X

Feedback + Support

Need Assistance? Notice something missing or broken? Let us know!

Press esc to dismiss

project icon for zcash

Zcash

ZEC
$51.81
7.35%
Positive delta icon

Zcash is a cryptocurrency launched in late 2016 offering optional privacy features through zk-SNARK technology.

Overview

Project Stage

Live status icon

Amount Raised

$1,010,000.00

Market Cap

$451MM

Sector

Cryptocurrency

Blockchain

Native token icon

zCash

Funding Source

Equity Funding

Project Profile

Zcash relies on zk-SNARKs (zero-knowledge Succinct Non-interactive ARgument of Knowledge), a type of non-interactive zero-knowledge proof, to prove to viewers that a commitment for a transaction on the Zcash blockchain has been satisfied, without revealing the commitment’s details. This technology, combined with technical extensions to the original Bitcoin protocol, allows a Zcash user to obscure the sender, recipient, and value of a transaction. The only information visible is a proof that a valid transaction took place. A summary of zk-SNARKs’ uses can be found here. Notably, the privacy features are optional, in contrast to Monero’s default privacy features. Like many early altcoins, Zcash is a code fork of Bitcoin, but did not inherit prior Bitcoin balances at the time of fork. Zcash uses a 2.5 minute target block time, a max block size of 2mb, and a halving interval of four years.

Zcash is an implementation of zerocash, an extension to Bitcoin invented in 2014, and is designed to provide anonymous transactions by minting Bitcoin, or non-anonymous basecoins whose blockchain the Zerocash protocol is implemented besides, into anonymous Zerocash coins. Zerocash was an improvement over the prior zerocoin protocol meant to improve bitcoin by allowing “users to mix their own coin”, essentially by using cryptography to conceal which outputs are linked to which inputs. Zcash supports both ‘transparent’ transfers of value, which function similarly to Bitcoin transactions, and ‘shielded’ transfers of value, which utilize zk-Snarks to provide privacy features. Transparent addresses begin with ‘t’ and shielded addresses begin with ‘z’, though it is possible to send transactions between different address types.

Zcash privacy protections depend on the number of shielded transactions, as this determines the ‘anonymity set’ that obscures any individual transaction; throughout Zcash’s history, the overwhelming majority of transactions have not been shielded and have offered no protections beyond those on the Bitcoin network. Partially in response, the Sapling network upgrade improved shielded transactions’ efficiency by reducing the amount of data needed to be stored on-chain. Multi-signature transactions can be used with transparent transactions.

Protocol Details

Zcash transactions can contain regular inputs, outputs and scripts to perform transparent transfer of value like in Bitcoin.  This regular transaction would remain pseudonymous like in Bitcoin - the amount, sender and recipient of the transaction is visible.  However, Zcash transactions can also be made to be protected, meaning that the amount, sender and recipient are hidden. Protected transactions contain what are called in the Zcash documentation JoinSplit descriptions, which describe JoinSplit transfers (similar to “Mint” and “Pour” transactions in Zerocash) which take as input a value and up to two notes, and from this produce a second value and up to two output notes.

Notes (called coins in Zerocash) are objects which specifies two values: an amount and a paying key.  Paying keys are components of payment addresses which are used to receive notes, generated from a spending key component (think public addresses and private keys in Bitcoin).  There are also note commitments and nullifiers (known as serial numbers in Zerocash) cryptographically associated with each note.  The nullifier is computed from the note’s spending key and is connected to the note commitment, though it is essentially impossible to correlate the note commitment with its corresponding nullifier without knowledge of the spending key (the private component of the paying key).  In transactions, output nullifiers are concealed from anyone without the viewing key, discussed more below.

Input note nullifiers are “spent”, and therefore revealed to prevent double spending, essentially “nullifying” the values of the transaction.  This is because users are not allowed to use two same nullifier values twice on the chain without invalidating the block that tried to double spend. However, output notes are concealed until someone can prove ownership of the spending key and move those coins, in which they will create a new transaction, revealing the previously concealed nullifiers as inputs to prove the coins as spent.

