In a world where our personal information, interests and activities are being increasingly tracked and documented, it’s little surprise cryptocurrencies that offer users anonymity continue to remain popular despite efforts from regulators and exchanges to restrict their accessibility.
In a 2021 Big Brother Brands report, companies like Uber and Meta (formerly Facebook) were found to harvest between 56.41% and 79.49% of their users’ personal information, respectively. If the controversial Meta-backed diem digital currency successfully launches to the masses (big IF,) Meta will inevitably gain access to its users’ transaction data. This means not only will the tech giant know who you are and what you like, but it will also know what you buy and how much you spend.
Zcash is one of the leading digital currency blockchains that looks to address this snowballing issue and seeks to return power and privacy to its users.
This article is part of CoinDesk’s Privacy Week series.
What is Zcash?
Zcash is a privacy-focused, blockchain-based payments network that uses zero-knowledge proofs (ZKPs) to shield transactions, making the contents of a transaction private even on a public blockchain. Born out of the Zerocash protocol, Zcash forked from the Bitcoin blockchain in 2016. Its native token, zcash, uses the ticker symbol ZEC.
Read more: What Are Privacy Coins and Are They Legal?
ZKPs are the product of a cryptographic technique that dates back to 1980. They allow two parties to verify information with each other without sharing the underlying data related to this information. For example, you can prove that you are over 21 years old without having to reveal your actual date of birth (or any other extraneous information that some forms of identification, like your driver’s license, might contain).
The Electric Coin Company (ECC), which created Zcash, added Zero-Knowledge Succinct Non-Interactive Argument of Knowledge, or “zk-SNARKs” to the ZKP toolkit.
This cryptographic advancement basically allows shielded Zcash transactions to be fully encrypted on the blockchain while still allowing the transaction to be verified as valid by the network’s consensus.
With Zcash, there are two types of addresses:
Transparent addresses: Transactions with transparent addresses, or t-addresses, can be tracked on the Zcash blockchain the same way Bitcoin’s can.Shielded addresses: Shielded addresses, or z-addresses, are encrypted, meaning you aren’t able to see the data on the blockchain so transactions sent to them aren’t visible, nor are the amount of funds z-addresses hold.
If a t-address sends funds to a z-address, observers won’t be able to tell where they went. If a z-address sends a transaction to another z-address the transaction is entirely shielded from prying eyes, offering one of the most private and secure options on the market.
How Zcash has changed in recent years
Since its fork in 2016, Zcash has continued to iterate on the core services it offers and expand on them. Some big improvements over the last couple of years include Halo, a “trustless recursive” version of ZKPs; the release of an open-source, shielded-first, fully functional Zcash wallet in 2020; and the Heartwood Network Upgrade activation, also in 2020, which added Shielded Coinbase and FlyClient support.
Not to mention an increase in institutional support and the first-ever Zcash halving.
Halo and Halo 2
Zcash launched Halo in 2019, a new zk-SNARK that addressed two criticisms the privacy coin faced: scalability and trusted setups.
Zcash was launched with a trusted setup. A trusted setup creates a secret number, and a derivative of that number is used by the Zcash protocol. This number is created in multiple parts by multiple actors. They all must then destroy what’s known as “cryptographic toxic waste” without revealing what it was. A trusted setup would have had to occur at each hard fork.
But if no one destroys that waste through intentional planning, or if the secret number is figured out, then it would provide a fundamental flaw in the protocol and even allow the individual(s) that discovered it to create Zcash tokens arbitrarily without anyone’s knowledge.
Halo eliminated the need for a trusted setup and the “cryptographic toxic waste that went with it.
As CoinDesk Chief Content Officer Michael Casey wrote at the time of the Halo announcement:
“Halo allows a user to both prove that no one involved in the initial establishment of a large-scale, zero-knowledge proof system has created a secret backdoor with which to later amend the code and that that secure state has existed over the course of ongoing updates and changes to the system. Until now the risk of fraud at setup meant that zero-knowledge proofs often required elaborate, costly procedures at the outset to instill confidence in users.”
A trusted setup made zero-knowledge proofs, which are still fairly nascent, bulky and somewhat impractical for actions other than proving one-off individual facts.
“To be sure, one-off trustless solutions known as ‘bulletproofs’ have been around since 2017, but they lack the recursive quality needed to verify the ever-accumulating information within a large, growing, changing database,” wrote Casey.
Halo improves on ZKPs and allows them to compress any amount of data into a short proof that can be checked quickly, according to Steven Smith, director of engineering at ECC. The removal of a trusted setup is a key “step toward our Scalability 2021 initiative,” said Smith in an email.
Halo 2, announced in 2020, iterated on Halo by using PLONK, a novel z-SNARK, rather than “Sonic” to verify transactions. PLONK is more efficient than Sonic, and would better enable further scaling of Zcash as well as move it closer to being able to eliminate a trusted setup.
At its heart, PLONK is an instance of a proof that can verify itself, “allowing any amount of computational effort and data to produce a short proof that can be checked quickly,” according to the Halo 2 blog post.
In December 2019, Zcash started the development of its ECC Reference wallet, a light client reference wallet that let shielded transactions in Sapling (an upgrade that enabled significant efficiency improvements for shielded transactions) work on mobile devices. This reference wallet was a blueprint ECC hoped others would take up and build upon, while providing additional feedback.
