My name is Christopher Allen and I’m a decentralized trust architect who has been working in the area of digital assets and cryptocurrency for some years. I popularized the idea of self-sovereign identity through my Rebooting the Web of Trust events, which have also worked to expand the use of blockchains. I’ve also worked at Blockstream, taught at Blockchain University, and am currently heading Blockchain Commons, which focuses a lot of its attention on improving the interoperability and security of cryptocurrency wallets. Which is why I’m now talking to the Zcash community.
Zcash embodies & promotes a lot of principles that I feel are very important. I love its accessibility, its independence, and its privacy. I often write about the need for human rights on the internet, and Zcash shows how you make that very real & practical, just as Bitcoin did before it. But Zcash’s additional focus on privacy through full encryption, which was supported by careful cryptographic design, is what makes it really shine. User independence is one of the things we’re hoping to enable with cryptocurrencies, and decentralization and user control go a long ways toward that. But you also need to avoid coercion and censorship and other problems where an external party tries to exert control over your decentralized assets, and for that you need privacy, which Zcash has.
At Blockchain Commons we detail our own vision in a set of four Gordian Principles: independence, privacy, resilience, and openness. I think Zcash is a pretty good match for those.
In particular, our focus for the last few years has been what some call Layer 0, the security of your cryptographic seeds, and your ability to recover from failure, avoid both single-points of compromise and single-points of failure.
That includes:
Animated QRs — Our first big hit with wallet developers, Animated QRs make it possible to pass larger amounts of data across an airgap than can be stored in a single QR. In particular, they allowed for the signing of Bitcoin PSBTs across airgaps between software wallets and cryptography hardware devices, but have numerous uses for transferring larger amounts of data then a traditional QR is able to do.
SSKR — We’ve built robust, security reviewed libraries to protect seeds through sharding, initially using Shamir’s Secret Sharing, but with the intent of expanding them into Verifiable Secret Sharing (compatible with FROST).
CSR — We’re currently developing servers that can be used to neutrally store SSKR shares via “Collaborative Seed Recovery” systems. We’ve created a “depo server” design, but with no deployment yet. This should be a game changer when users suddenly become able to automatically and securely store their seed shares remotely.
I’m thrilled to support Zcash developer interested in integrating any of these specifications, but I’d also love to get some projects going that would allow Blockchain Commons to more specifically support Zcash. These could include:
Inclusion of Zcash in Gordian Seed Tool (GST). GST is our iOS reference app that allows for the safe storage and backup of seeds as well as the creation of keys & addresses for Bitcoin, Ethereum, and Tezos. A Zcash extension would expand this by allowing stored seeds to be used to generate transparent, Sapling, Orchard, and/or unified Zcash addresses.
Developer Meetings. I’d be happy to host a wallet focused meeting to introduce Zcash developers to some of our specifications, and in return to get feedback on Zcash requirements that we might not currently be meeting.
FROST. I think that FROST is the next great frontier for protecting digital assets, and Zcash is in on the ground floor thanks to ZF FROST. I’d love to work with folks to make ZF FROST a practical reality for wallets.
If you’re interested in seeing any of this happen, let me know and we can make it a reality!
Note: Your “Animated QRs” link jumps to your CSR page rather than what I suspect you intended.
I didn’t see any .NET library options for your animated QR code page. Maybe we could collaborate to provide that. I’ve personally provided the .NET library for Zcash already.
Regarding your GST app, I’m curious why it creates addresses. Is it just so users can see what addresses a given seed would produce so they know if it’s the one they’re looking for? A great many Zcash addresses can be created from just one seed phrase, so I’m curious what the scope of this feature would be to add one.
We’ve got a Gordian Developers Meeting coming up next Wednesday (August 7th, 10am PDT / 1pm EDT / 7pm CEST) and we’d love to have Zcash-focused folks there. We’re going to have a special presentation on BIP-85 and will be generally talking about seed resilience, all of which cuts across platforms. Among our topics will be what we could be doing to improve seed resilience in the future, and that’s something where it would be great to get feedback from folks outside of classic Bitcoin, because seed safety is important for everyone.
There’s full info here, including the link and a reminder you can add to your calendar:
Thanks for the interest (and the correction on the Animated QR page!).
RE: .NET Library
We indeed don’t have any .NET libraries for Animated QRs. I’d love to see one if you’re interested in producing it, but I also want to be cautious of your time and effort, as we haven’t had anyone asking for one. Perhaps you’d be interested in attending a Gordian Developers meeting and asking if there’s any interest. (Shannon just posted about our next one, on August 7th.)
In the meantime, you may be interested in the guide our lead researcher, Wolf, wrote this year on creating the Multipart URs used by Animated QRs:
RE: Gordian Seed Tool & Addresses
Gordian Seed Tool is a reference app and so we want it to embody best practices for how to safely and securely store seeds. The concept is that you keep your seeds in a more secure device like a mobile phone and then empower a transaction coordinator (Sparrow is our coordinator of choice) by providing it with account information, but not secret info like the seed or private keys.
To receive funds you then need to give out an address, which you could do from the phone or the network coordinator, as preferred (but if you give one out from the network coordinator, you can still use the phone to double-check an address is correct).
Adding Zcash addresses is certainly a possibility. We’ve currently got support for Bitcoin, Ethereum, and Tezos. It’s mainly a question of knowing that there’s interest from the community in that feature.
So why should ZCash wallet developers look at BIP-85? Basically it allows you carefully protect a single hardware wallet with a “cold” seed, and a backup strategy for it (see our 2019 #SmartCustody book for best practices on safely storing seeds in a self-sovereign way), and then use that hardware wallet to create “hot” seeds for use in lesser wallets with smaller amount of funds, say on a less secure (or less resilient) phone device.
Blockchain Commons is currently focused on a variety of Layer 0 specifications, as we’ve found many wallet developers oblblt “save these words someplace safe”. We don’t feel that is sufficient, and want to make it easier for people to protect their digital assets. Our work is applicable to all wallets, for any blockchain, that uses seeds.
