This is a sponsored cryptocurrency guide by eToro.
“Bitcoin, but with better privacy” - that’s how Zcash can be described in a simplified manner.
Zcash is a privacy-centric cryptocurrency that was forked from the Bitcoin source code back in 2016 with one major difference - Zcash allows users the flexibility to not disclose the contents of their transactions while keeping the transaction public should they wish to do so.
Bitcoin’s transactions can be verified easily because it is all displayed on a public decentralized ledger, and anyone can run analytics with the numbers there to verify that no Bitcoin has been double-spent nor created from thin air. Zcash, on the other hand, relies on clever mathematics to allow verification that a transaction actually occurred while keeping the details shielded from public scrutiny. Read on to find out more about Zcash!
Origins of Zcash, and the perceived “flaw” of Bitcoin
The need for privacy in the cryptocurrency sphere started way before the inception of Zcash. In the early years of Bitcoin, privacy advocates have been concerned with the total transparency of the Bitcoin ledger that would lead to privacy issues. For example, If John’s salary is paid in Bitcoin, it is easy for data sleuths to find out exactly how much he is paid as all the transactions are recorded on a public ledger. While it is possible for John to obscure his bitcoin addresses and transactions, the skills needed to do so might be above that of ordinary folks who aren’t privy to privacy techniques.
It is exactly this thesis that led to the creation of the Zerocoin protocol by Matthew Green (John Hopkins University professor), a proposal that was planned for the Bitcoin Network itself. The Zerocoin protocol utilizes zk-SNARKs, a type of zero-knowledge proof construction. This Turing Award-winning cryptography technique helps to prove a computation (ie. transaction on a blockchain) has been done without revealing any other information. In short, it proves a statement to be true without revealing what the statement was.
They posit that if this proposal is to be merged into the bitcoin protocol, John doesn’t need to take too many steps to secure his privacy, as privacy would be baked into the protocol. Unfortunately, the proposal was never accepted.
Later in 2016, the creators of the Zerocoin protocol teamed up with Zooko Wilcox (computer security specialist and cypherpunk) to create Zcash, a fork of Bitcoin that has the improved version of Zerocoin protocol, Zerocash protocol built in. Zcash mining and supply distribution
One of the ways Zcash is similar to Bitcoin is in the way there are generated and secured. Both are Proof-of-Work based where computers solve cryptographic puzzles to find the next block. Zcash (ZEC) is mined with an emission rate of 12.5 ZEC every 150s, which halves every 4 years until 2032, where all new ZECs would be distributed.
Zcash has no ICO, pre-mine or airdrops. Instead, early investors (who included the likes of Naval Ravikant, Roger Ver and Erik Voorhees) will take 10% out of every block rewards - regardless who mined it, as the Founder’s Reward. It is worth noting that the Founder’s reward will only apply for the first 4 years after the Genesis block, after which miners will have 100% of the Block Rewards.
Privacy in Zcash - “t” addresses and “z” addresses
Unlike Bitcoin, whose addresses and transaction records are readily available on the blockchain. Users have the choice to “shield” their transaction from the public eye.
There are two types of addresses within the Zcash protocol.
“t” addresses are typical transparent addresses, where all the information can be seen on the blockchain.
“z” addresses, where only the sender and receiver will be able to see the details of the transaction.
In Zcash, you can send ZEC between “t” and “z” addresses but only “z” to “z” address transactions are fully private. There are four (4) different ways to transact using Zcash -
Public (“t” to “t”) - fully transparent
Shielding (“t” to “z”) - observer cannot confirm recipient’s address final balance
Deshielding (“z” to “t”) - observer cannot confirm the sender’s initial balance
Private (“z” to “z”) - observer does not know anything
The Zcash protocol allows its’ users to opt in and out of Zcash’s Zero-knowledge Security Layer. In short, Shielding and Deshielding shows the “t” addresses and the amount sent, but not the “z” addresses.
Zcash Spend Types: Source
However, it is worth noting that privacy comes at a cost - compared to transparent transactions, private transactions require more time and computational resources to process. This translates to slower transactions and typically higher fees as miners are required to complete the computationally intensive construction of zk-SNARKs for a private transaction. As a result, not all users have opted for private transactions and at the time of writing (May 2019), approximately 10% of all Zcash’s transactions are shielded (private) with Shielded balances (Zcash in “z” addresses) accounting for about 4% of all Zcash.
Disclosure of Private Payments
Regulations aside, there might be instances where third-party auditors have to view and audit transactions of a “z” address. Zcash’s protocol has this covered as well, where owners of “z” addresses can allow for full disclosure through Viewing Keys or selective disclosure through Payment Disclosure.
A viewing key can be generated from the private key of a “z” address. Using the viewing key, anyone can view every single transaction made on a “z” address. However, that is the extent of what is possible with a viewing key, you cannot perform any transactions using viewing keys. One usage of the viewing key is that owners of “z” addresses can disclose transaction details for regulatory compliance or auditing. This is done by surrendering the viewing key of a “z” address to a trusted third party.
Further expanding on John’s example from above, if John’s employer pays him in Zcash (using private transactions), the transaction will not be viewable on the blockchain. However, if the employer is performing a financial audit, the viewing key can be given to the auditor so that they can privately view the transaction for the auditing procedure. The address would be safe from potential theft since the auditor would not be able to make any transactions using the viewing Key.
Similar to using Viewing Keys, the owner of a “z” address can selectively disclose a single private transaction to a third party. This option is possible if only a single transaction is needed for disclosure rather than the entire history of a given “z” address.
Zcash Selective Disclosure: Source
Payment disclosure is a useful tool for when only selected transactions have to be disclosed, rather than the entire history of any given z-addresses.
One notable feature for privacy coins is that - along with the option of privacy comes fungibility. Private Zcash tokens are all considered “equal” because they have no “history” and cannot be discriminated/blacklisted regardless of how it has been spent, making privacy coins very similar to paper money.
Improvements - Sapling
Since inception, Zcash has been constantly worked and improved upon with the Sapling upgrade being pushed live on 29th October 2018. Sapling was born out of nearly two years of development that has immensely improved Zcash’s usability and privacy.
One of the biggest upgrades of Sapling is a reduction of 90% in time and 97% in memory requirements in constructing a zk-SNARKs transaction. This translates to private transactions that can be conducted in no more than 10 seconds with only 40MB memory, compared to Sprout transactions (pre-sapling) which required ~30 seconds and ~3GB memory.
Visualizing Sapling’s improvements for private transactions (Source: Zcash blog)
To learn more about Zcash feel free to head over to their official site, or check out the mathematics behind the Zerocash Protocol here (technical!). If you want to look at price charts, social media links, block explorers and more for Zcash, we have you covered on CoinGecko’s Zcash page!
This is a sponsored cryptocurrency guide by eToro.
Market Research Analyst at CoinGecko and cryptocurrency fan since 2014. I like to geek out about things in the crypto space. You can read some of my stuff at kristiankho.com. Follow the author on Twitter @Kristian_Kho