Security issue in ZKP prover: trivial solution to NP-hard factorization problem

[Recognition2]

When generating a zero-knowledge proof, an N exists, and (nearly) all calculations are performed in modulo N.
This N is, at the moment, generated by a "Trusted Third Party". The reason such an entity is needed is because the security of the protocol depends on neither the Prover nor the Verifier being in possession of the factorization of N.

In reality, there is of course no Trusted Party. Because N is generated as the multiplication of two large primes p and q, this is a problem. If the Prover generates N, then they are implicitly in possession of p and q. This means that in modulo N, they MAY be able to generate fake proofs using the factorisation of N they just calculated. We are not completely sure of this, it will be a research topic of @eanker and myself.

It is also unpractical to let N be generated by any random bystander, as we are currently unsure of the security implications of this. In the worst case scenario, the Prover fakes asking the "random bystander" and generates it themselves.

In the meantime, while our research progresses, we are letting the Prover generate p and q.
This means that for the moment all proofs generated should be considered dangerously insecure.

[LiamClark]

In respect to the conversation with quinten can we close this?