Engagement is everything in social media, cringe works 
4 Likes
Hi all. My name is Diego Salazar. I’ve been a part of the Monero community in a large capacity for a long time. I did a lot of work for the Core Team back in the day (some people were asking about them above, I can provide answers, but this post will probably get long). I currently run Cypher Stack, a design, development, research (with cryptographers!), and infrastructure firm that does work for various people (Monero, Firo, non-coin stuff also). We were instrumental in Firo’s recent Lelantus Spark, and are currently the primary big firm working on FCMP++ math stuffs (mostly divisors right now, but I won’t bore you with this story).
Me and the team also make Stack Wallet (a fully FOSS, open-source, privacy-focused wallet). It does NOT currently have Zcash. That may change. I can go into the reasons why we haven’t included it at a later time (again this post will be long). But no, it has nothing to do with me being afraid of being shouted down by Monero people. Heck, we are even the very first wallet to implement FROST multisig (a big goal of Zcash, as I know) for Bitcoin. To this day nobody else has implemented a working FROST multisig wallet live (I may be wrong, please correct me if so). And as a result a few months back I was invited by several people on the Zcash team to discuss FROST, the pain points we have with it, and our experience with it. I accepted the invite, and had a pleasant call with the FROST team where I told them everything we learned.
I give all the above credentials and PoW so people know when I say I’m a privacy guy, I mean it. I put my money where my mouth is (Stack Wallet is funded out of pocket at a significant loss). That I’m not too tribal (work for mimblewimble stuff, Firo, Monero, Salvium and more). So hopefully what I’m about to say won’t just be dismissed as hurr durr Monero guy FUD.
Why am I here? Why am I on this forum? On this thread?
Because for so long, and despite being a pretty firm Monero person, I have secretly (and no so secretly) rooted for Zcash. For many reasons. I think having many privacy eggs in one basket is bad (same reason me and my team worked for Firo), and because I think, theoretically, you guys are doing amazing things for privacy as a whole with your research (not so much implementation, on a community / dev level, but again, post too long).
Quick aside, yes I’m very aware of the privacy shortcomings of Monero. That’s literally why me and the team are working hard on FCMPs.
I check in on the Zcash forum every few months. Each time I come away a little disappointed. Working on cool new stuff that few people will use, and fewer people actually care about. I really say that preceding sentence in the most loving way possible. Not to kick people while they’re down or get anyone to give up. Far from it. I think the research and dev of Zcash is still crucial to the privacy space, and want the world to have an actual chance against the panopticon that is already here.
In short, I’m here for privacy.
I’m not all knowing, but as someone who has followed this project for a long, long time from the sidelines, I can definitely give my two cents about why Monero is everywhere, and Zcash is not.
FCMPs is coming soon. Facing delays (funnily enough, delays caused by my team, since we’re not convinced about divisors and are working to actually formalize it), but my guys are crunching it at a good clip, so that won’t take much longer. Happy to talk about all of this research and stuff we’re doing with you all too if there’s interest. We do research openly, and for the betterment of humanity.
I’m going to be blunt. There were some major blunders in this project imho. Monero is not without its own (as you all rightly pointed to the CCS drain above, I can also talk about the CCS later since people asked about how we do things there). Monero had the numbers, the memes, the community, but Zcash had a smoking gun, Halo2. Previous stuff, it had the trusted setup (yes I know, I know, to many of you it wasn’t that big a deal and was just a braindead Monero talking point, but to many well-meaning people it was a legit concern). Halo2. Bam. No trusted setup. Gigantic anon pool. You got it made.
You just had to…get…rid…of…those…pesky…t-addresses! If people want Bitcoin they’ll use Bitcoin!
Not unified addresses. No! Why make things MORE confusing?
“But the exchanges!!! They’ll delist us!”
Remember I said we did work for Firo? Just got delisted by Binance. Your guys’ darling exchange. Because of Spark. Firo even implemented exchange addresses. On paper did everything Binance asked them to. Then there was the binance community voting for delisted projects. Zcash got MORE votes than Firo to be delisted. Firo thought they were safe. Delisted anyways. No real reason given.
