Since the inception of Bitcoin, there have been a multitude of carbon copy cryptocurrencies, and numerous others that focus on improving the privacy features offered by blockchain technology. Of these, many have proven to be scarcely more private than the original, but a few, offer a feature set worthy of acknowledgement. Enter Zcash.
In a world where privacy is becoming an increasingly rare commodity, due to the progressive digitization of our lives, one cryptocurrency aims to give us back something that we risk losing; the freedom to spend our own money in private. The need for privacy dates back as far as human existence, we created clothes to cover our nude bodies, houses with separate bedrooms to shield us from one another, and anonymous outlets through which we can convey our true feelings and opinions.
“I can not in good conscience allow the U.S. government to destroy privacy, internet freedom and basic liberties for people around the world with this massive surveillance machine they're secretly building.”- Edward Snowden
Without privacy, we cannot be truly secure, and without security, we are vulnerable. Because of this, the right to privacy is truly something that must be protected. Would you want your entire payment history exposed to the public?
Imagine a system where every payment you sent is permanently recorded for everybody to see, including how much you sent, who you sent it to, and when you sent it… Well, that’s what Bitcoin might turn out to be if the many blockchain analysis companies are successful.
There are currently multiple efforts underway to associate as many Bitcoin addresses with their real world owners as possible, an effort that will become increasingly accurate and complete as these companies have more and more data to work with.
One such company, Elliptic, aims to use specialized forensics technology to trace transaction activity across the blockchain, uncovering relationships between different entities to generate a list of identities for millions of Bitcoin addresses. In their own words;
“This gives law enforcement agencies and financial institutions the confidence they need to investigate and evaluate suspicious activity on the Bitcoin blockchain.” – Elliptic.co
Or in other words, the more you interact with the Bitcoin blockchain, the more likely your odds of ending up on Elliptics database, a database that will likely be handled by governments, law enforcement and financial institutions.
Many people suggest that if you have nothing to hide, then there is no harm in having your financial details visible to all, in fact it is quite the opposite; there have been several cases where wallet owners have been identified, and either scammed or robbed.
One such example, saw a cryptocurrency trader forced at gunpoint to transfer his cryptocurrency holdings to the attackers. In these cases, the funds are usually never retrieved, and as Bitcoin identity scraping software continues to evolve, these incidents are likely to become more commonplace.
The Ceremony
Zcash, a novel privacy focused cryptocurrency that aims to add some opacity to our otherwise increasingly transparent lives. Zcash (ZEC) is a decentralized, open source, and is currently one of the most popular privacy coins available. Launched in October 2016 by an all-star team, including the famed cryptographer Zooko Wilcox (Founder and CEO) and many of the original creators of the Zerocoin and Zerocash protocols, the team certainly has the talent to make it a success. The founder alone, Zooko Wilcox has over two decades of experience working in cryptography, startups and information security.
In their own words, the Zcash team “aims to set a new standard for privacy through the use of ground-breaking cryptography”. To do this, the team took the best parts of Bitcoin, being a peer-to-peer cryptocurrency based on an open-source blockchain, however it also features several improvements that focus on private transactions. According to the team, these improvements are necessary to preserve core human values like dignity, intimacy, and morality.
Zcash is the culmination of improvements to two successive anonymous payment protocols; zerocoin and zerocash. Zerocoin, was an early Bitcoin fork first proposed by Matthew D. Green of the John Hopkins university, and first released to the public by Poramin Insom in September 2016 as a fully functional cryptocurrency, with Roger Ver as one of the earliest investors.
Zerocoin was the first cryptocurrency to use zero knowledge proofs to guarantee complete financial anonymity. The zerocoin protocol was improved and used as the basis of the zerocash protocol, which forms the backbone of Zerocash, a cryptocurrency with smaller transaction sizes, and improved privacy features.
The zerocash protocol enabled a new type of transaction that hides the payment origin, sender and amount, and existed as two separate interchangeable currencies, zerocoin and basecoin. This protocol was used as the basis for Zcash.
Zcash initially begun with an event known as the “parameter generation ceremony”, where 6 key individuals in separate geographic locations created a fragment (or shard) of the public key necessary for Zcash to function, these were then united to form the final public parameters, following which each person deleted their shard.
This system ensures that if at least one person in the ceremony deleted their public key, then the master key cannot be compromised. To date, five of these six key holders have been named, whilst the sixth remains anonymous.
