I have been reading more and more misleading information about Zcash on various forums like Reddit, Github, Bitcointalk, etc… Some of it may be just misinformed but it seems that a large proportion of it is
intentionally inaccurate in an attempt to discredit Zcash.
So with that in mind I have made this list of Zcash Fact vs Fiction points to address these misconceptions. The “Fictions” are the incorrect assumptions about Zcash or (more often) half-truths that are loosely based on fact but are still incorrect. All opinions are my own and do not necessarily reflect those of Zcash Company.
Fiction: The Trusted Setup can be used to compromise Zcash users Privacy
Fact: If the Trusted Setup were somehow compromised the attacker would theoretically be able to
forge coins but the
privacy of all Zcash users transactions would
still remain intact. There is
no evidence whatsoever that the first Trusted setup was compromised. And since we are on the subject; I know the Trusted Setup has been a big source of distrust among Zcash detractors despite an
elaborate ceremony which had
reporters, videos, and many first
hand accounts. So I have good news for those who don’t “trust” the “trusted” setup; the next
major upgrade to Zcash will involve a new
Multi-Party Computation (AKA Trusted Setup) with a randomness accumulator that will allow it to
scale as large as hundreds or even thousands of individuals.
Fiction: Zcash is not private by default
Fact: As soon as a miner finds a Zcash block
the first thing that must be done before the Block reward can be spent is the ZEC must be sent to a Private Zaddress. It is
coded that way and cannot be bypassed, that is the very definition of “default”. If a miner then chooses to later de-anonymize their funds then that is their choice to make. What opponents to Zcash really mean when they say “Zcash is not private by default” is that
Zcash does not force users to use Private addresses which is somehow “not as good” as other coins that don’t give users choice. The problem I have with this logic is that it implies that
you the user can’t figure out for yourself if you want to make a public or private transaction. Zcashs’ private transactions using
zkSNARKS shield the Sender + Recipient + Amount sent as well as provide the
largest anonymity set of any coin ever made. A
quick look on the Z.cash website
clearly explains the differences between public and private transactions and Zcash users are free to decide for themselves how they choose to use Zcash. Which brings us to our next fiction:
Fiction: Less than 10% of Zcash transactions are private so that compromises Zcashs total anonymity
Fact: Firstly, at the time of writing this
23% of all network transactions are shielded. Secondly, the fundamental flaw of other coins implementations of privacy such as CoinJoins/Mixers/RingCT/Tumblers/etc .. is the disconcertingly
small anonymity set that they provide. These other coins and services have
attempted to obscure your transactions by mixing your coins with other participants but those methods are
still vulnerable to a
number of
privacy attacks. With Zcash the anonymity set is every
shielded (private) transaction ever made. Thereby Zcash private transactions
still have a much larger anonymity set than any other coin
despite private transactions being relatively less popular than transparent transactions. This makes Zcash shielded transactions much more resistant to privacy attacks than any other crypto-currency.
Fiction: Zcash is Taxed 20% for a few greedy developers to get rich quick
Fact: Instead of doing a hidden pre-mine or some sketchy ICO that seems popular these days the Zcash founders decided to allocate 10% of the 21 million Zcash that will ever be issued to go to a set of addresses dubbed the “Founders Reward” The funds will be allocated from the mining rewards 20% for the first 4 years of mining and
then nothing after that. The term Founders Reward is a bad choice and misleading as to what it actually does; you can see the complete breakdown of where all the funds will be spent
in this post. You can see in that post that it’s not funneling massive amounts of coins into Zookos pockets so he can sleep on piles of money as Zcash detractors would have you believe. The funds go to
pay back the investors that helped get Zcash off the ground (no ICO remember) to
pay the developers /engineers /staff salaries so they can have full time jobs improving Zcash and to start the
non-profit Zcash Foundation. In my opinion this a far better way to fund a project because it provides a
continual incentive for the team to make Zcash better because if Zcash does poorly their pay is directly affected.
Fiction: Zcash can be “de-anonymized” or “backdoored” at any moment
Fact: This is a straw man argument and is
complete bullshit. Despite what the pundits say, regardless of Zookos tweets (that are often taken out of context), regardless of what country Zcash Company is based in; it is statistically impossible to retroactively de-anonymize Zcashs’ zero-knowledge transactions.
zkSNARKS are true
Zero-Knowledge cryptography so even if the team wanted to they couldn’t go back and link users to their transactions. If the core development team did somehow try and insert a backdoor into Zcash
the code is open source and the team would immediately be called out on it by the public and other developers who maintain the many forks of Zcash like Zen, Hush and Komodo. Furthermore Zcash is just like Bitcoin in this regard, the
node operators and miners ultimately decide what software to run. Just like the Bitcoin scaling debate, if miners and node operators don’t like the newest code put out by the development team
they can refuse to run it.
Fiction: Since Zcash Company is based in USA the Zcash network can be shut down by request
Fact: Zcash is just like Bitcoin with a widely distributed network of nodes
around the world and technically cannot be hacked or
shut down by a single person/ government/ or organization including Zcash Company
. Zooko has made it a priority to
open source the code and
decentralize management via the Zcash Foundation so that even if the Zcash Company were to be dismantled one day or somehow cease to exist, the network would still function without it.