Zcash transactions also include JoinSplit statements containing a zk-SNARK, which is the fundamental technology for Zcash’s anonymity.  Zero-knowledge proofs are methods by which a party may prove validity of an assertion without sharing any other details.  A similar concept is already employed in Bitcoin with asymmetric cryptography involving public/private key pairs.  For example, users sign transactions with their private keys to prove they own the Bitcoins of a corresponding public key.  Verifying this by processing the signature and public key with algorithms verifies this to be true, even though the private key is not known by anyone except the owner of those coins.  SNARKs are more complex forms of zero knowledge proofs which can be used for more advanced implementations in special functions.  A very simplified way to think of it is a system designed in such a way that when you observe the SNARK signature it will prove to you that said function evaluates true, even if you don’t necessarily know the input or other details.  zk-SNARKs also have uses in Ethereum.

In the case of Zcash, the SNARKs within JoinSplit descriptions provide zero-knowledge proof that the spender had knowledge of the input notes private spending keys without divulging them, that the entire transaction is signed in a way that it cannot be modified without knowing the private spending keys from the input notes, and that the output notes are created in a way that collisions with other nullifiers will be impossible.  This proves to outside observers who aren’t permissioned to see details of a transaction that this block is valid and all the details are correct.  It proves that a commitment for another spend somewhere has now been satisfied; the observer just has no idea which one.

Finally, the other component of paying addresses (think Bitcoin public address) is the transmission key, whose corresponding private key is known as the viewing key.  These keys are used “for a key-private asymmetric encryption scheme,” which essentially creates ciphertexts so that only those with the private key, also known as the viewing key, can know that that ciphertext was encrypted with the transmission key.  This is how output notes are encrypted and kept private between users on a public blockchain.  Users use their viewing key to scan for notes on the blockchain that were encrypted with their corresponding transmission key, and then decrypt them to receive their coins (equivalent to the information they need to know to create a valid spend and move those received coins).

Through zero-knowledge proofs, Zcash manages to provide evidence of the ownership of coins without being able to directly connect two transactions.  When creating transactions, the spender proves through zk-SNARK’s that commitments have been validated without revealing which inputs granted the spender those coins.  For attackers to establish a correlation between two transactions, they are faced with the possibility of said transaction to be any of all transactions on the blockchain that they are not directly in control of, or have participated in.

For more technical insight and developer material, see the Zcash whitepaper.

ZCash Mining

zCash uses the Equihash algorithm, developed by Alex Biryukov and Dmitry Khovratovich, that is memory intensive and supports efficient verification. Memory intensive algorithms require storing a large amount of data simultaneously as potential solutions are attempted, but can be easily verified once generated. Since Equihash is memory intensive, mining power is a function of how much RAM the machine has. Such rapid verification times are highlighted in zCash’s case in order to support the development of light clients requiring minimal hardware. Early in zCash’s protocol development, Equihash was thought to be ASIC-resistant because of its memory-hardness, and hobbyist mining was prevalent. However, in 2018 Bitmain introduced the Antminer Z9 ASIC, which led to a significant rise in hash rate. In response, the zCash Foundation has prioritized research into ASIC-resistance, but has not taken a technical position. As of late 2019, there are multiple ASIC manufacturers including Bitmain, Innosilicon, and PandaMiner; the majority of network hash rate is controlled by a handful of pools.

Asset Details

Zcash uses the Equihash Proof of Work algorithm, which allows for very efficient memory-oriented mining optimized for CPU/RAM. The Zcash monetary base is the same as Bitcoin, but, of the maximum 21 million ZEC currency units mined over time, 90% will be distributed to miners and 10% will be distributed as a Founder’s Reward over the first four years to a combination of investors, founders, and the ZCash Company, which oversees primary development of the protocol. Early investors in ZCash include Pantera Capital, Digital Currency Group, Fenbushi Capital, and Naval Ravikant among others, who purchased 131,250 ZEC for $2 million. After four years, the reward per block halves, and all of the block rewards accrue to miners. Zcash’s Founder’s Reward design is an early attempt with the cryptoasset space to align stakeholders and motivate, in particular, the core developers to continue work on the protocol through the Zcash Company. The network was launched in October 2016 with a trusted setup process, where the Zcash founder Zooko Wilcox and early cryptocurrency adopters such as Coin Center’s Peter Van Valkenburgh and Bitcoin developer Peter Todd participated in a transparent process to generate the cryptographic keys necessary for launching the network.