The only way in which this system can fail, is if all six key holders were dishonest, colluding or compromised, which could allow the creation of a master passkey that would completely disrupt the Zcash system.
Highly recommended: RadioLab did an awesome podcast episode on the genesis ceremony of Zcash, giving the listeners exclusive insider information on the whole mystic ordeal. The launch of Zcash and mining of the genesis block were also live streamed on Youtube, reaching tens of thousands of viewers worldwide.
Growth in popularity and price history
Shortly after its release on October 28th 2016, the first ZEC from the genesis block hit the exchanges and was instantly traded for 3,300 BTC, then worth an eye watering $2 million. Disregarding the heartbreaking cost of the genesis ZEC, the extraordinary buzz surrounding Zcash led to a peak price of $5,841 the day after its release, followed by a gradual decline to around $500 by October 31st, a threshold which it found significant support at, seeing it rally back to over $1,000 in the subsequent days.
Part of this price explosion was due to the initially low supply of ZEC, with only around 1000 ZEC being minted within the first two days after Zcash launched. Since then, Zcash rallied above $400 multiple times throughout 2017, and is currently hovering around $250 at the time of writing.
As the popularity of Zcash increased, the market capitalization grew, peaking at over 2.5 billion dollars in January 2018, and currently sitting at just under $1 billion, Zcash is the 25th largest cryptocurrency by market cap with a current circulating supply of 3,492,356 ZEC.
Currently, there is an extensive list of merchants that accept Zcash and other cryptocurrencies as payment, and around $43,000,000 (approx. 5000 btc) in transactions are completed per day, a steep drop since its previous high of $500 million transacted per day in January 2018.
As much of the speculation surrounding Zcash and its functionality as an anonymous payment system has died down, the market has become increasingly settled, however the ambitious roadmap set by the Zcash company points to a promising future for the private payment platform.
Recently, Zcash partnered with the multinational banking group JP Morgan to integrate Zcash technology into the JP Morgan Quorum blockchain, the first time a zero-knowledge security layer has been integrated with an enterprise blockchain, and a significant milestone for Zcash.
The defining features of Zcash
Zcash sets itself apart from other cryptocurrencies by focusing on user privacy. By using expertly crafted cryptographic principles and peer-reviewed cryptography research in its design, Zcash allows fully encrypted transactions to be confirmed as valid, whilst maintaining a simple to use interface suitable for newbies and veterans alike.
Zcash is secure
Zcash is truly secure, being fully decentralized you are in full control of your funds, nobody, not even the government or bank can dictate what you do with your money. In the words of the Zcash team, “If Bitcoin is like http for money, Zcash is https—a secure transport layer.”
Being open source, the core code is visible for all to scrutinize, ensuring that no bugs, backdoors or security flaws exist. By using distributed consensus to validate transactions, no centralized authority is able to intercept or prevent transactions, and double spends can be prevented. This also means that once a transaction is confirmed, it is essentially irreversible, so make sure you check, then double check that details are correct before making payments.
Selectively private
Unlike many other privacy focused cryptocurrencies, the privacy offered by Zcash is completely optional. Zcash has two types of addresses, shielded “s” addresses, and transparent “t” addresses. In general, most users and exchanges tend to use transparent addresses, as transparent transactions tend to have much lower fees.
Currently, only approximately 0.8% of ZEC is held in shielded addresses, whilst the rest is held in transparent addresses, indicating that most of its users do not use its privacy features. The founder, Zooko Wilcox pointed out that the majority of ZEC has been filtered through a shielded address at some point, currently it takes over a minute to generate the proof of a shielded transaction.
Transactions between shielded addresses are completely private, whilst those between transparent addresses are public, so it is your choice which type of address to use.
For increased anonymity, generate a new address for each transaction and use the default transaction fee to prevent blockchain analysis being used to possibly identify you.
- “Every coin is created equal.”
Fungibility is considered by many to be one of the most important features a cryptocurrency must have to succeed in future. In short, fungibility means units of ZEC are mutually exchangeable without any loss, or alteration of value. Because private transactions obscure the origins of coins, this means they cannot be discriminated on based on their history.
For example, if a coin was previously associated with an undesirable person or activity, it could be blacklisted by an exchange or merchant, thereby losing or reducing its value. However, because Zcash is fungible, all ZEC units have equal value, and cannot be blacklisted based on its history, as this history cannot be seen if received from a shielded address.
