ZCash (ZEC) is a privacy-oriented cryptocurrency employing one of the most innovative cryptographic primitives available today: zero-knowledge proofs (ZKPs). Specifically, ZCash uses an optimized form of ZKPs known as zk-SNARKs, along with shielded transactions that obfuscate transaction details across its public blockchain network, providing anonymity and fungibility. ZEC was created by and is backed by the Electric Coin Company, and is one of the most prominent privacy-focused cryptocurrencies available today.
- Enhanced, optional privacy features not currently native to bitcoin or many other cryptocurrencies
- Implements world-class, cutting-edge cryptographic privacy technology called zero-knowledge proofs (ZKPs)
- Above-average network effects including exchange listings, liquidity, and name brand recognition
- Strong, reputable team and advisors including Zooko Wilcox, Nathan Wilcox, Gavin Andresen, and Vitalik Buterin
- High inflation and a Founder’s reward in each block devalue the asset and dissuade long-term holders
- The zK-SNARK privacy technology is not unique to ZEC and can be implemented by other cryptocurrencies (like Ethereum)
- ZCash underwent a Trusted Setup ceremony during the project's creation and is arguably antithetical to the idea of a trustless money
- Project is run by a centralized business: Electric Coin Company
- In October 2018, an inflation vulnerability was revealed after a fix had already been implemented within the Sapling upgrade. Although unlikely that the bug was exploited, there is no way to be 100% certain that counterfeit ZEC was not created prior to the fix.
- White paper
- Block explorer
- ZCash community
- Wallets- Ledger and TREZOR
- Where to buy? Coinbase and Gemini
Primary Use Case
The primary use case of ZCash is very straightforward: financial privacy. Other cryptocurrencies – such as Bitcoin – are pseudonymous, and it is possible to deanonymize users through a variety of techniques, many of which have been published in academic circles and proven to work with high probability. Still, ZEC started with the Bitcoin source code, adding privacy-enhancing features whereby users are able to decide on the degree of confidentiality within each transaction (shielded addresses). Other cryptocurrencies emphasizing privacy – like Monero – have enhanced privacy features, but outside of the recently upgraded bulletproof implementation, do not match the fundamental anonymity guarantees of zk-SNARKs in ZCash. ZKPs enable transactions to be verified without revealing the sender, receiver, or transaction details.
Users of ZCash can send ‘shielded transactions,’ which require more time and computation than regular transactions because of the need to construct a proof for the zk-SNARK. The zk-SNARK proof proves that all of the inputs and outputs sum to zero – meaning no ZCash was created out of thin air – and that all of the digital signatures used are valid. Alternatively, ZEC users can send transparent transactions with no privacy enhancements. This optionality allows users to share all, none, or some transaction details, depending on their preference and situation.
The term zk-SNARK stands for “zero-knowledge succinct non-interactive argument of knowledge” and is used to validate a transaction without revealing any details about the addresses of the sender and receiver or the amount being transferred. Privacy guarantees of zk-SNARKs’ level are vital for numerous reasons, including censorship resistance, generating proofs for complex interactions, and even compacting blockchains through ZKPs of block data. You can find an in-depth overview of the mathematical concepts and construction of zk-SNARKs in ZCash here.
Secondary Use Case
ZCash’s primary use case is privacy, and the secondary effect of that privacy is fungibility. Compared to other privacy-oriented cryptocurrencies, ZCash is regarded as having one of the most robust anonymity guarantees due to its use of ZKPs. The anonymous nature of ZKPs enables fungibility not available with fiat currencies or many other cryptocurrencies. Fungibility is the idea that all coins are identical and mutually substituted.
With Bitcoin, the ability to deanonymize users through transaction mapping via network-layer attacks (i.e., IP address mapping) and other forensic techniques can lead to specific inputs and outputs being associated with illicit activities. Because of this, vendors, merchants, and governments can blacklist specific transaction outputs as “dirty money.” If some bitcoins are considered dirty money while others are not, then fungibility is reduced.
ZCash seeks to solve these problems by allowing a user to shield particular wallets and transactions from view. If you need to handle a transaction privately, you can do so while still allowing others to verify the transaction cryptographically.
Of course, with private transactions and near-perfect fungibility comes potential backlash from governments, law enforcement officials, and regulators. To combat this, ZCash also allows for transparent transactions on its blockchain and these transparent transactions currently consist of the vast majority (~86%) of the transactions on the network. However, the Sapling upgrade provided a much-needed reprieve from the inconvenience of using shielded transactions, by decreasing time and memory requirements by 90% and 97%, respectively. Since Sapling, shielded pools and transactions have increased (discussed in greater detail in following sections).
ZCash’s competitive advantage derives directly from its use of zk-SNARKs. It is the first full implementation of the nascent privacy-preserving technology and has become one of the most popular cryptocurrency networks with a strong development team behind it.
Other cryptocurrencies – like ZCoin – also employ ZKPs but do not have the widespread network effects as ZCash. Furthermore, ZCash’s founder – Zooko Wilcox-O’Hearns – is a high-profile figure in the industry, and the development team’s predilection for attacking complex and ambitious network upgrades and research has led to some impressive accomplishments.
Other cryptocurrencies focusing on privacy – such as Monero – have larger open-source communities, but do not have the same amount of funding nor provide the same level of anonymity guarantees as a full zk-SNARK implementation.