Price crashed. Oh wait, now it’s back up to where it was pre-crash. Still not great. Used the mini bull run to get back to where it was before. But Firo survived. And now they’re throwing around the idea of going Spark only, since they don’t have the big exchange to please. Why wouldn’t they? And now they’re trudging along. Got some outside help from people who believe in the vision. They’re in a rough spot, but still moving.
My point is, as far as exchanges go, you’re not safe. They “passed compliance review” too. Just like you guys. Delisted still. You cannot play with these guys by their rules. They will change the rules on you. This is a warning that you can appease them out the wazoo and they will still take you down. THIS ACTUALLY HAPPENED to a privacy project that played ball. You could be next. This isn’t me trying to spook you. This is me saying to commit.
Please guys for the love of freedom, commit to the privacy. I’ve been heartened as of late. Getting rid of taddresses of unified addresses as a wallet standard thing. Not protocol-level, but better than nothing.
Goodness I could talk for days on this stuff. Anyone interested in a Jitsi meeting to talk through it all?
I’m sorry I know this is super rambly and unfocused. A few year’s worth of frustrated sighs and eye rolls with Zcash in this little post on the Monero thread.
13 Likes
How to tell whether someone actually cares about privacy 101 (highlight mine) 
Thanks for this awesome post @diegorehrar; some very interesting food for thought.
I’d be happy to get on a call with you.
5 Likes
Yeah, let’s do it. Let me know. @diego:cypherstack.com on matrix.
Interesting perspective. I still believe that the comparison between Firo and Zcash regarding the Binance delisting is not convincing. You say it yourself, it is unclear why Firo was delisted in the first place. According to Binance there are several other factors which could lead to a delisting besides compliance/regulatory (Binance Delisting Announcement). Market cap, trading volume, general activity could have been reasons as well (according to CMC Firo has a Mcap of 12m USD). Zcash is in a much better position in that regard - e.g. compare trading volumes. And I still believe t-addresses are beneficial for adoption. I highly doubt my favourite European CEX would have listed Zcash in 2018 without t-addresses. Not only because of regulatory reasons but also from a complexity perspective to integrate shielded addresses and missing hardware wallet support at that time.
I agree that two different pools add complexity. But if I, as a user, am exclusively transacting in the shielded pool (after the transparent on-ramp through a CEX), my privacy is not compromised, correct? So for me, it’s more a question of user education. Zashi does a good job of addressing this through its UX.
2 Likes
Great post. Many people here agree with you.
If you have the time I would love to hear your thoughts in this thread as well.
It seems that those that care the most about privacy in the Zcash community have little power. Control in the hands of the trademark owners and guardians of the purse strings are firmly holding Zcash back by insisting on indefinite chain transparency operability (and pushing out those who value privacy the most in the process).
When would you like to schedule the next trimester shareholder vote @aquietinvestor ? Would be worth polling about whether we should keep t-addrs.
Given the last vote where I was the only one voting with t-addr, I think I’m warming up to the idea of removing that from the protocol personally. We need at least one exchange that can work with viewing keys though.
Thanks for posting this.
Diego and I met over jitsi a few months ago, I was doing some research and found stack wallet FROST implementation, then we organized a meeting with the FROST team. Diego is a very honest and straightforward person as you may have appreciated already 
I’m pretty convinced that a lot of work around the frost client and server ZF released not so long ago was influenced by his feedback.
I’d love to see Zcash in Stack Wallet, if there’s something we can cooperate in doing, I’d be please to discuss it.
6 Likes
Shoutout!
Thanks for coming, I am very pleased to see your post with such kindness and honesty.