zCashdark.png

project icon for zcash

Zcash

ZEC
$51.81
7.35%
Positive delta icon

Zcash is a cryptocurrency launched in late 2016 offering optional privacy features through zk-SNARK technology.

Overview

STATUS

MARKET CAP

BLOCKCHAIN

TOKEN TYPE

Live status icon
Live
$451MM
Native token icon

zCash

N/A

FUNDING SOURCE

AMOUNT RAISED

SECTOR

Equity Funding

$1MM

Cryptocurrency

Project Profile

Zcash relies on zk-SNARKs (zero-knowledge Succinct Non-interactive ARgument of Knowledge), a type of non-interactive zero-knowledge proof, to prove to viewers that a commitment for a transaction on the Zcash blockchain has been satisfied, without revealing the commitment’s details. This technology, combined with technical extensions to the original Bitcoin protocol, allows a Zcash user to obscure the sender, recipient, and value of a transaction. The only information visible is a proof that a valid transaction took place. A summary of zk-SNARKs’ uses can be found here. Notably, the privacy features are optional, in contrast to Monero’s default privacy features. Like many early altcoins, Zcash is a code fork of Bitcoin, but did not inherit prior Bitcoin balances at the time of fork. Zcash uses a 2.5 minute target block time, a max block size of 2mb, and a halving interval of four years.

Zcash is an implementation of zerocash, an extension to Bitcoin invented in 2014, and is designed to provide anonymous transactions by minting Bitcoin, or non-anonymous basecoins whose blockchain the Zerocash protocol is implemented besides, into anonymous Zerocash coins. Zerocash was an improvement over the prior zerocoin protocol meant to improve bitcoin by allowing “users to mix their own coin”, essentially by using cryptography to conceal which outputs are linked to which inputs. Zcash supports both ‘transparent’ transfers of value, which function similarly to Bitcoin transactions, and ‘shielded’ transfers of value, which utilize zk-Snarks to provide privacy features. Transparent addresses begin with ‘t’ and shielded addresses begin with ‘z’, though it is possible to send transactions between different address types.

Zcash privacy protections depend on the number of shielded transactions, as this determines the ‘anonymity set’ that obscures any individual transaction; throughout Zcash’s history, the overwhelming majority of transactions have not been shielded and have offered no protections beyond those on the Bitcoin network. Partially in response, the Sapling network upgrade improved shielded transactions’ efficiency by reducing the amount of data needed to be stored on-chain. Multi-signature transactions can be used with transparent transactions.

Protocol Details

Zcash transactions can contain regular inputs, outputs and scripts to perform transparent transfer of value like in Bitcoin.  This regular transaction would remain pseudonymous like in Bitcoin - the amount, sender and recipient of the transaction is visible.  However, Zcash transactions can also be made to be protected, meaning that the amount, sender and recipient are hidden. Protected transactions contain what are called in the Zcash documentation JoinSplit descriptions, which describe JoinSplit transfers (similar to “Mint” and “Pour” transactions in Zerocash) which take as input a value and up to two notes, and from this produce a second value and up to two output notes.

Notes (called coins in Zerocash) are objects which specifies two values: an amount and a paying key.  Paying keys are components of payment addresses which are used to receive notes, generated from a spending key component (think public addresses and private keys in Bitcoin).  There are also note commitments and nullifiers (known as serial numbers in Zerocash) cryptographically associated with each note.  The nullifier is computed from the note’s spending key and is connected to the note commitment, though it is essentially impossible to correlate the note commitment with its corresponding nullifier without knowledge of the spending key (the private component of the paying key).  In transactions, output nullifiers are concealed from anyone without the viewing key, discussed more below.

