Zcash supports four transaction types: public, shielding, deshielding, and private. A shielding transaction happens between a z-address and a t-address. The balance of the z-address is private, however, the amount transferred out and the balance of the receiving t-address is public. A private transaction happens between two z-addresses. The balance of both z-addresses and the amount transferred between them is private. The following image illustrates the four different Zcash transaction types:.
Learn more about Zcash on Cryptopedia :. View all. The pricing data and asset description above are for general informational purposes only and are not investment advice. Buying, selling, and trading cryptocurrency involves risks. You should consult with your own appropriately qualified and licensed advisors before engaging in any transaction on Gemini. Some data is provided by Messari , a third party that is not affiliated with Gemini. To accept bitcoin for cocktails the bartender puts that address on a poster behind the bar in the form of a QR code so it would look something like this courtesy of Room77 in Berlin :.
Patrons at the bar can take a picture of that code with their smartphone and use a bitcoin wallet app to pay that address for their drinks. Trouble is, anyone can look that address up in the Bitcoin blockchain and see every incoming transaction and the total amount of bitcoin sitting in that address. If we look up that information, then we have at least some idea of how rich the bartender is good information for a would-be robber , and how successful the bar has been good information for the competing bar next-door.
This poor privacy can be marginally improved by having your Bitcoin wallet generate a new payment address every time you want to be paid. So the bartender would now show each customer a new and different QR code to pay his or her individual tab.
But the basic issue remains. Often those separate balances will be combined to fund an outgoing transaction. Perhaps the bartender wants to pay her rent with bitcoins she has received from patrons, but that single rent transaction is larger than any single payment from a patron.
The bartender will need to use several of her receiving addresses to pay the rent, and all those addresses are then combined in a transaction message that ends up in the blockchain. To be truly private, a bitcoin user needs to take all kinds of technical precautions: never using the same payment address twice, avoiding recombining payment addresses as inputs for later transactions, sending funds to mixing services that will shuffle bitcoin balances amongst a bunch of other bitcoin users and hopefully not run off with their money , using Tor or other private Internet services to make it harder to link geographic data from IP addresses to transaction messages; the list goes on.
As a result, Bitcoin as currently specified creates a perverse outcome: sophisticated criminals might be able to squeeze some anonymity out of the system, but your average innocent user gets no privacy whatsoever. The Zcash network uses modified Bitcoin software to allow users a choice whenever they transact. If two people transact with shielded addresses, the Zcash blockchain will not record the details of that transaction publicly.
All of those details are things that otherwise would be used to identify them: things like the amount of Zcash just sent and received and the addresses of the payor or payee. With Zcash shielded addresses, all of that information is encrypted or kept secret from the public. Of course, that raises an important question. How do the users of the Zcash network know that no new money was created in a private transaction?
How do we know that the sender did not just counterfeit new Zcash instead of sending you her existing balances? In Bitcoin you know that there has been no counterfeiting because the blockchain has an indelible record of all transactions that is complete with details like amount sent, sender address, and recipient address.
That blockchain record goes all the way back to the beginning of the network, and if you sum up all the transactions you will get a number of Bitcoin in circulation that is only the amount of bitcoins legitimately mined so far mined. This gives us confidence that bitcoins are only being created according to the rules of the software; no fishy counterfeiting is taking place.
So how can we be sure that there is no counterfeiting in Zcash if we cannot see all of the individual transaction records on the blockchain? This is where the new Zcash technology comes in. Zcash uses cutting edge math and science to create a privacy protecting blockchain. So in the case of payments made to and from a shielded Zcash address, using a zk-SNARK built into the protocol software, the network can prove to any user that, on-net, all outgoing transactions equal all incoming transactions i.
Financial institutions are legally required to comply with anti-money laundering and anti-terrorist financing laws and regulations. Can these institutions use a payment system and currency that leaves no record of individual transactions? That system is called cash and just about every financial institution in the world uses it. Cash transactions are still much more opaque than any cryptocurrency transaction, even a Zcash transaction from a shielded address.
Just as financial institutions can accept and hold your cash without running afoul of the regulations, they can accept and hold Zcash as long as they continue to keep their own internal records as they are required to do by law. The responsibility to comply with things like the Bank Secrecy Act a financial surveillance law in the U. This approach to compliance is also arguably better than compliance using traditional pre-blockchain banking. Two relevant technical concepts are view keys and memos.
Every shielded address comes with what we call a view key that is generated for the holder of the address. She can choose to share this view key with anyone else in the world.
A large portion of these renditions have attempted to concoct some upper hands opposite bitcoin, and keeping in mind that few have seen premium, many work with a little market capitalization, volumes and flow. Enter Zcash, a decentralized and open-source digital currency, which looks encouraging. Zcash offers protection and specific straightforwardness of exchanges.
Along these lines like https, Zcash cases to give additional security or protection where all exchanges are recorded and distributed on a blockchain , however subtle elements, for example, the sender, beneficiary, and sum stay private.
