Zcoin is an implementation of the Sigma protocol that aims to enable private digital transactions. For most of its history, Zcoin used the Zerocoin protocol which was initially proposed in 2013 as an extension of Bitcoin to enable users to exchange coins that have no transaction history. In April 2019, researchers found a major cryptography vulnerability in Zerocoin that led to the hidden inflation of the Zcoin supply. In July that same year, Zcoin switched to using the Sigma protocol, a zero-knowledge proof system that uses a combination of ring signatures and Pedersen Commitments. Sigma differs from Zerocoin in several key respects, namely: the lack of a trusted setup, much smaller transaction sizes as well as faster prover and verification times.
Zcoin launched in September 2016. Zcash did not have an ICO or public sale of tokens; rather, initial seed investors are compensated through a Founder’s Reward, similar to that in Zcash. The seed investor team includes Tim Lee, Roger Ver, and at least one anonymous investor. The project was founded by Poramin Insom and Gary Le, who left in 2016 after selling all of his coins. Poramin, who took over leadership and development, had previously founded Vertcoin and had studied under Matthew Green at Johns Hopkins University, a leading cryptographer and one of the creators of Zerocash.
In the Zcoin network, users who want to send Zcoins effectively burn Zcoins to mint new tokens directly to the intended recipient. The newly minted tokens are redeemable for new Zcoins, which have no transaction history because they were just created. The recipient can then ‘spend’ Zcoin by performing the same operations. The amount of Zcoins being burned and the identity of the burner is obscured in a zero-knowledge proof posted to the network. This process secures anonymity if enough people are burning Zcoin at the same time so that when new Zcoins are minted, it is not clear which of the burned Zcoins ‘approved’ that particular mint. In addition to its use of the Sigma protocol, Zcoin also leverages the Tor and Dandelion++ protocols, that provide users network-level privacy, in so far as they can hide a user or node's IP address and other metadata. Zcoin uses a Proof of Work (PoW) consensus model and launched with the Lyra2z hash algorithm, but now uses the Merkle Tree Proof (MTP) hash algorithm that aims to be ASIC resistant.
Zcoins are intended as a general-purpose privacy-focused cryptocurrency. Like Monero, transactions in Zcoin are by default private, due to how Zcoin are actually sent from wallet to wallet. Zcoin also has a contribution function: to be compensated as a full node, at 30% of the block reward, one needs to stake 1000 XZC. This is relatively unique among prevailing cryptocurrencies. For example, Bitcoin and Zcash have no compensation mechanism for full nodes. DASH has a staking requirement for Masternodes, but they are also involved in generating rapid and private transactions. Znodes form a queue based on time since the last payment. The 1000 XZC stake cannot be slashed or otherwise taken as a punishment, but Znodes can be penalized for excessive downtime by waiting longer to be paid. The Zcoin supply schedule was intended to mirror Bitcoin’s and Zcash’s as 21 million emitted over 100 years with block rewards halving every 4 years, but an early bug led to the creation of approximately 400,00 extra coins. The Founder’s Reward is now split 2% to Poramin Insom (founder still with the project), 6% to seed investors, and 6% to the Zcoin team.