ZEC privacy assurances vs other crypto assets. Source: MultiCoin Capital
Challenges to Adoption
ZCash is viewed through a lens of uncertainty by many developers and users who do not like the requirement of the trusted setup – which was required a second time for Sapling – or the fact that the protocol is heavily-centralized around a private company, the Elctronic Coin Company. Other concerns include the very high daily supply inflation schedule relative to that of other cryptoassets. Additionally, the early controversial Founder’s Reward, which took 10% of all mining rewards and disperses it to founders, investors, and employees, causesdsome contention among investors. The Founder's Reward has since been modified with the Canopy upgrade in 2020 but some mining rewards still accrue to Electric Coin Compant and the ZCash Foundation.
Overcoming these hurdles will be difficult for the cryptocurrency. The competition with other privacy-oriented coins is ramping up with the recent release of BEAM and Grin, and the recent news of a successful zk-SNARKS implementation on the Ethereum blockchain.
How ZCash evolves to remain one of the more popular cryptocurrencies focusing on anonymity and fungibility will likely take several years to play out, as the industry progresses to more widespread adoption. The regulatory environment surrounding anonymous cryptocurrencies is also uncertain, and likely to attract adverse attention from government authorities.
ZCash integrated its Sapling upgrade in October 2018, which was a major boon for users looking to leverage shielded transactions but felt hindered by their cumbersome nature prior to the upgrade. Besides improving the Sapling upgrade, the ZCash team also rolled out the Blossom upgrade December 2019. Blossom’s development constituted years of work and was the third major upgrade in ZCash’s history, Sprout and Sapling being the two predecessors. The upgrade enabled faster transactions with lower fees by increasing the mining frequency of blocks.
In September 2019, the ECC announced Halo, a “trustless” cryptographic scaling solution using a recursive proof composition. Halo allows for scaling improvements without requiring a “trusted setup.” According to the post, “Recursive proof composition holds the potential for compressing unlimited amounts of computation, creating auditable distributed systems, building highly scalable blockchains, and protecting privacy for all of humanity. The concept is a proof that verifies the correctness of another instance of itself, allowing any amount of computational effort and data to produce a short proof that can be checked quickly.”
In July 2020, the Heartwood upgrade, which enabled improved interoperability efforts, cross-chain integration, and light-client use cases, was released. It also gave miners the option to immediately shield mining rewards in coinbase transactions. The upgrade (ZIP 221) could pave the way for efficient cross-chain communication i.e. the ability for future ZEC proofs to be verified on blockchains like Ethereum.
In November 2020, coinciding with the project's first "halving," the Canopy upgrade was implemented. Canopy was the fifth hardfork upgrade to Zcash, introducing some minor technical improvements but primarily focused on the monetary policy of ZCash. The most anticipated and highly-scrutinized aspect of the upgrade was the creation of a new development fund for four years and the removal of the controversial “Founders Reward.”
Prior to Canopy, the protocol was coded so that 10% of all ZEC in the first four years would go to the founders in order to fund and support project development, regulatory outreach, community outreach/growth, etc. After those 4 years were up in ~October 2020, the reward would be removed and all of the mining rewards would go to the miners. However, as the end of the Founder's Reward time drew near, a debate emerged about whether or not to renew the controversial reward. Zooko, the CEO of ECC and figurehead of ZCash supported renewing the Founder’s Reward in which many, right or wrong, viewed as a way of continuing to enrich his personal wealth.
Many were so opposed to the idea of renewing the ZCash Founder’s Reward that they forked ZEC in July 2019, creating YCash (YEC). This fork is nearly identical to ZEC except that the 10% Founder’s Reward was reduced to 5% with all of it going to the non-profit YCash Foundation.
Post-Canopy, 80% of block rewards accrue to the miners, 8% are reserved for the Major Grants Fund (third-party developer fund), 7% to the Electric Coin Company, and 5% to the Zcash Foundation.
Previously, the 20% of network rewards that didn’t go to miners was split between the ECC, the Zcash Foundation, and the founders and investors who helped create Zcash. The community’s strongest point of contention was the latter share, as the initial founders took the lion’s share of 14.2% of the entire mining reward.
In Q2 2021, the Electric Coin Company (ECC) announced the next ZCash upgrade entitled Halo Arc to be rolled out in October 2021. Halo Arc will include updates to Zcash’s consensus nodes, a new shielded-by-default ECC wallet, and the ECC wallet software development kits (SDKs). Additionally, the Halo Arc upgrade will also enable unified addresses, a boon to the user experience. Unified addresses will create a single Zcash address that is compatible across shielded and transparent functionality, eliminating the need for a user to have separate shielded and transparent addresses.
Generally, the ZCash Company’s current proposed roadmap cites more ongoing research and development in the field of ZKPs as well as enhancing business development and decentralization of the cryptocurrency. As part of expected upgrades in October 2021, Network Upgrade 5 (NU5) is close to testnet phase. NU5 looks to introduce the early infrastructure (Halo 2) for cross-chain interoperability and layer 2 applications. With NU5 in place, ZCash can begin to plan for additional scalability support down the road. Halo 2 will also eliminate the trusted setup involved in the “Orchard” shielded pool.