Source: Peter Van Valkenburgh, Why Tornado Cash matters
Hi Zeeps!
I’m writing this while on a flight home, returning from the first DC Privacy Summit hosted by Project Glitch and the Coinbase Institute. The event, which was the brainchild of our own @paulbrigner, brought the industry and government together to share ideas and foster dialogue around cryptocurrencies and privacy.
It was exceptionally well done, and many involved with Zcash spoke or were in attendance, including @zooko , Peter Van Valkenburgh, Marta Belcher, James Joseph, and @mrkit2u. Zcash and zero knowledge cryptography were mentioned in nearly every session as pioneering and vital.
My speech, which you can see below, focused on my personal journey, experiences working on Zcash, and the second-order effects of aggressive regulatory actions on our freedoms as developers and people.
After my session, a number of people wanted to talk. One asked how to balance the support for strong privacy while allowing some to share elements needed for business or public transparency. I shared that his question was about consent, and we went on to discuss the use of viewing keys in different contexts.
I’ve been thinking about consent, and perhaps it’s too abstract and coarse-grained to be useful as a stand-alone word. Allow me to explain…
In my speech, I highlighted how much information is shared by posting a photo online, and the soon-to-be-realized implications of broad access to AI with rich aggregated datasets that include people’s personal information.
On the surface, posting a photo seems consensual. But am I really consenting to third parties using all the information it contains?
On the surface, posting a transaction on a public blockchain or Zcash using a t-address seems consensual. But am I really consenting to its data being irrevocably tied to me permanently?
And even if I consent today, based on current technology capabilities, governments in power, and my personal situation, what happens when circumstances change?
How can I change my mind when my information is irrevocably and eternally etched into blockchains? We know the answer to this question: You can’t revoke consent on a public chain.
This is why default privacy is so important. Posting something publicly is what I’d call passive consent, as I immediately give up rights to current and future uses of that information. Active consent would then be an ongoing decision to selectively disclose information to whomever I want, for as long as I want.
We should focus on enabling active consent. However, it is important to remember that this focus risks overengineering, which can degrade the user experience—potentially to the point that it isn’t used at all! That’s the rub.
For example, we decided to disallow copying or taking a screenshot of the seed phrase in the Android version of Zashi. At the conference, a new Zashi wallet user told me this was frustrating. Ultimately, the solution should be to eliminate seed-phrase friction. Still, we opted for a more paternalistic short-term solution that harmed adoption more than helped a person who wanted to choose differently. We must strive for the right balance and respect the autonomy of our users.
White House, National Security Council Special Advisor for Cybersecurity and Critical Infrastructure Policy (what a title!) Carole House shared a different view. While advocating for balance, she leans toward guarding against threats over personal liberties. Threats abound, and she has a lifetime of experience preparing for and defending genuine threats to safety. But the consent she seems to advocate for, which is to be forced to cede personal privacy to a government for our protection, is backward thinking. Not only has the US government routinely failed to protect citizens’ data, it has a track record of abusing power. Government-mandated privacy intrusions violate our 4th amendment and human liberties, are not consensual, and serve to enslave the very people they claim to want to protect.
As I mentioned in my speech, I believe that cryptocurrencies have ushered in this generation’s Gutenberg moment. They will democratize money. While distribution and democratization enabled by the printing press were foundational for free speech, pseudo-anonymity allowed for innovation, including the innovation we call the US. For cryptocurrencies to deliver human financial freedom, they must support privacy. They must support active consent.
There were a few other presentations and discussions I really valued, including Peter Van Valkenburgh’s masterful presentation (with illustrations and rhyming couplets!) on why Tornado Cash matters, Zooko’s demonstration of how zk works, and an excellent panel discussion with Marta Belcher, Filecoin Foundation president and Zcash Foundation board member, and Jay Stanely from the ACLU (who calls out Zcash, by the way).
While I was shaking hands and pondering consent, here’s what the rest of the ECC team was up to this week:
Zashi
We released Zashi 1.2.1 for both iOS and Android.
@andrea and @peacemonger discuss it here.
We also announced our video contest winners!
Design
- Implemented many ad hoc design tweaks needed for the development team
- Updated Feature Graphic for Android PlayStore
- Made progress on Transaction Success/Error screen designs
- Working on Transaction History Redesign - implementing feedback from the team and finalizing designs for all the possible cases and scenarios
- Started explorations for Home screen, navigation redesign and Multi-Account support
iOS
Unique Installs: 3.67k
Total Downloads: 4.33k
Rating: 4.9 ★
- Released Zashi 1.2.1
- Built “Add UA to Memo” prototype (dedicated for testing purposes)
- Implemented Select Text Feature that allows users to copy just some parts of the memo in a transaction
- Transactions that receive transparent funds no longer show a shield icon
- Not Enough Free Space status screen: updated UI and tweaked Settings to show only relevant options (all options involving the synchronizer are hidden)
- Cleaned up Github issues
- Resolved Zashi Warnings, 0 now
- Resolved Coinbase curl + auth, fetched supported countries
- Uploaded Zashi 1.2.2 with fixes addressing 1.2.1 issues + update to 2.2.6 SDK (stuck in AppStore review because of Coinbase integration AGAIN!
) - Adopted and tested Flexa 1.0.5
- Prepared Spanish localization
Android
Total Install Base: 2.27k
Total Installs (incl. Open Beta): 7.97k
Rating: 4.71 ★
- Finalized Request ZEC feature (an issue with the ZIP 321 library fixed - coop with Pacu)
- Released 1.2.1 + SDK 2.0.5
- Updated UI of all technical status screens (updates, not enough free space)
- Adopting and testing Flexa 1.0.5
- Working on updating Settings UI
- Implementing app authentication on app launch
- Investigating newly reported issue with Network type mismatch and other user issues
- Prepared Spanish localization
Zcash Core
- Fixed:
- Bug in checkpoint id selection.
- Released zcash_client_sqlite version 0.12.2 with hotfix.
- Working on:
- Improve spend-to-spend latency (“tip the barista problem”) by creating multiple change notes from each transaction in librustzcash-based wallets.
- PCZT (Partially Constructed Zcash Transaction) format — useful for hardware wallets, multisig, swaps, etc.
- Zashi Address book encryption.
- Specification of larger memos (ZIP 231: Decouple Memos from Transaction Outputs).
Other
We’ve provided a markup to the Zcash Foundation for a trademark license that will allow us to support Zcash community assets. We’re hoping to shore that up soon. We still have not heard from the foundation on how it intends to use the mark in conjunction with governance.
The halving countdown on Z.cash is currently an estimated time. We are working to get it tied to the API to get the correct time ASAP.
That’s all for this week.
Building to empower your consent!
Onward.
