jgiszczak
commented
5 years ago There are no plans to implement support for zk-SNARKs or zk-STARKs in the baseline code.
EOS.IO is well equipped to run the verifier program in a zk-SNARK scheme. Execution time of a contract on chain is limited such that some zk-STARK verifications may fail due to excessive CPU usage. Transaction throughput of a zk-SNARK verifier on any individual account is limited by the network bandwidth staked. A substantial stake would likely be required for more than the throughput used by the typical daily transaction rate of an individual as zk-SNARK payloads are very large (in excess of 9 MB).
Anonymous transactions using the native token transfer functions of EOS.IO are not possible.
As a block-chain user I want 3 things: (1) SCALABILITY, (2a) CENSORSHIP RESISTANCE and (2b) ANONYMITY.
(1) SCALABILITY: seems to be addressed with block producers (BPs) doing TX validation and dPoS. And if they earn something like 1% in the process, then I can live with that, since they at least provide a service to the EOS community.
(2a) CENSORSHIP RESISTANCE: is the whole point of block-chains. If you cannot have it, then stop talking, go home and build a centralized database -- it's called a "bank".
(2b) ANONYMITY: is actually what I care most about! ANONYMITY does cover CENSORSHIP RESISTANCE, since if all TXs are anonymous, then nobody can censor you (provided the network remains stable).
ANONYMITY mitigates also the low number of BPs, which will probably grow over time very powerful, and hence might develop outlandish ideas like (command and) control. So, my minimal requirement for a functional block-chain is reduced to two points:
(1) SCALABILITY (using which ever technology, i.e. dPoS, PoS or PoW), and
(2) Full ANONYMITY for all TXs (implies CENSORSHIP RESISTANCE).
You could add a point (3) DECENTRALIZATION (also implying CENSORSHIP RESISTANCE), but in this context that's a no-brainer. After this theoretical chit-chat, my (practical) question(s):
(a) Does EOS (plan to) support (fully or selectively) anonymous TXs?
(b) Are there plans to use zk-SNARKs, or better zk-STARKs?
(c) If the base EOS layer does not support anonymous TXs, would it be technically possible to implement anonymous TXs using smart contracts on top of EOS?
What I would love to have, is a system where the average common man has full privacy via anonymous TXs (by default), but we can insist on public entities (like governments, local bodies etc.) to have (selectively) public TXs. Is that possible? I don't consider pseud-anonymous systems like Bitcoin (or Ethereum) as safe, since such public bock-chains are susceptible to third party analysis.