Deterministic 4-Word Aliases for Zcash Addresses (Anti-Spoofing UX Aid)

I want to share an idea for improving address verification, deriving a short, deterministic 4-word alias from any Zcash address string so users can do a fast visual sanity-check before sending funds.

Zcash addresses are long and hard to compare manually. This makes users vulnerable to clipboard malware, spoofed addresses in chats, and subtle typo-based scams.

For any address string (t1…, zs1…, u1…), derive a deterministic 4-word phrase (example format: legal trumpet lobster maple) that can be displayed in wallets, explorers, and payment UIs.
This phrase is intended as a verification aid, not a replacement for full address checks.

Algorithm (deterministic and cross-language)

1. Encode address string as UTF-8 bytes (no trimming, case-sensitive).

2. Hash with BLAKE2b-256 using personalization ZcashAddrAlias\0\0 (16 bytes).

3. Take the first 44 bits of the hash and split into four 11-bit values.

4. Map each value to the BIP39 English wordlist (2048 words).

5. Join words with spaces.

Why this could help

• Fast human comparison: 4 words are easier to compare than full address strings.

• Deterministic: same address always gives same phrase.

• Avalanche effect: small address change typically alters multiple words.

• No network calls needed: fully client-side derivation is possible.

Important limitations

• Not a checksum.

• Not full address validation.

• Not collision-proof in an absolute sense.

• Users must still verify the full address before sending.

Is a 4-word alias the right UX balance, or should it be 5–6 words?

Would integrating these features into existing wallets be helpful to users?

How about sending these four words along with the wallet address when requesting a payment?

Here is a demo.

image896×521 18.6 KB

Integration scenario to wallets:

1. Alice asks Bob for a payment address.

2. Bob sends two things: his full Zcash address and the 4-word alias that matches that exact address string.

3. When Alice pays, she pastes the address into her wallet and enters the 4-word alias in a separate field.

4. The wallet runs the same local derivation on the pasted address and checks whether the words match.

5. If they match, the wallet shows a clear “verified” state and lets her continue to send.

6. If they don’t match, the wallet warns her (and ideally blocks send until she fixes the address or gets the correct words from Bob).

Neat! Is this a Petname System?

Petnames are chosen by the user and meaningful to them personally but this alias is computed and the same for everyone.

Which wallet would be the most suitable for implementing this experimentally?