Christina Garman

Conducted a formal security analysis and helped draft the threat model for the Zerocoin protocol, which gave Zcoin developers criteria for validating the implementation. Documented security assumptions and analysis frameworks were used to verify the minting and burning coin implementation in the client software. Actively interacted with the community of practitioners and answered questions about the applicability of theoretical guarantees in public networks, providing materials that developers used when adapting parameters and choosing revocation and audit mechanisms. Practical conclusions from the analysis helped in planning auditors and test procedures prior to releases of major updates. Through her publications and comments, she contributed to identifying risk areas in the original design, which accelerated the work of teams working on the design of Sigma and Lelantus as an evolution of the solution. Technical recommendations influenced what compromises regarding proof sizes and computational costs were permissible in the reference implementation. The result of her contribution was that privacy implementation in the project relied on formally provable protocol properties rather than only empirical methods, reducing uncertainty during releases and network updates.