Zcash, currently being developed by the Zcash Company, is a privacy-focused cryptocurrency that allows users to choose between sending public or private transactions. How? By using a very innovative technology called zero-knowledge proofs, or zk-SNARKS, to conceal transaction information.
Zcash started from the Zerocoin protocol that was developed by a team led by Johns Hopkins University professor Matthew D. Green (for more details, check out the Zerocoin and Zerocash papers here). Although Zcoin was one of the first altcoin implementations of the protocol, Zcash is the most popular implementation to date.
How does Zcash work?
The technology underpinning the Zerocoin protocol is the zk-SNARK. zk-SNARKs allow you to verify the correctness of computations without having to execute them or know what was executed. The math behind zk-SNARKS is complex but provably true. This post from the Ethereum blog tries to summarize the technology in a comprehensive manner but even this simplistic explanation is difficult to understand. Fortunately for Zcash users, they don’t need to understand the protocol to enjoy the privacy benefits of Zcash, they just need to know that it has been mathematically proven to work.
For readability purposes, this post will not dive into the inner mathematical workings of the Zerocoin protocol. Instead, it'll focus on how it's used in Zcash.
As previously mentioned, Zcash users can choose whether to send a public or private transaction. This is done through a system with two address types. Activity associated with t-addresses, or t-addrs, are public. Activity associated with z-addresses, or z-addrs, are private. A t-addr is a 36 character long string beginning with t. A z-addr is a 96 character long string beginning with z.
An address can send to any other address, regardless of type. If it's a z-addr to z-addr transaction, nothing is revealed to the public. Both addresses and the amount of ZECs transacted are hidden. If it's a z-addr to t-addr transaction (or the other way around), the z-addr is hidden but the amount of ZECs transacted is not.
It's important to note that verifying transactions involving z-addrs is computationally expensive. It's expensive enough that people have proposed storing the verification proofs on the blockchain so that new miners don't have to do the work to verify the transactions. However, this would greatly increase the size of the blockchain and the proposal was rejected. It's much cheaper to store the proofs off-chain if necessary. There is significant ongoing work to improve the efficiency of computing these verification proofs. In fact, the next major protocol upgrade called Sapling is focused on exactly this and it’s slated to be launched in 6 weeks.
Zcash is similar to Bitcoin in that it uses the UTXO transaction model with a proof of work consensus algorithm. The Zerocoin protocol is built on top of this Bitcoin protocol. Similar to Bitcoin, there will be at most 21 million ZECs. Unlike Bitcoin, which has a 1 mb block size and a 10 minute block interval, Zcash has a 2mb block size and a 2.5 minute block interval. This makes Zcash slightly faster with a greater throughput.
The team behind Zcash
Zcash is being developed by the Zcash Company, which is founded and led by Zooko Wilcox. Zooko is a computer security researcher. He designed multiple network protocols that incorporate concepts such as self-contained economies and secure reputation systems. Zooko's triangle, a network protocol trilemma, is named after the Zcash founder (if you're curious, here’s a primer on the trilemma).
The Zcash Company's team includes scientists, advisors, and outside counsel. The scientists consist of faculty and students focusing on computer science as well as information security research from various universities. The company has high profile advisors including Gavin Andresen and Vitalik Buterin.
Besides the Zcash Company, there is also the Zcash Foundation. The foundation is a separate nonprofit organization which is a public charity dedicated to building Internet payment and privacy infrastructure for the public good, primarily serving Zcash users. The organization has a grants program, runs a conference, has a participatory governance process, and plans to make technical hires by the end of 2018.
The two organizations have talented teams, and together, they appear to be well-equipped to grow Zcash.
Privacy is valuable
Users value privacy - we like to keep our activity private, we pay premiums for privacy, and we react negatively when our privacy is violated. Take for example, the recent backlash against Facebook that resulted after the company knowingly sold user information to companies like Cambridge Analytica. What's more, the UN considers privacy a fundamental human right.
Although Bitcoin is great for trustless security, the network itself is highly transparent to all participants. Which means all activity from a Bitcoin wallet is visible to everyone else, so Bitcoin users often don’t have privacy. Zcash improves on Bitcoin by introducing privacy without compromising on trustless security.
Listing on Gemini
Zcash was listed on Gemini in mid May; the listing is significant for the cryptocurrency since regulations around privacy-oriented coins are particularly unclear. With the Gemini listing, worries over a regulatory crackdown are slightly alleviated because Gemini is a US cryptocurrency exchange that's licensed by the New York State Department of Financial Services (NYDFS). This listing makes Gemini the first licensed Zcash exchange in the world. It also makes the NYDFS the first regulatory agency in the world to supervise Zcash.
Here is a statement by the NYDFS on the Zcash listing. The statement explicitly mentions Zcash's ability to support public and private transactions.
A high risk of regulatory crackdown
Zcash's privacy is both its greatest strength and its greatest weakness. Privacy is valuable, but it also enables criminal activity to be conducted with impunity. In Zcash's case, its private transaction feature can be easily used for illegal financial transactions, such as money laundering and the buying and selling of illegal drugs. If it's easy to use Zcash for illegal financial transactions , then it'll definitely be used for such purposes and governments will be forced to intervene, particularly in the case of money laundering. Very little stands in between a government and its tax revenue.
The Founder's reward is a mechanism in Zcash's protocol wherein 20% of newly minted ZECs are given to the project's investors, developers, and a non-profit foundation in the first four years . Unsurprisingly, the Founder's reward is controversial. Even though it's often described as a way to fund Zcash's development, the reward is perceived as greed on the Zcash's developer's part.
Users who are against the Founder's reward have forked Zcash numerous times and created versions of Zcash without the reward. ZenCash is the most popular of these forks. ZClassic was another popular fork but it was merged into Bitcoin Private in March and, according to the cryptocurrency’s Twitter account, all work on ZClassic has stopped.
Tyler Winklevoss, the CEO of Gemini, was once quoted as saying, "Zcash picks up where Bitcoin left off. Bitcoin has many strengths, but privacy is not one of them".
Privacy is valuable and Zcash introduces privacy to cryptocurrencies without sacrificing decentralization. It does so by combining the Zerocoin protocol with Bitcoin's protocol. For cryptocurrencies, Zcash is to privacy what Ethereum is to smart contracts.
Unfortunately, as innovative and useful as Zcash is, there is a high risk that regulators will crackdown on it because its privacy features facilitate illegal financial activity. On the bright side, with the recent listing of Zcash on Gemini, regulators seem to be, for the moment, in favor of Zcash.