@Zchurn, thanks for the suggestions. I began to write a long analysis here, then realized that I made a serious error I must correct posthaste lest it mislead anyone reading this.
This also raises a feature request. @str4d and @daira, please consider a short- to mid-term solution of pruned node wallet support.
Pruning is not an option here. man zcashd says:
-prune=<n>Reduce storage requirements by pruning (deleting) old blocks. This mode disables wallet support and is incompatible with -txindex. Warning: Reverting this setting requires re-downloading the entire blockchain. (default: 0 = disable pruning blocks, >550 = target size in MiB to use for block files)
This is entirely different from Bitcoin. I had known this, but had forgotten. In Bitcoin, you can discard most of the block data after processing, and keep using your wallet with your own node; there is even some recent work for running Lightning nodes off pruned Bitcoin nodes. There are people running Bitcoin nodes with full security and privacy benefits, albeit some severe functional limitations (no reindex/rescan), in 20–30 GiB disk usage or less (can be customized) when the blockchain is >400 GiB. In Zcash, pruning disables the wallet.
I understand that they made this change when developing shielded support. Zcash has new, complicated machinery for that, which Bitcoin does not have. I now understand that perhaps, the Zcash zero-knowledge wizards may be pondering how to make the blockchain disappear—not with curses, but with re-cursion—abacadabra! In the interim, however, I urge that a pruning implementation that supports private wallet usage is critical to letting people run nodes.
I myself will probably wind up buying new hardware just for this. But this is not only about me. Many other people cannot reasonably devote this type of disk space to the permanent storage of Zcash block data:
That is an upper bound of >781 GiB per year in disk growth—just for blocks, not counting chainstate (and excluding orphans that stay stored on disk, which are more frequent in Zcash due to the lower blocktime). For comparison, the Bitcoin blockchain has been running since 2009; its blocks have been full for longer than Zcash has existed. As of mid-2022, it is “only” in total just over half the size by which Zcash could grow in one year.
With no option to prune, running a fully private, secure full-node Zcash wallet will be cost-prohibitive for many people.
Note that with Zcash, I very strongly advise against running nodes “in the cloud” for wallet usage. For full privacy and security, people need to be able to run independent nodes on hardware in their physical possession. (I do appreciate people who run cloud nodes to help support the network!)
Documentation references in the source (not digging into the functional source now):