2 Likes
I agree somewhat. I think indeed the motivation to delist stemmed from the fact that Firo has privacy stuff AND had low volume / market cap. The thing is though, this still does not mean Zcash is safe. Prices go up, and prices go down. I’m not saying Zcash will go to 0, but all it takes is one bad day on the whims of the market and you may fall below some arbitrary threshold they have where you aren’t “big enough” anymore to be worth the bother since you have privacy features.
My two cents is Zcash needs to invest in powerful, working DEXs / atomic swaps (if possible), snip the t-addresses, and then not care what people think
In regards to your comment on user education, I will be very blunt here and say that this will not ever work the way you think it will. I am a UX designer. I think Stack Wallet has some of the best UX in the space. Any time you have to make a user think, learn, or act, you exponentially lose users who care. Either they will close the software or take the path of least resistance. This is NOT NEW information. UX people have known this for DECADES.
And yet we (Monero and other privacy coins included) think that if we just educate enough (i.e. talk teach blah blah blah) that people will come around and learn how to use the tools. No. It has to be the path of least resistance. You all say Zcash is the https to Bitcoin’s http? The only reason https is used is because it is used, deployed, and supported to the extent that the end user has to do ZERO thinking to use it. If they had to do any at all, they wouldn’t use it.
I stand firm that even TWO address types is too much. There needs to be one. And it obviously can’t be the t-addresses only, because then you guys are just Bitcoin, which nobody needs because we already have bitcoin. There needs to be one, and it needs to be z. Then everyone will use it.
One of the reasons Monero is much more used than Zcash is because there’s no “education” needed about the coin beyond normal privacy education. You use it, and get (flawed) privacy. But the scary thing for Zcash is that when FCMPs goes live on Monero, it will still have that “no education” aspect, but with powerful privacy that now rivals Zcash. Why would anyone use the version where they have to learn stuff (even if it’s ten minutes of learning), when they can use the one that’s just as good and doesn’t require any thinking?
The answer, I’m sorry to say, is they won’t. They won’t learn. They won’t read. They won’t watch the video. They want to press send, scan a QR code, and have it work. That’s it (and for some even scanning the QR code is too much).
To see Zcash people constantly deny the UX truths that every UX designer has known for decades is one of my primary frustrations with the project as I watch from the sidelines. There needs to be ZERO education. It just needs to work. Immediately, with ZERO input from the user beyond choosing who to send to. Forgive my continued bluntness, but if anyone thinks otherwise, you don’t know UX.
(And in case you think I’m being hard on Zcash only, I’ve pestered and pestered Firo about this as well btw. I’m about to go rogue and have Spark addresses only in Stack Wallet. And if I put Zcash in Stack, I WILL be the change I want to see in the project and do Z addresses only.)
3 Likes
As I mentioned, I check in on Zcash forums every couple of months. I’ve read this thread in its entirety many times. It’s always was one of the most hilarious and disappointing things when I read it again.
“Can we agree that we ultimately want to go z only someday? Not even now, just someday.”
“Well this isn’t fair. Look at everything we’ve done for z addresses in general?”
“Stay on topic. Can we just agree, all of us, that ultimately SOME DAY we want to go z only?”
“Look at everything we’re doing with zebra, ZSAs, marketing, wallets, etc. Are you saying this amounts to nothing?”
“Can we please stay on topic? Can we just agree as a community that we want to go z only at some point, even if it’s very far in the future?”
Repeat ad nauseum. Few want to rock the boats enough to just say “no, we don’t want this”. Even fewer will acknowledge the reality that not committing to privacy is one of the primary reasons why Zcash languishes where it is in terms of marketcap and community. Try to please all masters (exchanges, privacy buffs, governments) and end up with a coin that serves no one well enough for them to actually stay.
Even if Monero was full of the nicest people you’ve ever met (it isn’t, I know first hand), it wouldn’t change this fact. And the implications above about how Monero’s FUD has helped keep Zcash where it is (which I’m not saying is fully without merit) misses the forest for the trees. It keeps the project from taking a good, long look in the mirror and come to terms with itself about its identity.