This is how traditional currency works, you wouldn’t expect a $10 bill to be worth less because of its history, cryptocurrencies should be the same. As the popularity of Zcash increases, so too will its fungibility, as a greater proportion of ZEC passes through shielded addresses.
- Zcash has (extremely) low fees
Another great feature of Zcash is its incredibly low fees, with both private and transparent transaction fees being just a fraction of a cent. Yes, you did read that correctly.
Compared to Bitcoin which reached a peak of over $50 per transaction in late December 2017, and international bank transfer fees which tend to start at $15, it makes Zcash one of the lowest fee cryptocurrencies, combining this with extremely fast transaction confirmation times makes Zcash a formidable alternative to Bitcoin.
The mechanism behind the mask
Beneath this mask there is more than flesh, Beneath this mask there is an idea, Mr. Creedy, and ideas are bulletproof. – V for Vendetta
Now that we have covered the basic properties of Zcash, let’s explore the technical basis of Zcash in a little more depth. To achieve its privacy, Zcash uses a new, research based cryptographic method known as zk-SNARKs (zero-knowledge Succinct Non-interactive Argument of Knowledge).
zk-SNARKs allows you to prove that certain information is true, without revealing the actual information itself. For example, zk-SNARKs allow you to prove that you sent funds to an address, without revealing the address, or the amount sent, this allows a decentralized mining process to verify transactions, without individual miners learning anything about the transaction, other than the fact that it is valid. To prove that a transaction is valid without revealing sensitive information, zk-SNARKs demonstrates a proof of construction as follows;
- The sum of the Input values and Output values is equal
- Sender proves control of the private keys of the input notes, demonstrating authority over the funds
- The transaction signature is cryptographically linked to these private keys, proving that only the controller of these private keys could have created the transaction signature
Furthermore, Zcash allows one to prove possession of unspent transaction outputs (UTXOs) to demonstrate that a user has enough ZEC to process a transaction. This involves creating a commitment and revealing a nullifier which is verified by a node.
Zcash nodes log the commitments created, and nullifiers revealed as hashes, to avoid disclosing a link between particular commitments and nullifiers, these take the form as shown;
- Commitment = HASH(recipient address, amount, rho, r)
- Nullifier = HASH(spending key, rho)
However, due to the inefficient properties of zk-SNARKs, generating a private transaction requires users to run a full node, and takes around two minutes per transaction to generate, whereas transparent transactions are much less intensive to process.
Like Bitcoin, the total supply of ZEC is capped at 21 million units, and the proportion of coins in circulation will increase over time as new ZEC are minted by miners. For the first 34 days the block reward gradually increased to 12.5 ZEC and has an average block time of 2.5 minutes compared to Bitcoin’s 10 minutes, it also has a larger block size of 2Mb.
The block reward is halved approximately every four years, reducing the number of new coins minted as the circulating supply approaches the cap.
Consensys mechanism
Unlike many other cryptocurrencies, Zcash uses the Equihash proof of work protocol for mining, which offers multiple advantages over the SHA256 protocol used by Bitcoin. Equihash has very efficient verification which makes it suitable for mobile devices. Unlike SHA256, Equihash is ASIC resistant, ensuring that the hashing power is more evenly distributed, rather than being mostly controlled by massive mining farms. This aims to decrease centralization of Zcash by distributing the hashing power over a larger number of individuals, essentially democratizing ZEC mining.
Equihash is the brainchild of Professor Alex Biryukov, head of Cryptolux, a cryptology research group from the University of Luxembourg. The equihash algorithm requires much more memory than SHA256, making it extremely cost in-effective to scale up. You might be thinking that this is bad, and increases the overall cost of the mining power, when in fact the case is just the opposite. By increasing the memory requirements, it prevents large, well-funded organizations from simply building specialized machines to outcompete the individual miners. For example, for an organization to achieve 1,000x the hashing power of an individual computer, it would cost roughly the same as 1,000 computers, making it a poor investment choice, leaving individuals to continue mining with their usual general purpose computer hardware, without being outcompeted by those with deep pockets, ensuring the fair distribution of newly minted ZEC.
Side note: For those of you with a technical background, see the following for a detailed breakdown of how equihash works.
