ANON — Addressing the zk-SNARKs Vulnerability

Code Upgrade & Supply Audit

On February 5th 2019, ZCash developers released a blog revealing a code vulnerability discovered that could potentially be exploited to create counterfeit currency undetected. This vulnerability was researched and remedied within ZCash via the Sapling upgrade implemented in October 2018. With the exception of Horizen and Komodo which were informed early — this vulnerability continues to exist and affect any project that depends on the original Sprout system that was distributed in the initial launch of ZCash.

Upon the news release — the ANON team immediately mobilized to address the vulnerability. Below are the current plans to address the code base and supply.

Image for post
Image for post

Yes — After reviewing the released technical information, it was determined that ANON is vulnerable. The ANON code base was created utilizing ZCash version 1.x which includes the faulty code.

ANON will be implementing a subset of Sapling features that address the core zk-SNARKs vulnerability within the codebase. Work on the fix has been in progress since the vulnerability was revealed, and is anticipated to be ready by March 31st.

Furthermore, to verify supply and ensure the exploit was not used — ANON will move forward with burning all Z addresses removing any shielded coins. This will allow the team to audit supply and see any anomalies, ensuring future stability.

The code for the upgrade has been in progress and is projected to be completed by the end of March. Initial efforts were made to develop a hotfix for immediate release. However, as coding progressed it was found that ANON would first need to incorporate updated ZCash code in order to integrate the Sapling subset properly. This will be followed by testing and troubleshooting, and a buffer prior to the burning of Z addresses to give notice and time for the community to move their ANON to transparent addresses.

Consistent efforts will be made to raise awareness. The timing is weighted to balance the urgency to address the vulnerability as quickly as possible, ensure adequate testing before release, and allow the community ample time to be made aware and move any shielded coins.

Once the burn has taken place, the team will review the supply to ensure the results remain consistent with scheduled supply metrics. After this has taken place, Z addresses and shielded transactions will be reactivated.

The team will be implementing a subset of Sapling features (Groth16) that address the vulnerability.

  • zk-SNARKs sprout circuit: Groth16 which replaces the previous “Type 2” transaction with “Type 3”
  • Introduction of “Type 3” shielded transactions. These new transactions will use a zero-knowledge proving system based on the aforementioned Groth16. The previously used “Type 2” shielded transactions utilized PHGR13 pinocchio protocol as their proving system.

No — full SAPLING remains scheduled for ANON per the development roadmap and will be implemented. This subset implementation allows the team the fastest possible response to the vulnerability and supply concerns of 3rd parties.

Yes — the halting of Z address usage and burning of shielded coins are brief, temporary actions to address the vulnerability and supply authenticity. Once the burn has occurred and the update completed, all core privacy functions will be restored.

No — the team does not anticipate the update affecting Superblocks activation.

No — the team does not anticipate any major deviations from the existing development goals. The order of deliverables may alter slightly as resources get pulled to focus on unforeseen issues. However, the net difference should be negligible.

No — the COPAY wallet solution can move forward as planned with some minor tweaks.

The accelerated roadmap via partial implementation of Sapling will enable a number of optimization opportunities for ANON in the coming months. Likewise, the auditing of supply will assure current and future 3rd parties of ANON’s supply metrics. We thank the ZCash team for their responsible disclosure of the vulnerability, technical specifics and means to address.

If you have any questions or concerns, please reach out to us via our social channels.

Image for post

The ANON Development and Admin teams are also active in open communication within the ANON socials. We encourage all community members to participate, debate and foster dialogue that will continue to propel the project forward. #WeAreANON

ANON Telegram: https://t.me/ANONFork
ANON Discord: https://discord.gg/2yTdK6s
ANON Twitter: https://twitter.com/ANON_WeAreANON

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store