Input note nullifiers are “spent”, and therefore revealed to prevent double spending, essentially “nullifying” the values of the transaction.  This is because users are not allowed to use two same nullifier values twice on the chain without invalidating the block that tried to double spend. However, output notes are concealed until someone can prove ownership of the spending key and move those coins, in which they will create a new transaction, revealing the previously concealed nullifiers as inputs to prove the coins as spent.

Zcash transactions also include JoinSplit statements containing a zk-SNARK, which is the fundamental technology for Zcash’s anonymity.  Zero-knowledge proofs are methods by which a party may prove validity of an assertion without sharing any other details.  A similar concept is already employed in Bitcoin with asymmetric cryptography involving public/private key pairs.  For example, users sign transactions with their private keys to prove they own the Bitcoins of a corresponding public key.  Verifying this by processing the signature and public key with algorithms verifies this to be true, even though the private key is not known by anyone except the owner of those coins.  SNARKs are more complex forms of zero knowledge proofs which can be used for more advanced implementations in special functions.  A very simplified way to think of it is a system designed in such a way that when you observe the SNARK signature it will prove to you that said function evaluates true, even if you don’t necessarily know the input or other details.  zk-SNARKs also have uses in Ethereum.

In the case of Zcash, the SNARKs within JoinSplit descriptions provide zero-knowledge proof that the spender had knowledge of the input notes private spending keys without divulging them, that the entire transaction is signed in a way that it cannot be modified without knowing the private spending keys from the input notes, and that the output notes are created in a way that collisions with other nullifiers will be impossible.  This proves to outside observers who aren’t permissioned to see details of a transaction that this block is valid and all the details are correct.  It proves that a commitment for another spend somewhere has now been satisfied; the observer just has no idea which one.

Finally, the other component of paying addresses (think Bitcoin public address) is the transmission key, whose corresponding private key is known as the viewing key.  These keys are used “for a key-private asymmetric encryption scheme,” which essentially creates ciphertexts so that only those with the private key, also known as the viewing key, can know that that ciphertext was encrypted with the transmission key.  This is how output notes are encrypted and kept private between users on a public blockchain.  Users use their viewing key to scan for notes on the blockchain that were encrypted with their corresponding transmission key, and then decrypt them to receive their coins (equivalent to the information they need to know to create a valid spend and move those received coins).

Through zero-knowledge proofs, Zcash manages to provide evidence of the ownership of coins without being able to directly connect two transactions.  When creating transactions, the spender proves through zk-SNARK’s that commitments have been validated without revealing which inputs granted the spender those coins.  For attackers to establish a correlation between two transactions, they are faced with the possibility of said transaction to be any of all transactions on the blockchain that they are not directly in control of, or have participated in.

For more technical insight and developer material, see the Zcash whitepaper.

ZCash Mining

zCash uses the Equihash algorithm, developed by Alex Biryukov and Dmitry Khovratovich, that is memory intensive and supports efficient verification. Memory intensive algorithms require storing a large amount of data simultaneously as potential solutions are attempted, but can be easily verified once generated. Since Equihash is memory intensive, mining power is a function of how much RAM the machine has. Such rapid verification times are highlighted in zCash’s case in order to support the development of light clients requiring minimal hardware. Early in zCash’s protocol development, Equihash was thought to be ASIC-resistant because of its memory-hardness, and hobbyist mining was prevalent. However, in 2018 Bitmain introduced the Antminer Z9 ASIC, which led to a significant rise in hash rate. In response, the zCash Foundation has prioritized research into ASIC-resistance, but has not taken a technical position. As of late 2019, there are multiple ASIC manufacturers including Bitmain, Innosilicon, and PandaMiner; the majority of network hash rate is controlled by a handful of pools.

