Firo through the Lelantus protocol allows you to burn your coins to destroy them so that they stop existing and then redeem them later for coins that have no previous transaction history. The process of burning and redeeming breaks the links between addresses making transaction graph analysis very difficult.

The burning process destroys the coin so that they stop existing and therefore their transaction history stops there and cannot be traced.

The redemption process involves giving a zero-knowledge proof that you previously burnt coins, without having to show which were the coins you burnt. The freshly redeemed coins appear as new coins with no previous transaction history and hence have no linkage with the original coins that were burnt. In Lelantus, input and change amounts are also hidden.

Firo's upcoming privacy protocol Lelantus Spark takes this idea further with all amounts being hidden and removing the need to 'redeem'. Users can now pass these coins directly between each other without having to expose the output amount. It also adds Spark addresses that are public shareable but cannot be looked up on the blockchain."

Oracle Method

Their Other Projects

Roadmap

• Can be found here.

Usage

Projects that use or built on it

Competition

• From their FAQ (21-11-2022):

"Firo's privacy protocols Lelantus and Lelantus Spark combines very high anonymity sets (~65,000) while relying on well tested cryptographic building blocks that do not require trusted setup.

This compares very favorably to existing solutions like mixers or even ring signatures that typically have limited anonymity sets per transaction (for e.g. Monero has a ring size of 11). Models that rely on decoys also have weaknesses where deanonymization becomes easier when paying repeatedly to the same entity. Decoy selection algorithms have to be also carefully selected to avoid reducing the effective anonymity set and if ring sizes are not large enough, can be subject to Sybil attacks. Similarly, Mimblewimble based coins rely highly on high transaction volumes in a block and also have limited resistance towards Sybil attacks. Firo's use of large anonymity pools and sliding windows greatly alleviate these problems.

Solutions relying on zkSNARKs such as the Zerocash protocol used in Zcash offer almost global anonymity sets but rely on complicated new cryptography and more exotic assumptions. They also require a trusted setup which for some represents an unacceptable compromise.

Firo aims to achieve a balance of high anonymity combined with well-established cryptographic building blocks that don't require trust. Lelantus Spark also is designed to be modular that would allow parts to be switched out in an easier fashion as cryptographic advancements come along giving very good flexibility. Spark addresses are also very flexible allowing for a variety of view keys for selective transparency and also efficient multisig/threshold signatures. They also do not require interactivity and can be openly posted since they cannot be searched on the blockchain giving enhanced receiver privacy.

Also as Firo uses the sliding window approach to privacy instead of decoys, existing chain analysis methods such as used for ring signatures or coin mixers would not work.

You can view a more detailed comparison and analysis on our privacy comparison guide."

Pros and Cons

Pros

Cons

• Has had multiple bugs and shut downs in its history.

Team, Funding, Partners

Team

• Full team can be found here.
• Has a big Russian and Armenian team.
• Poramin Insom; Founder, lead developer
• Peter Shugalev; core dev
• Reuben Yap; first employee and community manager
• Ian Miers, one of the authors of Zerocoin
• Aizensou, dev
• Tadhg Riordan, Developer
• Snguyen, Developer
• Aram Jivanyan; cryptographer

• Andrey Bezrukov; C++ Developer

• Hung Nguyen @ Herofire, Developer

• + Zachary Diebold, Developer
• + Sandra Yap, Media and Relations
• + Sebastian Mack, Community Support
• + Reuben Yap promoted to Chief Operating Officer

Funding

• Tim Lee; first investor

Partners