According to a disclosure made Tuesday by the development team behind ZCash, the most highly capitalized privacy-focused cryptocurrency (with a market cap in excess of $270M at the time of publication), has secretly fixed a critical security flaw in ZCash’s design, which was discovered by ZCash cryptographer, Ariel Gabizon, about a year ago.
Last March while preparing a presentation for a cryptography finance conference the following day, Gabizon discovered a crucial flaw in the cryptographic functions underlying zk-SNARKS, an implementation of zero-knowledge proofs used by ZCash and other privacy coins to give users the option of greater privacy though true cryptographic anonymity.
ZCash says the vulnerability (which was so subtle that the world’s top cryptography experts have overlooked it for years) did not threaten the network’s anonymity in any way but could have been manipulated by hackers to create an unlimited amount of counterfeit ZCash.
Had the security flaw been discovered by a more unscrupulous developer, it could have been exploited to steal potentially millions of dollars from ZCash users before being discovered and perhaps irreparably damaging the market’s trust in the privacy coin.
Read the full story on CCN.com.