Asset Details

Zcash uses the Equihash Proof of Work algorithm, which allows for very efficient memory-oriented mining optimized for CPU/RAM. The Zcash monetary base is the same as Bitcoin, but, of the maximum 21 million ZEC currency units mined over time, 90% will be distributed to miners and 10% will be distributed as a Founder’s Reward over the first four years to a combination of investors, founders, and the ZCash Company, which oversees primary development of the protocol. Early investors in ZCash include Pantera Capital, Digital Currency Group, Fenbushi Capital, and Naval Ravikant among others, who purchased 131,250 ZEC for $2 million. After four years, the reward per block halves, and all of the block rewards accrue to miners. Zcash’s Founder’s Reward design is an early attempt with the cryptoasset space to align stakeholders and motivate, in particular, the core developers to continue work on the protocol through the Zcash Company. The network was launched in October 2016 with a trusted setup process, where the Zcash founder Zooko Wilcox and early cryptocurrency adopters such as Coin Center’s Peter Van Valkenburgh and Bitcoin developer Peter Todd participated in a transparent process to generate the cryptographic keys necessary for launching the network.

zCashdark.png

Recent News

zCash community governance poll shows widespread support for Founder's Reward continuance.

In November, the zCash community voted on a variety of proposals about the long-term funding structure for the network. The current Founder's Reward allocates 20% of the block reward to a combination of the Electric Coin Company, the zCash Foundation, and early investors. The majority of the recent proposals called for the continuance of the 20% reward, though with varying allocations to specific groups and generally not including early investors. Though this poll is not binding, it does signal a likely future direction, with final implementation scheduled for late 2020.

December 7, 2019

Sources:

Electric Coin Company

zCash community considers long-term governance structure and funding.

zCash has a Founder's Reward that allocates 10% of the total ZEC supply to a variety of early investors, team members, the zCash Foundation, and the zCash Company. This ongoing reward expires in late 2020, and it is uncertain under the current protocol rules how ongoing funding for developing and management will be maintained after this time. As a result, a variety of community members (including funds with positions in ZEC) have proposed alternative management structures that would implement a new form of ongoing funding, though potentially managed in a different corporate structure. The community has not decided on the proposals yet, which would likely be implemented as a fork in late 2020. Additionally, the Company recently agreed to share rights to the zCash trademark with the Foundation, aiming to further decentralize the network.

November 9, 2019

Sources:

moreCoinDesk

Coinbase reinstates UK banking relationships.

In August, Coinbase suspended GBP transfers following a breakup with Barclays. The exchange will now permit bank deposits and withdrawals through ClearBank. As part of the partnership, Coinbase was required to delist zCash trading access to UK citizens.

October 4, 2019

Sources:

