Encrypted memo field

We’ve just posted a write-up on the encrypted memo field feature in transactions between shielded addresses. The Encrypted Memo Field - Electric Coin Company

There’s a ton of potential for this feature and we would love to hear your ideas on what this could be used for. See blog post for inspiration. :slight_smile:

5 Likes

very cool, will have to check it out

1 Like

hey @paige,

I have some questions regarding encrypted memo field:

  1. I suppose I can use time-locked transactions as in bitcoin, right?
  2. Can I use a time-lock also for private/shielded transactions?
  3. Is the memo field content of a time-locked private transaction sealed (for recipient and everybody else) until it is actually added to the blockchain (time-lock passed)? Or can the recipient see the memo field content of a pending time-locked private transaction before time-lock is released?

Would be nice if you can clarify this!

2 Likes
  1. Yes, this works as in Bitcoin for transparent transactions.
  2. Not at the moment, but that is a feature we have considered and know how to do: Implement Confidentially Timelocked Funds · Issue #344 · zcash/zcash · GitHub . At some loss in privacy, you can make funds transparent in order to do a Bitcoin-style time lock and then shield them again.
  3. There’s no such thing as time-locked shielded transactions at the moment, but I’ll add that as a potential security property to ticket 344. However, I don’t see how to implement it, since there’s no way for the sender to choose a key that will only be available after expiry of the time lock.
2 Likes

Hey @daira,

Thank you for your reply that makes it a bit clearer for me. I will follow your progress with issue #344.

Regarding 2/3. Your blog post The Encrypted Memo Field - Electric Coin Company mentions “transaction view keys”. If the transaction view key can only be used by a recipient when a shielded transaction is actually added to the blockchain, and not before when it is pending as a time-locked transaction, then time-delayed memo/secret sharing with the recipient should be possible. I guess I’m still missing something here…(and do not understand how you want to enable time-locked shielded transactions).

2 Likes

Where the blog post refers to a “transaction view key”, it means the ephemeral private key used by the sender to encrypt a note plaintext. The sender could hold onto this and reveal it at a later time, but there would be no mechanism to enforce when they reveal it. So that would not work for most uses of time-lock protocols where the sender is untrusted.

1 Like

Is it possible in the API to derive the view key?

There is no API to do that currently. The ticket for it is Wallet support for import, export, and derivation of incoming viewing keys · Issue #1997 · zcash/zcash · GitHub .

1 Like

We’re currently focused on specifying and then implementing payment disclosure which will create a blob to decrypt individual payments to shielded addresses. The viewing key has a much larger scope (all transactions sent to shielded address) so implementing payment disclosure is safer to do first because of it’s added granularity. If a blob gets shared by accident, it only affects the transaction involved whereas a accidental sharing or viewing key affects the entire address.

1 Like

I just realized I don’t know how to use the memo field.
When I see the received transaction I see the memo in hex; how do I translate it to a string?

$ python
>>> from binascii import unhexlify
>>> unhexlify('4d656d6f206669656c6421')
'Memo field!'
1 Like

There are plenty of online services too for a very simple solution e.g. https://codebeautify.org/hex-string-converter

1 Like

I wanted to see I could retrieve myself the messages from z_board http://www.z-board.net/

1 Like

On that note, I had previously done the same by importing the viewing key and running z_listreceivedbyaddress and then manually decoding the memo. One thing I didn’t understand was why the amount field contained a lot of different values. I assumed this was the fee but looking on zcha.in it seems the default fees were used. See this incoming transaction for example:

{
    "txid": "2a11563a57c39151878f83700d6c1133b232cdb058086b0fb4ed50c3e34b99b8",
    "amount": 0.00050000,
    "memo": "53544f5020544845205741522053544f5020544845205741522053544f5020544845205741522053544f5020544845205741522053544f5020544845205741522053544f5020544845205741522053544f5020544845205741522053544f5020544845205741522053544f5020544845205741522053544f5020544845205741522053544f5020544845205741522053544f5020544845205741522053544f5020544845205741522053544f5020544845205741522053544f5020544845205741522053544f5020544845205741522053544f5020544845205741522053544f5020544845205741522053544f5020544845205741522053544f5020544845205741522053544f5020544845205741522053544f5020544845205741522053544f5020544845205741522053544f502054484520574152200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"
  }

Well they asked people to send some small amount, so people sent different amounts I guess.

Ah, OK that makes perfect sense - I think I sent a 0 amount and just sent the fee and hadn’t actually read that part so just confused myself :confused:

1 Like

you got off cheap :wink:

1 Like

Hey! Since I’ve read https://electriccoin.co/blog/encrypted-memo-field/ a few years ago I was intrigued with some ideas… Finally I started to play with it https://code.kripto.solutions/kripto/sentinel while developing https://forum.zcashcommunity.com/t/moeda-casa-smart-brazilian-fiat-to-crypto-over-zcash/38123

More to come!

1 Like