Zcash: life on the crypto roller coaster

Suppressed in Japan. Championed in New York. Accused of betraying the billion-dollar community he created with an arcane and byzantine ritual, while accidentally solving — maybe — a transnational clandestine mining mystery. All this while leading the rollout of some of the world’s most cutting-edge cryptographic technology into production.

It’s been an interesting six months for Zooko Wilcox, cryptographer, engineer, and CEO / driving force behind Zcash, one of the world’s most valuable, technically interesting, and politically fraught cryptocurrencies. Thoughtful, soft-spoken, quick to laugh, and eager to see all sides of every issue, he doesn’t seem like a man to inspire bans and rancor. But that’s the crypto world for you, these days.

When it comes to Zcash, “crypto” means both “cryptocurrency” and “cryptography,” for once. It is essentially a fork of Bitcoin which uses a mindbending branch of mathematics known as “zero-knowledge proofs” (which I’ve been writing about for years…) implemented in a form known as “zk-SNARKs,” to allow users to preserve their privacy by concealing both the participants and the amount of any given transaction, even though it is recorded on and guaranteed by Zcash’s public blockchain.

This privacy makes it a knee-jerk target of thoughtless governments and regulators, in the same way that cryptographic protection of your phone’s messages and data has become a knee-jerk target of law enforcement agencies who protest that they are “going dark.” Recently, in the wake of a $500 million hack of Japanese exchange Coincheck, which has been linked with North Korea, Japan’s financial regulator cracked down on privacy-preserving cryptocurrencies … even though they were not what had been stolen.

Zcash is not the only privacy-preserving cryptocurrency, of course; others include Monero and Dash. But it is the most cutting-edge. To an extent this has hampered it, as the first version of its zk-SNARK transactions were quite costly to process. Zcash has recently rolled out a new alpha version with remarkable improvements, though — you don’t often see a 98% improvement in anything in engineering — and we can expect a steady rise in zk-SNARK transactions once this hits its mainnet.

This vanguard position has not gone unnoticed. Ethereum made zk-SNARK primitives available to developers as part of its Byzantium release last year, though they have not yet been widely used. JPMorgan Chase has partnered with Zcash to implement privacy technology in its own corporate blockchain research. Perhaps as a result of this, and/or a deeper understanding that privacy is in fact important to the financial industry, New York State’s Department of Financial Services recently named Zcash as one of the six approved cryptocurrencies on the heavily regulated Gemini exchange. Yes, even as it was being suppressed in Japan. We live in interesting times.

Meanwhile, Zooko is being accused by his own community of turning turncoat. The reason? ASICs.

To oversimpify: (Almost) every cryptocurrency is secured by “miners” who prove they have solved computationally intensive problems, in order to show it would be impossible for anyone to have overwritten the consensus record of transactions unless they control more than half of the network’s computing power. In exchange for this service they get shiny new cryptocoins.

Bitcoin mining has long been taken over by mining companies / consortiums who use custom-built “application-specific integrated circuit,” chips to mine with hardware specifically dedicated to solving these problems, known as “hash functions,” with speed and energy efficiency that general-purpose processors cannot match.

In an attempt to democratize mining, many third-wave cryptocurrencies chose hash functions which were thought to be ASIC-resistant. Zcash was among them. However, ASIC designers are smart people too, and have announced ASICs for essentially all cryptocurrencies. Interestingly, when an ASIC was announced for Monero, its developers promptly changed their hash function to foil the would-be miners … and their “hash rate” dropped by nearly 50%, indicating that someone had likely secretly been mining Monero with ASICs for some time.

This is big business. Across all cryptocurrencies tens of millions of dollars a day are at stake, not even counting the costs of a so-called “51% attack” which have victimized a few smaller currencies of late. So when ASICs for Zcash were announced, and Zooko did not immediately move to change the hash algorithm as Monero did, he was accused of betrayal, and of being in the pocket of Jihan Wu, CEO of the miner manufacturer Bitmain and, if you believe the frothier corners of some cryptocurrency subreddits, all-around evil crypto boogeyman.

Every tradeoff in a billion-dollar market is going to hurt someone. In this case, on the one hand, you’d want the stereotypical “Venezuelan with a GPU miner,” who’s providing for their family with Zcash, the opportunity to keep doing so; on the other, ASIC mining means more dedicated hardware keeping the entire Zcash network more secure. Onn the gripping hand, drastic changes in mining capacity raise the spectre of a 51% attack. Zooko’s current notion is to try to support both GPU and ASIC miners, by dividing the mining rewards between them.

In passing he may have accidentally solved the secret Monero mining mystery. A fascinating thing about the cryptocurrency world, a way in which it’s increasingly a synecdoche for global geopolitics, is that it’s divided between a Chinese sphere and a Western sphere, and the two seem to be mostly tethered by bonds of mistrust, miscommunication, and misinterpretation.

Zooko was less inclined to believe that Jihan Wu was a Bond villain, because, as he puts it, “I’ve met him, at a conference in Buenos Aires, and he just seemed like a nerd like the rest of us. And I like nerds!” So he decided to communicate; he called up Wu and asked him if he was responsible for the stealth mining, and found Wu’s denials convincing. Then he called up Innosilicon, the other main mining company, asked if they had a Monero mining farm going back to last year, and received the hilariously casual answer “Yeah, I think so?” None of this is at all dispositive, of course — but it speaks to how the crypto world often seems to run on rumor and rancor more than open communication.

While we’re on the subject of conspiracy theories: perhaps the single most colorful thing about Zcash is that in order for its zk-SNARKs to work, they have to be initiated by a group of participants who must construct and then discard secret information. If they don’t, and if they subsequently collaborated, they’d then have the ability to create free Zcash out of thin air. Zcash was initiated with a complex six-person ritual, and if any one of those people was honest then the Zcash network is free of this so-called “toxic waste” taint … but obviously this still isn’t optimal, and is a breeding ground for beliefs of betrayal.

However, this underpinning can be replaced. Zooko is looking into new cryptographic developments such as “STARKs” and “bulletproofs” which provide even stronger guarantees. He envisions a world of “non-custodial exchanges,” where people can trade cryptocurrencies without ever giving up control of them. He’s plotting to implement Ittay Eyal and Emin Gun Sirer’s “Bitcoin-NG” protocol to scale Zcash up by an order or two of magnitude.

Meanwhile, the Secret Service has called for action on privacy-preserving cryptocurrencies like Monero and Zcash — after citing numerous cryptocurrency thefts which, er, were not of those currencies — and they’ve felt compelled to respond. All this a week before the Zcon0 developer conference he’s organized this week in Montreal … which will doubtless be attended by some people who consider him a sellout in the pocket of the evil Jihan Wu. I’ll say this for the cryptocurrency world: it’s rarely boring, and for better or worse, Zcash may well be its least boring front.

Related Post

Leave a Reply

Your email address will not be published.

thirteen + 9 =