Leap frogging zaddr

We have an identity crisis.

Zcash is sound money because privacy is a necessary feature for that and calling it a privacy coin is redundant.

That is based on a flawed, or at least anachronistic, argument which departs from the notion of Zcash as the only or dominating cryptocoin – where combining the transparency of bitcoin with the privacy of ZK makes for “the ideal currency”. But then everybody realized that Bitcoin has lots of problems, and that the coin rather is a “store of value”. If you want cheap, fast and transparent transactions you don’t turn to Bitcoin (or Zcash for that matter).

Zcash has ZK, it’s the main competitive advantage on a brutal market. And it’s the only thing that can save it from disappearing. It’s certainly disheartening to see that Zooko doesn’t seem to think that there is a need to reconsider previous and outdated ideas.

In my opinion, The future of mainstream money is private / public. More like writing a check. The sender and receiver have a record of the transaction. Yet No one else can see it. A record of all transactions is semi private- more your bank statement. If you get audited you can prove income and expenses. The wallet is the bank and should keep track of the statement semi private ledgers. The government can request access to the wallet ledger and this is where I believe the fight should be. Possible the individual ledgers follow wallet transfer if I go to buy gold. The seller needs to report it to the government. So governments will require some type of monitoring. The goal is to minimize it and make it as private as possible.

My team has plans on creating a grant for developing a Zcash specific block explorer and I’d like to have your inputs & suggestions! Brainstorm of potential grant concepts/ideas - #38 by aiyadt

Let’s go for it
Privacy by default

If your chain is visible to everyone then it’s not privacy

Semi private is not private

Transparent private is Traceable

Sheilded to Sheilded still doenrt protect cuz you could be identified by block Count when it does transparent payment in past.

So partial privacy doesn’t work

And what works is privacy by default only and that’s privacy

I think there’s a misunderstanding that a lot of people currently have. A lot of people seem to think that the presence of taddresses cause zaddress users to lose their privacy. I don’t think that’s true, at least not in the common case.

Instead, I think the current hybrid taddr-and-zaddr architecture provides — at least for the most common use cases — the best of both worlds: the strongest privacy for the use cases where you need that, and the strongest on-chain transparency where you need that, for example, for proof-of-reserves protocols, on-chain-voting such as the Zcash Coin-Holders Petition, private donations to public charities such as the 150 ZEC donation to Code To Inspire, transparent custodians and private users such as in WZEC, etc.

The current hybrid taddr-and-zaddr architecture also provides the best of both worlds in regards to the tradeoff between on the one hand availability of ZEC and widespread support for ZEC and on the other hand Zcash’s special features that most products don’t yet support. With the current hybrid architecture, the majority of exchanges and wallets in the world support ZEC, making it widely accessible and censorship-resistant, and nobody can stop you from moving your ZEC into Nighthawk or ZecWallet Lite or Unstoppable and then using the most advanced features — shielded transactions and memos. It’s the best of both worlds. Here’s a twitter thread where I make this argument.

Holmes Worcester’s comment is extremely persuasive to me. Please read it carefully! As far as I can tell, based on what I know and on Holmes’s arguments in that thread, removing taddresses from the base protocol would not provide privacy by default, but adding privacy by default to wallets/apps/products like Nighthawk and Zbay would! And removing taddresses from the base protocol would break the “best of both worlds” feature, but adding features to wallets/apps/products would not.

To recap in table format:

1. Removing taddresses from the base protocol:
   A. Would it achieve privacy by default? No.
   B. Would it achieve the best of both worlds? No.

2. Improving wallets/apps/products:
   A. Would it achieve privacy by default? Yes.
   B. Would it achieve the best of both worlds? Yes.

Zooko, this just isn’t a good faith argument any more. Almost no one here is suggesting taddrs harm the shielded pool. All bringing this up does is distract from a conversation about getting rid of Taddrs.

I don’t think taddrs being around cause issues for zaddr privacy. But they are an idealogical issue for the chain and a real accessibility issue. Users don’t get a choice to use zaddrs when everyone does the lowest common denominator support for Zcash.

You can argue removing them isn’t that important (which seems to be @holmesworcester argument), I think i disagree and said so down that thread, but it warrants more discussion. But you should then acknowledge that ideally, we’d have them gone in a perfect world. But you can’t or won’t do that.

As I said in the other thread:

And @anon16456014 said even better up thread here

I get the argument but am not sure it would achieve the best of both worlds since there are other coins that specializes in scalability and transaction speed. If bitcoin was the only other coin on the market I would agree.

Think of it this way: Zcash has one competitive advantage, and that is top class privacy. It’s best, and only, shot is to exploit that advantage.

But as was said above, maybe phasing out t-adresses isn’t the best solution, but something must certainly be done. Need to create some momentum again, a narrative: where are we headed? etc. And as I suggested in a previous post I think perhaps the “academic” marketing style should be abandoned or at least transgressed. A new marketing strategy is required.

It is hard to get ppl to use Zcash if they see most transactions are transparent. Try convincing folks who say Zcash is not private.

If taddr-zaddr works then why did ECC work with Gemini for shielded withdrawal support?