CoinDesk
Load More
Show projects Article List
Sort icon: direction descending
Project Added as Signal
9d
Nexus Mutual is a blockchain-based, protocol-enabled mutual insurance fund operating on Ethereum and owned entirely by its members, who buy into the fund by purchasing NXM tokens.
Project Added as Signal
37d
Gods Unchained is a decentralized trading card game that uses the ERC-721 non-fungible token standard to establish on-chain ownership of cards to be used in off-chain gameplay.
Project Added as Signal
47d
Synthetix is a decentralized synthetic asset issuance protocol consisting of an Ethereum-based smart contract, an exchange, and a dApp to facilitate smart contract interaction.
project icon for zrx
ZRX
Profile Updated
52d
Update on 0x v3, including protocol fees, staking incentives, and liquidity pooling with Uniswap, Kyber, and Oasis.
No icon fallback
LUNA
Project Added as Signal
61d
Terra is an algorithmically-governed, seigniorage share style stablecoin blockchain platform to which a collection of fiat-pegged tokens and a stabilizing cryptoasset, Luna, are native.
Profile Updated
78d
Stellar Development Foundation burns 55 billion XLM from its reserves, over half of the total supply, and removes the ongoing inflation to current token holders. The SDF had previously earmarked these tokens for community airdrops and ongoing organization funding.
Project Added as Signal
93d
Nervos is a public, PoW-based smart contract platform that utilizes off-chain computation in service of transaction scalability and implements a unique token emissions mechanic that imposes a perpetual cost for on-chain data storage.
Profile Updated
104d
Supply Information added.
project icon for beam
BEAM
Profile Updated
107d
Supply Information added.
project icon for grin
GRIN
Profile Updated
107d
Supply Information added.
Profile Updated
109d
Supply Information added.
Profile Updated
109d
Supply Information added.
project icon for siacoin
SC
Profile Updated
109d
Mining Information added.
project icon for dash
DASH
Profile Updated
111d
Mining and Supply Information added.
Profile Updated
111d
Mining and Supply Information added.
Profile Updated
114d
Mining and Supply information added.
Profile Updated
114d
Mining and Supply Information added.
project icon for kin
KIN
Project Removed as Signal
122d
Kin removed as Signal.
project icon for simple
OST
Project Added as Signal
122d
OST added as Signal.
Profile Updated
136d
Signal profile updated.
Project Added as Signal
150d
Edgeware added as Signal.
Profile Updated
152d
Ethereum Classic profile added.
project icon for steem
STEEM
Profile Updated
164d
Signal profile updated.
Profile Updated
164d
Signal profile updated.
project icon for neo
NEO
Profile Updated
164d
Signal profile updated.
No icon fallback
KLAY
Project Added as Signal
164d
Klaytn added as Signal.
No icon fallback
ALTG
Project Added as Signal
170d
Althea added as Signal.
Profile Updated
177d
Signal profile updated.
No icon fallback
UMA
Project Added as Signal
184d
UMA added as Signal.
No icon fallback
LIBRA
Project Added as Signal
184d
Libra added as Signal.
Project Added as Signal
190d
Chainlink added as Signal.
Profile Updated
196d
Signal profile updated.
Profile Updated
202d
Signal profile updated.
project icon for chia
CHIA
Profile Updated
208d
Signal profile updated.
project icon for bitfinex-leo
LEOTOKEN
Project Added as Signal
214d
Bitfinex LEO added as Signal.
project icon for coda
CODA
Profile Updated
220d
Signal profile updated.
Project Added as Signal
226d
Paxos added as Signal.
project icon for celo
CELO
Project Added as Signal
232d
Celo added as Signal.

You've reached the end of the list

project icon for zcash

Zcash

ZEC
$51.81
7.35%
Positive delta icon

Zcash is a cryptocurrency launched in late 2016 offering optional privacy features through zk-SNARK technology.

Overview

STATUS

MARKET CAP

BLOCKCHAIN

TOKEN TYPE

Live status icon
Live
$451MM
Native token icon

zCash

N/A

FUNDING SOURCE

AMOUNT RAISED

SECTOR

Equity Funding

$1MM

Cryptocurrency

Project Profile

Zcash relies on zk-SNARKs (zero-knowledge Succinct Non-interactive ARgument of Knowledge), a type of non-interactive zero-knowledge proof, to prove to viewers that a commitment for a transaction on the Zcash blockchain has been satisfied, without revealing the commitment’s details. This technology, combined with technical extensions to the original Bitcoin protocol, allows a Zcash user to obscure the sender, recipient, and value of a transaction. The only information visible is a proof that a valid transaction took place. A summary of zk-SNARKs’ uses can be found here. Notably, the privacy features are optional, in contrast to Monero’s default privacy features. Like many early altcoins, Zcash is a code fork of Bitcoin, but did not inherit prior Bitcoin balances at the time of fork. Zcash uses a 2.5 minute target block time, a max block size of 2mb, and a halving interval of four years.

Zcash is an implementation of zerocash, an extension to Bitcoin invented in 2014, and is designed to provide anonymous transactions by minting Bitcoin, or non-anonymous basecoins whose blockchain the Zerocash protocol is implemented besides, into anonymous Zerocash coins. Zerocash was an improvement over the prior zerocoin protocol meant to improve bitcoin by allowing “users to mix their own coin”, essentially by using cryptography to conceal which outputs are linked to which inputs. Zcash supports both ‘transparent’ transfers of value, which function similarly to Bitcoin transactions, and ‘shielded’ transfers of value, which utilize zk-Snarks to provide privacy features. Transparent addresses begin with ‘t’ and shielded addresses begin with ‘z’, though it is possible to send transactions between different address types.

