The Altcoin Report #3: Zcash

Category / Featured posts / Press releases / Altcoin / Altcoin Report Series Published on

Next up in our Altcoin Report series: Zcash. But first, we’re happy to announce that Zcash mining contracts are available for pre-order, in preparation for it’s launch on 28th October, 2016.


What is Zcash? Why was it created?



When Bitcoin was first released, it brought an open financial system to the world. Anyone could connect without requiring permission from anyone else; anyone could extend and improve on it without permission.


However, it came with a drawback – privacy. Bitcoin allowed everyone to see the sending address, recipient address, and value of all transactions on the blockchain. Sure, they weren’t tied to a user (or computer) by default, but contamination was a possibility. People are, after all, only human. In contrast, Zcash automatically hides the sending address, recipient address and the value of all transactions – unless you have the viewing key.


The Zcash team was founded with privacy in mind: privacy for businesses; privacy for commerce. To be viable long-term, fungibility is needed – and without privacy, fungibility can’t exist. Bitcoin brought fungibility to the digital world, but Zcash is making it accessible. No longer do coins need to be tumbled; no longer do new addresses need to be generated for each transaction to ensure complete anonymity. It’s built in from the get-go.



The Technical Details, Simplified



Zcash uses a zero-knowledge proof called zk-SNARK. It stands for “zero-knowledge Succinct Non-interactive ARgument of Knowledge”. As quoted from the official whitepaper:


“A zero-knowledge SNARK (or “succinct NIZK of knowledge”) is a SNARK satisfying a zero-knowledge property. Namely, zero knowledge ensures that the honest prover can generate valid proofs for true theorems without leaking any information about the theorem beyond the fact that the theorem is true (in particular, without leaking any information about the assignment that he used to generate the proof).”

~ Snarks for C: Verifying Program Executions Succinctly and in Zero Knowledge


Why are zk-SNARK’s important? Well, suppose you wish to open a bank account in the EU, where the anti-money laundering directive is in effect. You would need to provide a scan of your passport, and maybe a personal photo. The bank would then take this information, review it, and decide whether or not you are who you say you are.


A third party needs to be trusted with that information – after all, how else would they verify you are the person on that passport? Without seeing the passport, how would they verify where you live?


But – what if there was a way to that without a third party?


That’s where a SNARK comes in. It allows us to construct a mathematical proof that a program, when executed on some input known by the user, has a particular (publically known) output – without revealing any information. There are specialized types of zero-knowledge proofs that can be implemented – for instance, a GPG key. Given the ‘public’ portion of the key, and a signature, you can prove whoever signed it has the private portion of said key.


But a zk-SNARK let’s you make such a proof for anything. Because of the magic (and mathematics) of zk-SNARKs, the blockchain is able to maintain a secure ledger of balances without disclosing the parties, or amounts involved.



The Downsides, Difficulties, and Solutions



In his blog post here, Zcash founder Zooko Wilcox talks about the difficulties of producing a system that can’t be counterfeited. Because of the mathematics of zk-SNARKs, the blockchain is able to maintain a secure ledger of balances without disclosing the parties, or amounts involved.


A SNARK requires something called a ‘public parameter’. Public parameters are numbers with a very specific cryptographic structure that is known to all parties involved in a system.


The simplest way to generate a SNARK is to have someone generate a public/private keypair, then destroy the private key. Without the private key, you can’t cheat the system. But how do you verify the private key has been destroyed? It’s known as the “cryptographic toxic waste”, and it’s an unfortunate side effect of that public parameter generation.


The Zcash team developed a secure multiparty computation for generating a public parameter. In their own words:


We’ve devised a secure multiparty computation in which multiple people each generate a “shard” of the public/private keypair, then they each destroy their shard of the toxic waste private key, and then they all bring together their shards of the public key to to form the SNARK public parameters. If that process works — i.e. if at least one of the participants successfully destroys their private key shard — then the toxic waste byproduct never comes into existence at all.”

~ How to Generate SNARK Parameters Securely


Inherently, Zcash relies on trust – but, the system ensures that the “private key will be destroyed unless all of the participants are dishonest, or compromised.” The participants of the system, however, are comprised of some of the best scientists, engineers and advisors in the cryptographic world – unless they all conspired (and ruined their personal reputations in the process), the system remains secure.


If you want further information about this: One of the engineers of Zcash, Daira, posted a simple summary of how Zcash works here.


Mining Zcash



Zcash uses a proof-of-work algorithm known as Equihash. It’s designed to bridge the gap between large farms, and the average miner by using a problem that is not only difficult for computers to solve (the generalized birthday problem), but relies on hardware that average computers have – RAM. Your hashing power is limited based on the capacity and speed of your RAM, as opposed to the raw computational power that GPUs and ASICs provide.


It’s also one of the most famous computer science and cryptography concepts. It’s been widely studied by experts in their fields – any significant breakthroughs would have been documented. Because of this, Equihash is also difficult to optimize, which means it’s unlikely for a select few miners with access (or funds) to ‘private’ optimizations to have an advantage.


Zcash will start with a slow mining period on launch which is 34 days. The reward will rise linearly from 0 to 12.5 within 34 days and will receive the maximum reward at 1st of December 2016.


The Reward Schedule



Zcash’s monetary base is identical to Bitcoin – 21 million Zcash currency units (referred to as ZEC) will be mined over time. At first, the reward per block (every ten minutes) will be 50 ZEC – 80% of these coins will go to miners, and 20% to the ‘Founders’.


Every four years, the rate of ZEC being ‘mined’ will be halved – so, the ZEC created per block will be 25, however, after those first four years, 100% of the coins will go to miners.


Zcash Block Reward


Since 50% of all Zcash is mined in those first four years, 10% of the total coin supply will be paid out to initial investors and developers. The two biggest beneficiaries of this are the Zcash Foundation – a nonprofit focusing on maintenance and evolution of protocols and software – and the Zcash Company.


You can read a little more about the rewards schedule here, and the investors here.


Current Ecosystem



Zcash will launch on the 28th of October, 2016.


The Zcash project has plans to crowdfund the development of an open-source GPU miner to even the playing field and ensure everyone has a chance to participate, regardless of their hardware. The reward is $30,000: $10,000 for a the winning CPU miner, $10,000 for the winning GPU miner, and $10,000 of prizes distributed to the Runners Up.


Additional Ressources



Official Zcash Website
Official Zcash Forums


Stay tuned for our next report!
If you’d like to start mining Zcash you can do so here!


Disclaimer: Our Altcoin Reports are provided to give an overview of available Altcoins in our mining catalogue and the cryptocurrency market. We are not affiliated with any of the development teams and we don’t guarantee the accuracy of the displayed information. Furthermore this is no investment advice.

Click to share this post
  • Share to Facebook
  • Share to Twitter
  • Share to LinkedIn