Dear Zcash community,
Hope you are all doing well! We’ve been working hard on both the Zcash Shielded Assets implementation and integration, and the protocol design for building Asset Swaps over the Orchard-ZSA protocol. We’re excited to share with all of you the progress we’ve made in the recent weeks!
We will split our update into two sections, one for each grant that is in progress:
Zcash Shielded Assets
The major areas we were working on are:
Circuit Optimizations
We had shared in the previous post that we had completed the integration of the Orchard-ZSA circuit into the code. This was a first step, with various possible places for optimization. Building on that,
- We first performed a study to understand which optimizations are relevant and applicable.
- We optimized the short-range check on 4 and 5 bits.
- We optimized Sinsemilla hash computation for ZEC vs ZSA: the common prefix inside the circuit is now computed only once.
This entire process occurred with the advice and guidance of the ECC core team. We have integrated these changes into the QED-it/orchard and QED-it/halo2 repositories.
The full details and layouts of the circuits, and the nitty-gritty of how these optimizations have improved the various proof parameters, can be found in this document.
Change of the issuance signature scheme to BIP 340 Schnorr over secp256k1
- After careful consideration and advice from internal and external contributors, we decided, in the case of the issuance authorization signature, to move to the Schnorr signature scheme over the secp256k1 curve, as described in BIP 340. This change was done to maximize compatibility with existing hardware/software wallets that already support BIP340.
- The changes have been incorporated into ZIP 227 (ZIP 227: Issuance of Zcash Shielded Assets)
- The implementation changes for the orchard crate are currently in progress.
Definition of Transaction v6
Since the ZSA protocol is expected to be integrated as part of the NU6 network upgrade, we began to define and implement the transaction structure for this upgrade so that it is compatible with Orchard-ZSA.
- The expected structure has been included as part of the newly reserved ZIP 230.
- Of course, this transaction structure is not final, and could change as per the requirements of NU6.
Asset Swaps and beyond
This grant covers the design and implementation of Asset Swaps, and other considerations for the integration of ZSAs into the NU6 upgrade
Asset Swaps
We have presented an initial suggestion for the Asset Swap mechanism. Our goal while coming up with this design has been to minimize the changes needed over and above the Orchard-ZSA protocol.
- We have published a call for comments on the Asset Swaps design. We have created GitHub Issue #736 in order to discuss this design, so we would love to hear your feedback there!
- The technical details are in this Google doc.
Testing Framework for the Zebra node
We had presented an E2E demo of the Orchard-ZSA work for zcashd at Zcon4. We are now in the process of porting the necessary changes to the Zebra node.
- Note that unlike zcashd, the Zebra node does not have the ability to generate transactions.
- Therefore, in order to support ZSAs, we need the ability to create and verify v6 transactions. To do so, we are creating a testing framework that will allow us to generate v6 issuance and transfer transactions.
- This framework will use the Orchard-ZSA crate,
librustzcash, along with additional new code for managing keys and notes.
The Zebra node
- As part of the move to Zebra, we are in the early stages of adding TX v6 support for the Zebra node.
- As it stands, new code related to Orchard-ZSA is being conditionally compiled into the node by using a rust feature flag. This will help in the future with gradually integrating the changes (which touch many different parts of the project) instead of pushing one huge pull request into the code base.
We look forward to hearing what you have to say about these designs and updates! Please feel free to join the discussion.
Best,
The QEDIT Team.