Zcash privacy protections depend on the number of shielded transactions, as this determines the ‘anonymity set’ that obscures any individual transaction; throughout Zcash’s history, the overwhelming majority of transactions have not been shielded and have offered no protections beyond those on the Bitcoin network. Partially in response, the Sapling network upgrade improved shielded transactions’ efficiency by reducing the amount of data needed to be stored on-chain. Multi-signature transactions can be used with transparent transactions.

Protocol Details

Zcash transactions can contain regular inputs, outputs and scripts to perform transparent transfer of value like in Bitcoin.  This regular transaction would remain pseudonymous like in Bitcoin - the amount, sender and recipient of the transaction is visible.  However, Zcash transactions can also be made to be protected, meaning that the amount, sender and recipient are hidden. Protected transactions contain what are called in the Zcash documentation JoinSplit descriptions, which describe JoinSplit transfers (similar to “Mint” and “Pour” transactions in Zerocash) which take as input a value and up to two notes, and from this produce a second value and up to two output notes.

Notes (called coins in Zerocash) are objects which specifies two values: an amount and a paying key.  Paying keys are components of payment addresses which are used to receive notes, generated from a spending key component (think public addresses and private keys in Bitcoin).  There are also note commitments and nullifiers (known as serial numbers in Zerocash) cryptographically associated with each note.  The nullifier is computed from the note’s spending key and is connected to the note commitment, though it is essentially impossible to correlate the note commitment with its corresponding nullifier without knowledge of the spending key (the private component of the paying key).  In transactions, output nullifiers are concealed from anyone without the viewing key, discussed more below.

Input note nullifiers are “spent”, and therefore revealed to prevent double spending, essentially “nullifying” the values of the transaction.  This is because users are not allowed to use two same nullifier values twice on the chain without invalidating the block that tried to double spend. However, output notes are concealed until someone can prove ownership of the spending key and move those coins, in which they will create a new transaction, revealing the previously concealed nullifiers as inputs to prove the coins as spent.

Zcash transactions also include JoinSplit statements containing a zk-SNARK, which is the fundamental technology for Zcash’s anonymity.  Zero-knowledge proofs are methods by which a party may prove validity of an assertion without sharing any other details.  A similar concept is already employed in Bitcoin with asymmetric cryptography involving public/private key pairs.  For example, users sign transactions with their private keys to prove they own the Bitcoins of a corresponding public key.  Verifying this by processing the signature and public key with algorithms verifies this to be true, even though the private key is not known by anyone except the owner of those coins.  SNARKs are more complex forms of zero knowledge proofs which can be used for more advanced implementations in special functions.  A very simplified way to think of it is a system designed in such a way that when you observe the SNARK signature it will prove to you that said function evaluates true, even if you don’t necessarily know the input or other details.  zk-SNARKs also have uses in Ethereum.

In the case of Zcash, the SNARKs within JoinSplit descriptions provide zero-knowledge proof that the spender had knowledge of the input notes private spending keys without divulging them, that the entire transaction is signed in a way that it cannot be modified without knowing the private spending keys from the input notes, and that the output notes are created in a way that collisions with other nullifiers will be impossible.  This proves to outside observers who aren’t permissioned to see details of a transaction that this block is valid and all the details are correct.  It proves that a commitment for another spend somewhere has now been satisfied; the observer just has no idea which one.

Finally, the other component of paying addresses (think Bitcoin public address) is the transmission key, whose corresponding private key is known as the viewing key.  These keys are used “for a key-private asymmetric encryption scheme,” which essentially creates ciphertexts so that only those with the private key, also known as the viewing key, can know that that ciphertext was encrypted with the transmission key.  This is how output notes are encrypted and kept private between users on a public blockchain.  Users use their viewing key to scan for notes on the blockchain that were encrypted with their corresponding transmission key, and then decrypt them to receive their coins (equivalent to the information they need to know to create a valid spend and move those received coins).