The competition
Bitcoin
Being a fork of Bitcoin, Zcash is similar in several ways; they both have a maximum supply of 21 million units, both are mineable and both are open source. However, unlike Zcash, Bitcoin is not capable of private transactions, and instead uses the SHA-256 mining algorithm, whereas Zcash uses the ASIC resistant Equihash algorithm. Both Bitcoin and Zcash, have a public blockchain, but differ in the information presented on the public ledger, as Bitcoin shows the sender, recipient and transaction amount, whereas these are omitted in the Zcash ledger, which only shows that a transaction took place. Bitcoin recently forked into Bitcoin private that also uses Zk-SNARKS, producing a cryptocurrency very similar to Zcash. Zcash transaction confirmations are inherently more computationally intensive than Bitcoin transaction, and are not suitable for low memory device such as mobile devices, unlike Bitcoin which has numerous mobile wallets. Mixing services
Monero
Although both Monero and Zcash are touted as privacy cryptocurrencies, there are a number of differences that set them apart. For starters, Monero is forcibly anonymous using stealth addresses and ring confidential transactions (ringCTs). Ring confidential transactions conceal both the sender and recipient, whilst masking the transacted amount, this is analogous to private transactions in Zcash, though the methods used to achieve it are vastly different, even in terms of absolute security.
However, Monero also has some selective transparency features, allowing a user to reveal their hidden balance by providing their view key. Monero uses ring signatures to mix transactions together, by mixing the inputs of multiple transactions Monero offers plausible deniability if a transaction were to ever be questioned.
Others, including Dash and Verge
The private cryptocurrency space is becoming increasingly crowded, with dozens of privacy coins competing for the spotlight. Dash, Verge and DeepOnion are likely the biggest competitors to Zcash if excluding Monero. Although a comparison of these is beyond the scope of this guide, this may be something you will want to investigate further to choose which privacy coin has the feature set that most suits your use case.
How to use Zcash
Because theory without practice is sterile, in this guide we’ll equip you with everything you need to know to get your hands on some Zcash.
First things first:
- Set up a wallet
The first thing you will need to do when thinking about getting some Zcash is to download an appropriate wallet. The most commonly used wallet is the official Zcash client, and is currently available for Linux, Windows and MacOS. Note that your device will need at least 2GB of memory to generate shielded transactions, so if you’re using a mobile device this may be something you will want to confirm. There are also a number of third party wallets available, including:
These each have their own benefits, some support multiple cryptocurrencies, others offer additional privacy features and extra services, or additional features. For maximum security, it is recommended to get a hardware wallet such as a Trezor, or Ledger Nano S. These offer increased security over software wallets as your funds cannot be hacked or stolen due to a virus, trojan or phisher attacks, also offering support for multiple other cryptocurrencies.
Once you’ve selected your wallet client, you will need to create your first wallet. Creating a wallet will allow you to send and receive ZEC, and a necessary part of transacting with Zcash unless using an exchange address. As an example, we will run you through setting up your address in Jaxx for Windows.
Step 1: Download and install Jaxx
Step 2: Click create new wallet. We would recommend creating an express wallet for now, as all the features can be modified later once you’ve got the hang of things. You can then check the cryptocurrencies you would like to use with this wallet, for example BTC and ZEC. Once this has been selected, the client will then create your wallets for the selected coins.
Step 3: Secure your wallet
Once you have created your wallet, you will be presented with the following screen. From here, select the options in the top right corner, and click settings. Here you will set up a 4 digit security pin which you will need when logging into your wallet in future.
This provides a layer of security for your wallet. You will also want to go to tools > Backup Wallet > View Backup Phrase. Write down your 12 digit backup phrase, keep it secret, and keep it safe. You will need this to restore your wallet should you ever forget your pin, or lose access to your wallet for any other reason.
Step 4: Find your wallet address;
Now that you have created your wallet, you will need to find your unique wallet address. This will be displayed similar to below. Note that this is the address you will receive payments to, and the address that you will send payments from.
Step 5: Upgrade to a hardware wallet (optional)
If you are serious about cryptocurrency, and want to keep your coins as safe as possibly, then it is wise to invest in a hardware wallet. These can be purchased for under $100 and offer drastic improvements in security, which is particularly a concern when dealing with large sums of ZEC. Two of the most popular hardware wallets supporting ZEC are the aforementioned Trezor and Nano Ledger S wallets.
Having one of these will likely ensure that you don’t fall victim to any hacking attempt or theft. Certainly a worthwhile purchase if you’re looking to involve yourself in cryptocurrency for the long term. You are also able to set up a wallet at once of the many exchanges that currently trade ZEC, including Binance, Bitfinex, Poloniex and Kraken, along with many others. On an exchange, you simply register an account with the exchange and your Zcash address will be generated automatically.