I haven’t heard single argument for keeping t2t

To continue the previous thought, Monero has this aura of “mystique” and “shadyness” surrounding it. Zcash is more “clean”, “objective” and “technocratic”, and most people are not attracted by that. To some extent it may even result in a psychological contradiction since technocracy is related to control and transparency (smart cities, Google etc.).

(I don’t have a good alternative, just trying to raise the issue. But at the very least continuous new announcements are needed to turn the ship).

let me add another one:
3. Disabling t2t:
A. Would it achieve privacy by default? Yes.
B. Would it achieve the best of both worlds? Yes.

It feels bad that this discussion is so heated when there is so much overall agreement, and when we could (and should, and I think we all actually agree on this!) build our way out of this argument even being necessary.

To the extent we build decentralized exchanges for onramp from btc and eth, solid solutions to network layer privacy and other information leaks, clear definitions of what wallets should do to protect privacy, and a set of popular wallets that follow these guidelines (which I think we all agree we need to do) this argument fades away.

Both because users will be steered away from t addresses and because it will be less costly to drop support for them.

Ian, I can see why you feel Zooko’s argument is in bad faith because yes, the example he keeps giving can be solved with viewing keys.

But I think there really is a better argument for what he’s asserting, if a more vague and hand wavy one. It does really seem that composability is a huge part of why innovation has happened so fast in the Ethereum space. Having a piece of Zcash that works just like the oldest and most grokked blockchain protocol does seem to keep the door open to composability and interoperability in a way that viewing keys doesn’t fully cover.

For example, Ren Protocol gained very little in volume or fees by supporting Zcash, but they were able to do it because it worked just like Bitcoin so it didn’t seem like a crazy lift. If I remember right, the availability of Go libraries, and the relative ease of adapting them to Zcash, was a key thing for them. Having to mess with zcashd and viewing keys could easily (and we should ask them, but I’d guess definitely) knocked Zcash support way into the future on their roadmap.

And that’s a really cool addition to the ecosystem. A fairly privacy friendly way to onramp from Bitcoin, a Bitcoin ATM, etc.

ZKPs are much harder to fully grok and build on than Bitcoin is. Most technical people can make their way through the Bitcoin paper. But the zerocash paper requires a lot more specialized preparation to get through. And the libraries on the Zcash side will always be more limited.

There could be other innovations unlocked by the part of the protocol that is basic Bitcoin could unfold in the future. You can argue that this makes closing the door on that a bad idea even if we don’t have so many examples yet.

Still there is no argument for keeping t2t.

This conversation is really easy to end

" I think taddr’s should go away. Eventually. Right now we need them for compatibility with exchanges and for a while at least, cross platform transactions that are crucial (at least t2z).

Getting rid of them will take time and we can’t do it quickly. We should do it, but cannot and should not do it quickly. Lets work to figure out how to"

if zooko said that, meant it, and followed through. i’d tell everyone in this thread to stop stirring up trouble and go home.

The fact that no one will say this is either 1) evidence they aren’t really all in on privacy even in concept or 2) just stuck in “but someone is wrong on the internet” mode. … for like a year now,.

The main reason I set up this thread is to find the metric we should be optimizing for. So we know whether we are building right thing. Is ZEC in shielded pool the right metric? then RenZEC doesn’t help with that primary metric that makes Zcash more private. Sure, it is great & useful.

Holmes, I’m disheartened to see you echoing that smear. My arguments are made in good faith — from knowing a lot about how these things work at both a technical and business level, and wanting to use that knowledge the best I can for ZEC holders and for our shared mission of empowering everyone in the world with economic freedom.

In particular with regard to view keys, what I said was:

A lot of people have been saying view keys give you this, but currently they don’t! They would need to be extended, both in terms of Layer 1 protocol, tooling, UI, education, documentation, and deployment, before they would.

And like I mentioned recently, perhaps the result after all that work would be better than t-addresses, but first of all let’s just be clear that view keys currently don’t do that.

Second of all, let’s be clear that it is a lot of work — several years of work — to accomplish all of the different aspects I mentioned above (especially deployment and education), and

Third of all, once view keys did reach that level of maturity then they would — at least in principle — have the same properties that people are currently decrying about t-addresses! But maybe in practice they’d be better.

I’d be happy to go into more detail about these issues with you. Maybe I’m wrong! I’ve changed my mind about these things before due to new information and persuasive arguments — including arguments from you — and I could change my mind again for the same reason. I love your point that the crux of where users can get default privacy is in the wallet, not in the Layer 1 protocol, and I love your point that we should be building our way toward success rather than trying to “argue” or “legislate” our way to success.

But, having this conversation with you would only be a useful exercise if you assume that I’m acting in good faith and I assume that you’re acting in good faith. I’ve learned that there’s no point in talking with someone who thinks that you’re acting in bad faith.

Zooko, don’t stop talking/replying to me. I shared what I felt at the time but then took a step back after hearing str4d reply. I don’t think you’re acting in bad faith. I think it is mindset. When someone doesn’t agree with you or give an answer you don’t like, it is natural to assume they are acting in bad faith. I’ll only use valid arguments to respond.