Through zero-knowledge proofs, Zcash manages to provide evidence of the ownership of coins without being able to directly connect two transactions.  When creating transactions, the spender proves through zk-SNARK’s that commitments have been validated without revealing which inputs granted the spender those coins.  For attackers to establish a correlation between two transactions, they are faced with the possibility of said transaction to be any of all transactions on the blockchain that they are not directly in control of, or have participated in.

For more technical insight and developer material, see the Zcash whitepaper.

ZCash Mining

zCash uses the Equihash algorithm, developed by Alex Biryukov and Dmitry Khovratovich, that is memory intensive and supports efficient verification. Memory intensive algorithms require storing a large amount of data simultaneously as potential solutions are attempted, but can be easily verified once generated. Since Equihash is memory intensive, mining power is a function of how much RAM the machine has. Such rapid verification times are highlighted in zCash’s case in order to support the development of light clients requiring minimal hardware. Early in zCash’s protocol development, Equihash was thought to be ASIC-resistant because of its memory-hardness, and hobbyist mining was prevalent. However, in 2018 Bitmain introduced the Antminer Z9 ASIC, which led to a significant rise in hash rate. In response, the zCash Foundation has prioritized research into ASIC-resistance, but has not taken a technical position. As of late 2019, there are multiple ASIC manufacturers including Bitmain, Innosilicon, and PandaMiner; the majority of network hash rate is controlled by a handful of pools.

Asset Details

Zcash uses the Equihash Proof of Work algorithm, which allows for very efficient memory-oriented mining optimized for CPU/RAM. The Zcash monetary base is the same as Bitcoin, but, of the maximum 21 million ZEC currency units mined over time, 90% will be distributed to miners and 10% will be distributed as a Founder’s Reward over the first four years to a combination of investors, founders, and the ZCash Company, which oversees primary development of the protocol. Early investors in ZCash include Pantera Capital, Digital Currency Group, Fenbushi Capital, and Naval Ravikant among others, who purchased 131,250 ZEC for $2 million. After four years, the reward per block halves, and all of the block rewards accrue to miners. Zcash’s Founder’s Reward design is an early attempt with the cryptoasset space to align stakeholders and motivate, in particular, the core developers to continue work on the protocol through the Zcash Company. The network was launched in October 2016 with a trusted setup process, where the Zcash founder Zooko Wilcox and early cryptocurrency adopters such as Coin Center’s Peter Van Valkenburgh and Bitcoin developer Peter Todd participated in a transparent process to generate the cryptographic keys necessary for launching the network.

zCashdark.png

Recent News

zCash community governance poll shows widespread support for Founder's Reward continuance.

In November, the zCash community voted on a variety of proposals about the long-term funding structure for the network. The current Founder's Reward allocates 20% of the block reward to a combination of the Electric Coin Company, the zCash Foundation, and early investors. The majority of the recent proposals called for the continuance of the 20% reward, though with varying allocations to specific groups and generally not including early investors. Though this poll is not binding, it does signal a likely future direction, with final implementation scheduled for late 2020.

December 7, 2019

Sources:

Electric Coin Company

zCash community considers long-term governance structure and funding.

zCash has a Founder's Reward that allocates 10% of the total ZEC supply to a variety of early investors, team members, the zCash Foundation, and the zCash Company. This ongoing reward expires in late 2020, and it is uncertain under the current protocol rules how ongoing funding for developing and management will be maintained after this time. As a result, a variety of community members (including funds with positions in ZEC) have proposed alternative management structures that would implement a new form of ongoing funding, though potentially managed in a different corporate structure. The community has not decided on the proposals yet, which would likely be implemented as a fork in late 2020. Additionally, the Company recently agreed to share rights to the zCash trademark with the Foundation, aiming to further decentralize the network.

November 9, 2019

Sources:

moreCoinDesk

Coinbase reinstates UK banking relationships.

In August, Coinbase suspended GBP transfers following a breakup with Barclays. The exchange will now permit bank deposits and withdrawals through ClearBank. As part of the partnership, Coinbase was required to delist zCash trading access to UK citizens.

October 4, 2019

Sources:

CoinDesk
Load More