Zooko Wilcox, Founder and CEO of Zcash, told Investopedia, "Zcash is another blockchain and cryptographic money which permits private exchanges and by and large private information in an open blockchain. This permits organizations, buyers, and new applications to control who gets the chance to see the points of interest of their exchanges, even while utilizing a worldwide, authorization less blockchain.
Zcash offers its clients the decision of 'protected' exchanges, which take into account substance to be encoded utilizing progressed cryptographic strategy or zero-learning evidence development called a zk-SNARK created by its group. These developments guarantee legitimacy of exchanges and also secure record of parities without giving out some other data, for example, gatherings or sum included.
Consequently Zcash offers an additional element over bitcoin, while guaranteeing that no one is conning or taking. Zcash has caused a considerable measure of debate for its technique for appropriating the digital money. The association isn't set up as an opensource group yet as a Company. This is the principal significant distinction to Bitcoin and other cryptographic forms of money, for example, ethereum.
The second significant distinction is the means by which they intend to compensate financial specialists and laborers in the Company which is by a duty on mining rewards called "Organizers remunerate". The premine has been the worst thing about all cryptographic money fans - however the line has turned out to be obscured between what is correct and what isn't right. In any case, in the meantime the computerized money makers should be boosted to keep the venture running and they frequently do this by propelling a digital currency and issuing coins to different individuals which are then dumped available discouraging the cost - the engineer soon loses premium and the task is left sitting.
With Zcash they have adopted an alternate strategy and have taken cash from financial specialists in the organization to make the cryptographic money before discharging it. To a few people this has been causing concern and wrath as they feel that the financial specialists are utilizing the system to unreasonably enhance themselves by the power that they control. In some ways however this approach is sensible as it adjusts the long haul objectives of the Zcash people group and the Company - i.
The flipside is they are not revealing who gets what from the mined coins - i. The other point is that Zcash is being pushed by one of its speculators - the Digital Currency Group, which possesses an expansive level of the media outlets engaged with the cryptographic money space inciting some to blame ZCash for being a result of corporate insatiability. Zcash encrypts the contents of shielded transactions. Since the payment information is encrypted, the protocol uses a novel cryptographic method to verify their validity.
Zcash uses a zero-knowledge proof construction called a zk-SNARK, developed by our team of experienced cryptographers based on recent breakthroughs in cryptography. These constructions allow the network to maintain a secure ledger of balances without disclosing the parties or amounts involved.
Instead of publicly demonstrating spend-authority and transaction values, the transaction metadata is encrypted and zk-SNARKs are used to prove that nobody is cheating or stealing. Zcash also enables users to send public payments which work similarly to Bitcoin.
With the support for both shielded and transparent addresses, users can choose to send Zcash privately or publicly. Zcash payments sent from a shielded address to a transparent address reveal the received balance, while payments from a transparent address to a shielded address protect the receiving value.
Zcash is a private cryptocurrency that supports transparent and shielded transactions. Before using Zcash, review our privacy and security recommendations to learn more about its privacy enhancing properties and learn how to use shielded transactions correctly. Visit our technology page to learn more about the cryptography behind Zcash.
For example, given the hash of a random number, the prover could convince the verifier that there indeed exists a number with this hash value, without revealing what it is. In a zero-knowledge "Proof of Knowledge" the prover can convince the verifier not only that the number exists, but that they in fact know such a number - again, without revealing any information about the number.
The difference between "Proof" and "Argument" is quite technical and we don't get into it here. Currently, the only known way to produce zero-knowledge proofs that are non-interactive and short enough to publish to a block chain is to have an initial setup phase that generates a common reference string shared between prover and verifier.
We refer to this common reference string as the public parameters of the system. If someone had access to the secret randomness used to generate these parameters, they would be able to create false proofs that would look valid to the verifier. For Zcash, this would mean the malicious party could create counterfeit coins. To prevent this from ever happening, Zcash generated the public parameters through an elaborate, multi-party ceremony.
To learn more about the math behind the parameter generation protocol, read our blog post or whitepaper on the topic. At a high level, zk-SNARKs work by first turning what you want to prove into an equivalent form about knowing a solution to some algebraic equations. In the following section, we give a brief overview of how the rules for determining a valid transaction get transformed into equations that can then be evaluated on a candidate solution without revealing any sensitive information to the parties verifying the equations.
Looking at such a circuit, we can think of the input values a, b, c as "traveling" left-to-right on the wires towards the output wire. In this R1CS representation, the verifier has to check many constraints — one for almost every wire of the circuit. For technical reasons, it turns out we only have a constraint for wires coming out of multiplication gates. The single constraint that needs to be checked is now between polynomials rather than between numbers.
The polynomials can be quite large, but this is alright because when an identity does not hold between polynomials, it will fail to hold at most points. Therefore, you only have to check that the two polynomials match at one randomly chosen point in order to correctly verify the proof with high probability. If the prover knew in advance which point the verifier would choose to check, they might be able to craft polynomials that are invalid, but still satisfy the identity at that point.
