When Zcash, the privacy-preserving protocol, forked off of Bitcoin in 2016, it was one of the first large-scale commercial uses of zero-knowledge proofs. Since then, the team developing Zcash have continued to innovate – pushing the boundaries of computer science and cryptography.
This year has been no different. In an interview with CoinDesk, Zooko Wilcox, CEO of the company leading Zcash development, the Electric Coin Company (ECC), discussed the protocol’s much-anticipated NU5 upgrade that went live in May.
The upgrade did many things – it came with a shiny new wallet and software development kit – but above all radically improved privacy across the network while reducing the amount of trust anyone needs to have in Wilcox, ECC or Zcash itself to transact anonymously.
And it couldn’t have come at a better time. In August, the U.S. Treasury Department levied unprecedented sanctions against the crypto-mixing service Tornado Cash, effectively barring U.S. users from concealing their blockchain history on Ethereum.
“This was the year the crypto industry woke up to the fact that fully transparent protocols are vulnerable. They’re capturable. They’re attackable. And this is what we’ve always believed; like, this is why we started Zcash,” Wilcox told CoinDesk.
Zcash’s 2022 overhaul saw the introduction of a new type of zero-knowledge proof system called Halo (zero-knowledge refers to a system where someone can prove they know information without revealing that information). Developed by ECC engineer Sean Bowe, Halo is said to be the first “trustless and recursive” ZKP. These are “technical terms,” Wilcox said, while removing his retainer – but it’s a big deal.
Today, almost all encrypted apps and protocols are built on top of something called a “trusted setup,” a special type of procedure where private keys are generated, including Zcash. Obviously, “trust” runs antithetical to what crypto is trying to achieve – if someone gets hold of a protocol’s key, they can compromise the entire system.
This was always the critical vulnerability at the heart of Zcash, even though the protocol’s key ceremony is legendary in cryptography circles for the lengths its six participants, spread across the globe, took to maximize security.
(As it turns out, human rights activist Edward Snowden was one of the few people involved in Zcash’s weekend-long creation, privacy advocate Naomi Brockwell reported first in CoinDesk.)
“Our previous generation of zero-knowledge proofs is pretty much the gold standard throughout the industry. A lot of the science and source code we developed has been copied and reused by almost everyone,” Wilcox said. However, no matter how trustworthy Zooko or Snowden were perceived to be, they were still partial key holders and therefore centralized points of failure that had to be eliminated.
It’s likely that Halo’s new “trustless setup” will also be widely adopted and set a new bar for encryption. The practice also solves the issue that in the distant future, some people might lose faith that some key ceremony was not compromised. Now, anyone can just crunch the math to know the system is computationally secure, without having to take Wilcox’s word for it.
“We see Zcash as a fundamental, permanent part of humanity’s legacy and toolkit,” Wilcox said.
In addition to removing a gigantic attack surface on Zcash, Halo’s implementation also makes the system highly scalable by the introduction of a new kind of z-SNARK (zero-knowledge succinct non-interactive argument of knowledge) called a PLONK. (ECC’s blog said the innovation here is by “allowing any amount of computational effort and data to produce a short proof that can be checked quickly.)
In the months since the upgrade was deployed, a number of projects have started using PLONK-based privacy apps – from ZK EVMs (ethereum virtual machines) to Filecoin’s decentralized storage system and even a machine learning AI program.
Considering the “Cambrian explosion” of ZK implementations in the past half decade, and the fact the ZK proofs were mostly an arcane, academic topic since the 80s until recently, Zooko said he thinks the crypto industry’s continued experimentation “goes sort of unacknowledged.”
“The cryptocurrency phenomenon has unlocked an economic sustainability for all kinds of technological development,” he said, referring to token-based crowdfunding. “It’s really underappreciated how the economic effect of decentralized and diverse and permissionless innovation being able to get funded without having to depend on the legacy gatekeepers and controllers.”
As it turns out, the U.S. Securities and Exchange Commission took aim at Zcash this year for its controversial funding model and “premine” – alleging the project may be a security. This caused many of the few exchanges that had listed ZEC to drop it and other privacy coins, like Huobi. In fact, concerns over centralized control by Zooko and ECC over Zcash have long-plagued the project.
Zooko seems zen on that point. In our interview, he admitted to settling into the idea that he’s the face of the blockchain that resembles his name. “Having a recognizable spokesperson is pretty necessary,” he said. “But I think people are really oversimplifying and wrong if they think that Zcash depends on that.”