mailman-lists-archive/pipermail/zapps-wg/2018/000307.html

107 lines
5.1 KiB
HTML

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML>
<HEAD>
<TITLE> [zapps-wg] Cut-off date for Powers of Tau Contributions
</TITLE>
<LINK REL="Index" HREF="/pipermail/zapps-wg/2018/index.html" >
<LINK REL="made" HREF="mailto:zapps-wg%40lists.zfnd.org?Subject=Re%3A%20%5Bzapps-wg%5D%20Cut-off%20date%20for%20Powers%20of%20Tau%20Contributions&In-Reply-To=%3CCAKazn3nJwzuxiQSHd94Xc8Seg5zM0G%3DA2vv-8oD7r8cAScZiYw%40mail.gmail.com%3E">
<META NAME="robots" CONTENT="index,nofollow">
<style type="text/css">
pre {
white-space: pre-wrap; /* css-2.1, curent FF, Opera, Safari */
}
</style>
<META http-equiv="Content-Type" content="text/html; charset=us-ascii">
<LINK REL="Previous" HREF="000305.html">
<LINK REL="Next" HREF="000308.html">
</HEAD>
<BODY BGCOLOR="#ffffff">
<H1>[zapps-wg] Cut-off date for Powers of Tau Contributions</H1>
<B>Sean Bowe</B>
<A HREF="mailto:zapps-wg%40lists.zfnd.org?Subject=Re%3A%20%5Bzapps-wg%5D%20Cut-off%20date%20for%20Powers%20of%20Tau%20Contributions&In-Reply-To=%3CCAKazn3nJwzuxiQSHd94Xc8Seg5zM0G%3DA2vv-8oD7r8cAScZiYw%40mail.gmail.com%3E"
TITLE="[zapps-wg] Cut-off date for Powers of Tau Contributions">sean at z.cash
</A><BR>
<I>Fri Mar 9 14:17:18 EST 2018</I>
<P><UL>
<LI>Previous message (by thread): <A HREF="000305.html">[zapps-wg] Cut-off date for Powers of Tau Contributions
</A></li>
<LI>Next message (by thread): <A HREF="000308.html">[zapps-wg] Cut-off date for Powers of Tau Contributions
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#307">[ date ]</a>
<a href="thread.html#307">[ thread ]</a>
<a href="subject.html#307">[ subject ]</a>
<a href="author.html#307">[ author ]</a>
</LI>
</UL>
<HR>
<!--beginarticle-->
<PRE>As far as security goes, we've successfully guarded against all but
the most elaborate and unrealistic attack scenarios. The remaining
threats require some combinatorial explosion of individually
sophisticated attacks or breakthroughs, like stealthy backdoors in the
Rust compiler and still for many participants to be colluding in
secret, somehow without leaving evidence behind.
We don't need an absolutely perfect ceremony to get strong privacy
guarantees, we get that already even with a totally compromised
ceremony. We *could* continue to invest time and resources for many
more months or years in order to make us marginally more resistant to
these absurd attack scenarios, but by the time we'd be finished with
the ceremony we'll probably have better proving systems available
anyway. It's silly to let privacy languish in the meantime.
I think we did the best with the time we had, but if you disagree,
remember that all of this can be extended and improved by anyone, even
after this ceremony is done!
Sean
On Fri, Mar 9, 2018 at 11:06 AM, Peter Todd &lt;<A HREF="/mailman/listinfo/zapps-wg">pete at petertodd.org</A>&gt; wrote:
&gt;<i> On Fri, Mar 09, 2018 at 04:49:37PM +0000, Devrandom wrote:
</I>&gt;&gt;<i> Hi all,
</I>&gt;&gt;<i>
</I>&gt;&gt;<i> I have some concerns about the lack of diversity of contributions:
</I>&gt;&gt;<i>
</I>&gt;&gt;<i> - most (all?) of the contributions used a distributed Rust toolchain, which
</I>&gt;&gt;<i> suffers from the &quot;trusting-trust&quot; issue since they are self-compiled. I
</I>&gt;&gt;<i> don't think I've seen any contributions using the mrustc build path.
</I>&gt;&gt;<i> - there were very few contributions (two?) using the golang implementation
</I>&gt;&gt;<i> - no attempt has been made to replicate the deterministic golang build
</I>&gt;&gt;<i> - people did not capture the binary they used, so we can't do forensics in
</I>&gt;&gt;<i> case of future questions
</I>&gt;&gt;<i> - there were no contributions using alternative processor architectures
</I>&gt;&gt;<i> (e.g. ARM64). I believe this is possible using the golang implementation.
</I>&gt;&gt;<i> - there was a lot of focus on destroying toxic waste and not enough on the
</I>&gt;&gt;<i> trustworthiness of the tools
</I>&gt;<i>
</I>&gt;<i> I agree with all these points, particularly the latter: we should be focused on
</I>&gt;<i> genuine security, not flashy marketing stunts. (indeed, I regret the way my own
</I>&gt;<i> participation was marketted the last time around)
</I>&gt;<i>
</I>&gt;<i> --
</I>&gt;<i> <A HREF="https://petertodd.org">https://petertodd.org</A> 'peter'[:-1]@petertodd.org
</I>
</PRE>
<!--endarticle-->
<HR>
<P><UL>
<!--threads-->
<LI>Previous message (by thread): <A HREF="000305.html">[zapps-wg] Cut-off date for Powers of Tau Contributions
</A></li>
<LI>Next message (by thread): <A HREF="000308.html">[zapps-wg] Cut-off date for Powers of Tau Contributions
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#307">[ date ]</a>
<a href="thread.html#307">[ thread ]</a>
<a href="subject.html#307">[ subject ]</a>
<a href="author.html#307">[ author ]</a>
</LI>
</UL>
<hr>
<a href="/mailman/listinfo/zapps-wg">More information about the zapps-wg
mailing list</a><br>
</body></html>