Pre-migration documentation. This site reflects the pre-migration state of the protocol. It’s mostly current, but a few edges may not match ZERA at launch. We’re finalizing the new, detailed ZERA docs now. Thanks for your patience.
Security Analysis
Cryptographic Primitives and Post‑Quantum Considerations
Comprehensive security analysis of the zero‑knowledge cash system, covering cryptographic primitives, security guarantees, and quantum resistance.
8.1 Cryptographic Primitives
The system relies on multiple primitives, each with specific security properties and quantum‑resistance characteristics.
| Cryptographic Primitive | Mathematical Definition | Security Properties | Quantum Resistance |
|---|---|---|---|
| Group G (entropy) | S0 subset of G | DLP hardness, high Renyi entropy | Vulnerable to Shor |
| Homomorphic map phi_H | S_(i+1) = phi_H(S_i) | Structure preservation | Depends on group |
| Pedersen Commitment | g^m · h^r | Binding, hiding, homomorphic | DLP‑based |
| ZK Proof System | (Prove, Verify) | Completeness, soundness, zero‑knowledge | Protocol‑dependent |
| Oracle System | Timestamp authority signatures | Non‑repudiation, time ordering | Signature‑dependent |
8.3 Post‑Quantum Considerations
Group‑Theoretic PQ Schemes
Alternatives such as WalnutDSA or IronwoodKAP provide quantum‑resistant constructions that resist Shor‑type attacks.
Code/Lattice‑Based Commitments
Homomorphic commitments with ZK proofs over modular lattices offer quantum‑resistant security without discrete logarithms.
Security Recommendations
- Use 256‑bit security parameters for current deployments
- Plan quantum‑resistant options for long‑term security
- Schedule regular audits of crypto implementations
- Monitor advances in quantum computing capabilities
- Prepare migration paths to post‑quantum primitives
Implementation Security
- Constant‑time cryptographic operations
- Secure random number generation everywhere
- Memory protection for sensitive material
- Formal verification of critical components