Buying Zcash
There are a few different ways to first purchase ZEC, however most of these options require you to first have Bitcoin (BTC) for exchange. Very few websites will sell ZEC directly for Paypal or VISA due to the inherent risks that come with these payment methods (disputes and chargebacks), if an exchange does accept these payment methods, it usually comes with extensive ID verification and hefty additional fees.
You can buy ZEC with a credit card on exchanges including CEX.io, Coinbase, Coinmama and many others, note that the exchange rate differs between sites so check around to ensure you are getting the best rate.
If you would like to purchase ZEC with cash, your absolute best option is to use localbitcoins.com, where you can find a seller in your local area and perform a cash transaction. You can also use this website to purchase ZEC with a credit card, Paypal and other payment options, but the fee is usually significantly higher.
If you already have another cryptocurrency, such as BTC, ETH or LTC, then getting your hands on some ZEC is rather simple. Simply deposit your current cryptocurrency into your exchange of choice, for example Binance. Find the correct trading pair, such as BTC/ZEC, select the amount of ZEC you want to buy, and the price per ZEC and submit your buy order.
Note that you will need to enter a price close to the current market valuation (not too low), otherwise your buy order may not be filled. Once you have received your ZEC, you can either leave it in your exchange address, or withdraw it to your wallet address provided in your desktop or hardware wallet.
If you find using an exchange too complicated, or you want to avoid the hassle altogether, you can simply use shapeshift or changelly, which allow you to direct convert your BTC or other cryptocurrency directly to ZEC at a specified exchange rate. However, you will almost certainly end up with less ZEC than you would have gotten for the same cost on an exchange.
Note: Jaxx and many other Zcash clients have Shapeshift built-in, making it simple to convert other cryptocurrencies to ZEC.
Transacting with Zcash
Now that you have successfully acquired some ZEC, now you need to know how to transact with your new coins. Typically most third party wallets and exchanges are only capable of transparent transactions, if you would like to generate a shielded transaction, it is best to use the official Zcash client. You can tell if you’re using a transparent address if it starts with a “t”, whereas a shielded address will start with an “s”.
Once you have your client set up, and have some ZEC in your balance, you simply need to enter your recipient’s payment address, selected the amount of ZEC to send, and you’re good to go. Note that it is best to use the default transaction fee as this increases the privacy of the transaction.
Is privacy the future of cryptocurrencies?
Indeed with the additional regulatory pressures faced by cryptocurrencies, there is a growing trend towards privacy focused coins. It is natural that users gravitate towards a coin with their best interests in mind, rather than those that best bend to regulatory challenges.
Cryptocurrencies were, after all, founded on the idea of self-governance, privacy and decentralization, each properties that don’t bode well for continued corporate and government control over money.
However, the path for Zcash isn’t likely to be easily travelled, as there are a number of potential roadblocks in the way that will need to be dealt with before Zcash is ready for prime time.
For example, if a bug was discovered that allowed the generation of more than the intended supply of ZEC, this bug may go undetected, allowing those wielding the exploit to potentially increase the money supply, and presumably cashing out, an even which would lower the value of ZEC owned by other users.
This type of exploit could go completely undetected, as zk-SNARKs do not allow the certain scarcity of ZEC to be determined. There have been examples of such an occurrence, such as the Bitcoin value overflow bug that generated over 180 billion new Bitcoins, this was quickly rectified due to transparent nature of the Bitcoin blockchain, which would not be so easy to correct in Zcash.
Furthermore, currently flypool controls over 51% of the Zcash hashing power, a fact many use to demonstrate that Zcash is much more centralized than other privacy focused coins, whilst opening the doors to a potential majority attack on the blockchain.
This has led to several Zcash miners moving away from Flypool to diversify the hashrate. This kind of centralization problem is a common theme with growing cryptocurrencies, and tends to iron itself out as the number of available pools increases.
Despite the challenges along the road, Zcash has perhaps one of the strongest teams behind it, and a strict developmental roadmap aimed at addressing many of its flaws.
A number of large upgrades are planned for 2018, the largest of which is the Sapling update, which is expected to massively reduce the computational and memory burdens shielded transactions, making private mobile wallets feasible.
This will be preceded by the Overwinter update which will bring transaction expiry, replay protection and improved performance to the network.
2018 is set to be a big year for privacy coins, if the Zcash team can pull off their ambitious development schedule, Zcash will certain be placed in a strong position for the future.