Fiction: Zcash is “Linux only” so most people can’t use it
Fact: If you look at the usage statistics on
explorer.zcha.in you can see that 40% of the nodes are running “Bean Stalk” software which is the
Windows full node and wallet developed by David Mercer. The
Windows and
Mac versions also have a GUI to make it easier for new users who want to run a full node. You can find a list of the many types of Zcash online, hardware and local wallets that run on Windows, Mac, iOS, and Android
here. Of those listed wallets only three of them (Linux, Windows, Mac) can use Zcash private addresses. The Zcash team is
small compared to many companies. Since they have limited resources to allocate to engineering tasks they support
the community to port Zcash to different platforms like Mac and Windows.
This approach has let the team concentrate on the primary goal of Zcash, which is to make the core cryptography and protocol as efficient and as strong as possible to ensure Zcash users privacy.
Fiction: Zcash takes “several minutes” and 8GB of RAM to process a private transaction
Fact: The time and computing power that it takes to process a T-address (non-private) transaction in Zcash is identical to Bitcoin. When you want to perform a Z-address (private) transaction it takes 3.1GB of RAM and an average of 40 seconds to perform the encryption (JoinSplit) operation and send the transaction to the network for confirmation. This is based on numbers from the current release tests at
speed.z.cash. The developers know that in order to enable the use of Z-addresses on low power devices they need to make the processing more efficient. They are working on two approaches: LMP-
Low Memory Proving, reducing the RAM required for z_addresses from 3.1GB to just 40MB and Time from 40 seconds to 7 seconds allowing for the average smartphone to be able to run them. (LMP will be ready with the
Sapling Upgrade in 2018!!) and the second approach is DPT-
Delegated Proving, allowing a separate server to validate private transactions allowing for very, very lite wallets to process private transactions (like browser-plugins, apps, raspberry pi, etc..)
Fiction: Zcash has a “slow network” since private transactions are “hard” to process
Fact: If we are going to compare network speeds we have to have a baseline, so let’s compare it to Bitcoin: The target block interval for Bitcoin is every 10 mins, where with Zcash the Block interval is 2.5 mins. And Zcash has 2MB blocks (compared to 1MB for Bitcoin)
so that means that Zcash currently has roughly 8x the transaction capacity of Bitcoin. (4x as many blocks with double the capacity per Block) Next we know that Zcash has two types of Transactions, Transparent and Private. For an average transaction size of 2000 bytes in a Private Transaction (JoinSplits are at least 1.5 kB IIRC, larger for more than two inputs or outputs), that’s 6.67 tx/s for the targeted block interval of 150s. Keep in mind the team is working on reducing the JoinSplit size so that will only increase the max number of Shielded tx/s. Therefore since blocks currently contain a mix of Shielded and Transparent transactions the network limit is (currently) somewhere between 6.67 and 26.67 transactions per second which is
much faster than Bitcoin. In fact if
every single Bitcoin user were to switch to Zcash today, Zcash would still be faster and have capacity to spare.
Fiction: Zcash is not widely accepted on Darknet markets and somehow that’s a bad thing
Opinion: This last one always leaves me saying WTF? Why would you want to promote the use of your favorite crypto-currency on dark marketplaces? The only reasons I can think of are self-centeredness, greed, and short-sightedness (or a combination of all those). You really have to have your head in the sand if you think that darknet markets “don’t harm real people” because they “just let people buy drugs”. From the poor and impoverished who are forced to grow, produce, or run as mules for cartels or the funding of egregious human rights violations like human trafficking, use on darknet markets
is not something to be proud of. Zcash doesn’t need darknet markets to be successful and I hope that Zcash doesn’t ever get widely used on them.
Illegal use is often an
unfortunate by-product of any advance in technology. From Apple encrypted
cell phones to end-to-end encrypted chat like
WhatsApp or Facebooks
messenger one could argue that those all help the bad guys do their job easier but to stop the discussion there is missing the point.
Privacy is a fundamental human right and is important to preserve despite potential drawbacks because without privacy you can’t truly have individual freedoms. The same goes for digital currencies, the fundamental flaw in Bitcoin and other public ledger technology is that they allow anyone to follow your transactions. If you are a true crypto-currency proponent (regardless of which coin you support) you have to think about the big picture:
widespread adoption as a currency. What happens when we cross that threshold of major business, governments and countries accepting crypto-currencies? Do you want
anyone seeing what you stores you shop in, how much you pay in taxes, how much you get paid, what charity, organization, or political party you support, what doctor you have paid a deductible to for healthcare or private consultations?
I can’t tell you what the future holds or if we will ever get to that point of mass adoption, but I can tell you I support Zcash because I can see that Zooko and the core team believes these same fundamental truths of the need and right of individual privacy. I believe Zcashs’ cutting edge cryptography holds the ability to make true financial privacy a reality for everyone.
I hope this list will help dispel some of the misinformation/ disinformation that has been making the rounds lately, thanks for listening.
