HW wallets - z-transactions

Hi there,
it’s a long time I’m interested in ZCash and I still mine them with my limited resources (even though it’s going to be not profitable for me very soon). I really wish that the ZEC project could have a great future, as I think that it’s a great technology.
However, as we know, lately price is declining and not all news (if any!) are good.

Recently I saw a lot of debates on the future of this project, but together with these debates I also saw less and less news about improvements of the client itself or about the ecosystem.
What I’d like to see before the CURRENT funding expires is the support for z-addresses in the major HW wallets: I think this is a critical topic for widespread adoption.
If we consider an advanced user, which holds a non-trivial amount of ZECs, we should assume that he/she wants to keep their funds safe, so that a hw wallet is probably the easiest/most common solution to adopt.
However, as of today, I do not know of any hw wallet that supports z-addresses, so that in order to have the funds safe on a hw wallet, t-addresses must be used.
This, IMO, downgrades the great technology of ZCash to the older Bitcoin technology, with no privacy features. OK, you could keep the great part of the funds on a t-address and then send them to a sw wallet, etc.etc. but it’s cumbersome and time-consuming, and not going to be used by many people.

I already asked several months ago on the forum, then I tried make some pressure to have z-addresses implemented on the Ledger HW wallet (which I own, but any other wallet would do, and I’d probably buy it just for that purpose), but to no avail.

Now I really think that z-addresses should be implemented ASAP, and for sure before the current funding scheme expires. This would be great news for the community and probably it would be good news after such a long time with no positive news about ZEC.

Just my 2 ZEC-cents :slight_smile:



Hi @mantoz :slightly_smiling_face: the short answer is yes, the Zcash developers have been working on shielded support for Lite wallets and Hardware wallets. The Zcash developers are building the SDKs and libraries but it is up to the wallet makers to add the functionality.

Latest documentation: https://zcash.readthedocs.io/en/latest/rtd_pages/shielded_support.html


In my talk at Zcon1 I demonstrated the necessary primitives for z-addrs on a hardware wallet, specifically the RedJubjub signature scheme running on a Ledger Nano S. The main problem is that the hardware wallets have very constrained environments, and it needs an efficient implementation that fits the available stack space in addition to all the other logic that needs to be there. My demo was only the core signature primitive, because I was unable to fit RedJubjub signatures using our Rust implementation of Jubjub on top of the existing Bitcoin Ledger app. There’s also a separate issue where the ZIP 32 derivation process would not work in a Ledger without Ledger themselves adding support for Jubjub and ZIP 32 into their closed-source firmware, because (understandably) the raw seed is never exposed directly to an app.


Thanks both for the insight.
To be sincere, I think that we are in a critical moment for ZEC, with a great need of some positive news in order to broaden adoption and to reach more people.
Keep in mind that the reference, command-line client is not easy to use for the average user. For sure ZecWallet and the mobile client are easier to use.
Having a hw wallet, with a “standard” interface (i.e. similar/equal to the one used for others cryptos) and able to handle z-addresses would be a great plus.
I don’t know how things work from a commercial POV, but I think that even funding somehow Ledger, in order to have a quick implementation of private transactions in Ledger Live/Nano S, would greatly improve the ZEC ecosystem and make ZEC different (better) from all other coins.
Unfortunately this forum community is small compared to all NanoS users, but if we can do something with Ledger in order to make them act quicker, just let us know.

Any chance of a link to the talk and/or code? Thanks!

@jasondavies I believe this is the talk he was referring to:


1 Like

Unfortunately it seems nothing has changed in the last few days (see the Ledger reply in the thread):

Should we bite the bullet, recognize that BIP 32 from the master seed is the only thing that’s guaranteed to already exist in hardware wallets, and extend ZIP 32 with a kludgy hybrid mode to make that sufficient?

Namely: do BIP 32 derivation from a master seed to get a private key of the wrong form and then hash that get the seed for z-address derivation.


I thought I saw your talk. I completely missed this. Would you please link me the talk and any slides/code you have released.

Is backward compatibility a requirement? would a new “secure” device that supports z2z and the other coins be a better route? It is pretty easy to remove the constraints in the environment when you are not limited to the two chips the nano uses.