The public parameters described above are used to determine which point will be checked, but in encrypted form so that neither the prover nor the verifier know what it is. You can inspect the code and learn more about our implementation on github. In Bitcoin, transactions are validated by linking the sender address, receiver address, and input and output values on the public blockchain. Zcash uses zk-SNARKs to prove that the conditions for a valid transaction have been satisfied without revealing any crucial information about the addresses or values involved.
The sender of a shielded transaction constructs a proof to show that, with high probability:. The private spending keys of the input notes are cryptographically linked to a signature over the whole transaction, in such a way that the transaction cannot be modified by a party who did not know these private keys.
Bitcoin tracks unspent transaction outputs UTXOs to determine what transactions are spendable. Zcash nodes keep lists of all the commitments that have been created, and all the nullifiers that have been revealed. Commitments and nullifiers are stored as hashes, to avoid disclosing any information about the commitments, or which nullifiers relate to which commitments. When a shielded transaction is spent, the sender uses their spending key to publish a nullifier which is the hash of the secret unique number "rho" from an existing commitment that has not been spent, and provides a zero-knowledge proof demonstrating that they are authorized to spend it.
This hash must not already be in the set of nullifiers tracking spent transactions kept by every node in the blockchain. The zero-knowledge proof for a shielded transaction verifies that, in addition to the conditions listed above, the following assertions are also true:. It is infeasible for the nullifier of an output note to collide with the nullifier of any other note. In addition to the spending keys used to control addresses, Zcash uses a set of proving and verifying keys to create and check proofs.
These keys are generated in the public parameter ceremony discussed above, and shared among all participants in the Zcash network. For each shielded transaction, the sender uses their proving key to generate a proof that their inputs are valid. Other methods of providing privacy for cryptocurrencies rely upon obscuring the linkage between transactions, but the fact that Zcash transactions can be stored on the blockchain fully encrypted opens up new possibilities for cryptocurrency applications.
Encrypted transactions allow parties to enjoy the benefits of public blockchains, while still protecting their privacy. Planned future upgrades will allow users to selectively disclose information about shielded transactions at their discretion. See our Near Future of Zcash blog post on future plans for Zcash. For a more in-depth explanation of how shielded transactions are constructed in Zcash, see our blog post on How Transactions Between Shielded Addresses Work.
For full details on the current Zcash protocol, refer to our protocol specification. Theoretically, you can use a zk-SNARK to verify any relation without disclosing inputs or leaking information. Generating proofs for complex functions is still too computationally intensive to be practical for many applications, but the Zcash team is pushing the boundaries for optimizing zk-SNARKs, and is already breaking new ground with more efficient implementations.
As it currently stands, Zcash's implementation of zk-SNARKs can be added to any existing distributed ledger solution as a Zero-knowledge Security Layer for enterprise use cases. The scientists on the Zcash team are among the most knowledgeable researchers of zk-SNARKs in the world, and are constantly working on coming up with new applications and improving the efficiency of zero-knowledge protocols. If you have a business need that could benefit from the application of zero-knowledge proofs or blockchain solutions with robust privacy, get in touch with our business development team.
The goal of Zcash Foundation is to fund the development process through. However, the future of the organization is actively discussed in the Zcash community, since at the end of , the miners will stop sponsoring the Zcash Foundation. However, not everything is so scary, both companies ECC and Zcash Foundation have accumulated certain stocks of coins, which they should be enough for several years with the current ZEC course.
Current block reward for miners is The official roadmap of the project is planned for release until the end of January , specific changes in each interval are not indicated, a voting period takes place before planning for each release. A group of researchers at the University of Maryland and Cornell published a report on decentralized smart contracts with transactions protected by cryptographic algorithms.
Their project is called Hawk and the Zcash team, apparently, plans to implement this technology into its blockchain. More information about the report can be found here. Zcash developers recommend and advise only their official Zcash Desktop wallet, which can be downloaded here. However, ZEC is quite a popular coin, which is supported by a large number of third-party wallets. Here are some of them:. Zcash ZEC is a wonderful coin that has earned trust among the cryptocurrency community as well as in the traditional financial world.
Nevertheless, will be a crucial year for the project, which will reduce the reward for the unit and decide the fate of the developer remuneration mechanism. Let us hope that the community and the developer will come to a consensus on this issue, and the value of the asset will grow significantly!
Disclaimer: This article about Zcash ZEC should not be considered as offering trading recommendations.
Zcash is a digital currency with strong privacy features. Transact efficiently and safely, with low fees, while ensuring digital transactions remain private. ZCash (ZEC) is a decentralized and anonymous payment system. It is an enhanced, transaction-shielded fork of Bitcoin. Zcash is a cryptocurrency aimed at using cryptography to provide enhanced privacy for its users compared to other cryptocurrencies such as Bitcoin. Zcash is based on Bitcoin's codebase. It shares many similarities, such as a fixed total supply of.