I don't understand ZCash


#1

Why does Zcash use this zero-knowledge-scheme that uses a graph?
How is using a graph in a cryptocurrency different from verifying that someone can read a message that was encrypted with his public key?
E.g. GPG would have a commitment (public key), a challenge (a nonce encrypted with the public key) and a response (either he can reply the nonce or he cant). Why are there graphs? And what is the real real important part of ZCash (for me to understand)? I've even seen the word "redeem" in zerocash-oakland2014.pdf. ZCash solves redeeming, too? It all looks like a really complicated scheme compared to the byzantine fault tolerance scheme which I could understand.

If you could point me to an info-graphic or something important that is not many pages long, this would be really kind of you. Thanks!


#2

This may provide some more information for you https://github.com/zcash/zcash/wiki/specification


#3

To be honest I didn't come far. I've recalled there is this blog post https://blog.cryptographyengineering.com/2014/11/27/zero-knowledge-proofs-illustrated-primer/ , have tried to read it again and all I can remember is
if A B and C agree on a puzzle, A can probe if C has spent (much much more than probing) CPU time on solving the puzzle. A and B will agree that C did the work and still have no (or not enough) data to stand new random probes themselves.
Is this correct or am I thinking silly things? At least I see now again why it's not about the classic public key systems.
But I don't see how this transforms the bitcoin-Blockchain into an anonymous thing. I don't even know what key problem of Bitcoin Zcash solves.
I don't want to annoy with my lack of knowledge, but the existence of Zcash among only a few other privacy altcoins is so intresting, yet I miss what it's about.
What's the new one thing?


#4

The one new thing is zk-SNARKS. They provide the privacy properties.