Then, in June, ECC released an open-source, shielded-first, fully functional Zcash wallet that showcases its software development kit (a collection of software development tools in one installable package) for demonstration and testing.
One goal was “making sure at least 40% of the world could read and understand the ECC reference wallet,” said Smith. With the help of the community, the app was translated from English into five languages: Simplified Chinese, Russian, Spanish, Italian and Korean.
“Additionally, and due in large part to the work on our SDKs, Unstoppable became the first multi-currency wallet to enable shielded Zcash support on iOS and Android,” said Smith.
Heartwood Network Upgrade
In July 2020 ECC launched the Heartwood Network Upgrade activation, which added Shielded Coinbase and FlyClient support. Shielded Coinbase allowed Zcash users to have completely shielded ZEC from its creation, increasing privacy further. It also gave miners the option to get mining rewards issued immediately into a z-address. Luxor and Poolin, two mining pools that represent nearly 40% of Zcash mining hash power, have implemented shielded Coinbase.
FlyClient provides a more efficient method for “light-client block-header verification” or verifying the blocks on a blockchain, and could increase the utility and market for Zcash. FlyClient enables light client use-cases and a class of cross-chain interoperability efforts like tZEC, an Ethereum-compatible ZEC token.
Zcash underwent its first halving at the tail end of 2020, triggering a cut in miners’ block rewards from 6.25 ZEC to 3.125 ZEC, and launched the network’s fifth upgrade, Canopy, which did away with the controversial “Founders Fund,” which some members of the Zcash community felt gave too much ZEC tokens back to the founders.
Instead, 8% of mining rewards will now be allocated to the Major Grants Fund, managed by the Major Grants Review Committee (MGRC), which will be made up of a community-nominated five-member committee. The fund will fuel development and adoption efforts, separate from the work being done by the ECC and Zcash Foundation.
Halo Arc Update
ECC announced the next suite of upgrades to Zcash – Halo Arc.
Halo Arc includes updates to Zcashd (Zcash’s consensus node), an ECC wallet prototype and the ECC wallet software development kits (SDKs). The wallet will enable shielded-by-default transactions, something that is merely optional for Zcash right now.
After a number of delays, Halo Arc is set to launch on April 18, 2022, in coordination with the activation of Zcash’s Network Upgrade 5 (NU5). NU5 will be the first mainnet activation of the Halo proving system, furthering the development of zero-knowledge-proof cryptography.
The protocol upgrade will also introduce unified addresses, a feature that creates a single Zcash address that is compatible across all Zcash value pools, including shielded and transparent ones so that users no longer have to juggle multiple address types. At present, protocol upgrades at times required new address formats.
Issues to overcome
Zcash has a few challenges to overcome.
“Like with all cryptocurrencies, there could be vulnerabilities or issues that we’re unaware of,” said Josh Swihart, VP of Growth at ECC. “Though the likelihood of an exploit is probabilistically nil, for some, Zcash’s trusted setup is a risk.”
The hope is a larger implementation of Halo 2 in 2022 will be able to do away with trusted setups and eliminate the “toxic waste” that is a byproduct of them.
“Zcash will also need better scalability if it is to be used for global payments by billions of people,” said Swihart.
Finally, there is the delisting of privacy coins such as Zcash from some exchanges that could continue to be an issue. Core privacy features built into protocols like Zcash and Monero have caused concern among regulators and policymakers due to their ability to conceal illicit activity. Cryptocurrency exchanges Shapeshift and BitMEX are among those that have delisted ZEC (as well as XMR and DASH), allegedly due to regulatory pressure. At the same time though, in September 2020, cryptocurrency exchange Gemini was the first exchange to allow users to withdraw Zcash with its anonymizing feature.
“Since the release in September, 11.8% of Zcash withdrawals on Gemini were sent to shielded addresses,” read Electric Coin Company’s 2020 recap of Zcash.
“In terms of what we haven’t progressed on as fast as we would have liked, we had hoped to have made more progress on shielded hardware wallet support,” said Smith.
The future of Zcash
Zcash’s Halo and Halo 2 developments offer the best opportunity for the privacy coin to address some of its most prominent criticisms. But the potential for privacy coins to be delisted by exchanges doesn’t appear to be decreasing and looks to be an ongoing forest to navigate. But when it comes to privacy coins, and previous contenders like Dash who have all but abandoned the label and protections, Zcash is squarely in the conversation of the top privacy coins and will continue to march ahead as such.
Transition to proof-of-stake
On Nov. 19, 2021, ECC announced plans to migrate Zcash away from its proof-of-work consensus mechanism based on the equihash algorithm to a more energy-efficient and interoperable staking-based system.
The CEO of ECC, Zooko Wilcox-O’Hearn, floated the idea of such a transition in a blog post earlier that year, citing the change would “[eliminate] the downward pressure on the price of ZEC and [add] additional utility for ZEC.” He was referring to the current situation where Zcash miners are forced to sell an amount of the coins they mine to cover running costs, serving to suppress the price of ZEC.
Furthermore, staking would provide additional utility and allow more users to participate in validating transactions on the network in exchange for rewards. Not to mention, the significant energy-reducing benefits of switching to PoS would make Zcash a more environmentally friendly project than it currently is.
No specific date has been given for the rollout of this transition, though ECC stated it is expected to occur sometime within the next three years.