(Edited to remove a few statements that I think were too inflammatory. Don’t want to be condescending or too harsh. I really want Zcash to do cool things, so I’m adjusting my tone a bit. Sorry to any who read the first version and were turned off by it.)
1 Like
As I mentioned Stack Wallet is funded out of my pocket. Happy to work with ECC, ZF, or anyone else to help us get the work done.
My reasons for not getting it in a while ago was the cursed BOSL license (which has since been rectified (thanks @joshs, I literally cheered when you did this), and then it had been kicked down the line for so long because of that debacle and never really climbed the priority list.
1 Like
I agree somewhat. I think indeed the motivation to delist stemmed from the fact that Firo has privacy stuff AND had low volume / market cap. The thing is though, this still does not mean Zcash is safe. Prices go up, and prices go down. I’m not saying Zcash will go to 0, but all it takes is one bad day on the whims of the market and you may fall below some arbitrary threshold they have where you aren’t “big enough” anymore to be worth the bother since you have privacy features.
Fair enough, I will not disagree with that. My argument still stands though. As long as you have trading volume and the CEX makes money with your coin via trading fees, there are no apparent reasons to delist as long as its compliant with AML/GDPR regulation. T-addr help being compliant in this current regulatory framework. You can dislike that from a privacy purist perspective, but it still is a fact. IMO there is too much hate about t-addr and not enough complains about KYC. KYC is the real devil here, way worse for your privacy than t-addrs.
My two cents is Zcash needs to invest in powerful, working DEXs / atomic swaps (if possible), snip the t-addresses, and then not care what people think
Yes! So maybe focus on shielded adoption with working DEXs, swaps and (hardware) wallet support first? Its not rocket science, Zashi and Keystone got released and shielded pool is at >3m already after a few months. Why do you want to remove optionality and flexibility from the protocol when you can enforce it on the wallet level instead? Will “shielded purists” still complain when shielded pool is at 5m coins? What about 10m or 15m? What I am saying is that there is a good chance the problem will resolve itself if you encourage shielded usage.
In regards to your comment on user education, I will be very blunt here and say that this will not ever work the way you think it will. I am a UX designer. I think Stack Wallet has some of the best UX in the space. Any time you have to make a user think, learn, or act, you exponentially lose users who care. Either they will close the software or take the path of least resistance. This is NOT NEW information. UX people have known this for DECADES.
One of the reasons Monero is much more used than Zcash is because there’s no “education” needed about the coin beyond normal privacy education. You use it, and get (flawed) privacy. But the scary thing for Zcash is that when FCMPs goes live on Monero, it will still have that “no education” aspect, but with powerful privacy that now rivals Zcash. Why would anyone use the version where they have to learn stuff (even if it’s ten minutes of learning), when they can use the one that’s just as good and doesn’t require any thinking?
The answer, I’m sorry to say, is they won’t. They won’t learn. They won’t read. They won’t watch the video. They want to press send, scan a QR code, and have it work. That’s it (and for some even scanning the QR code is too much).
To see Zcash people constantly deny the UX truths that every UX designer has known for decades is one of my primary frustrations with the project as I watch from the sidelines. There needs to be ZERO education. It just needs to work. Immediately, with ZERO input from the user beyond choosing who to send to. Forgive my continued bluntness, but if anyone thinks otherwise, you don’t know UX.
OK, but for example with Zashi, the user does not have to think at all. You can receive transparent ZEC (only way to get withdrawals from CEXs as of now), but you cannot send ZEC to a transparent address. Everytime you receive transparent ZEC there is a fat warning on your screen which says “Shield your funds!”. You press the button and congratz, you are now transacting privately in the shielded pool. In comparison to other stuff in this space, this does not seem that hard for a user to understand. Try explaining a user the difference between probabilistic vs. deterministic privacy – seems way harder.
And yet we (Monero and other privacy coins included) think that if we just educate enough (i.e. talk teach blah blah blah) that people will come around and learn how to use the tools. No. It has to be the path of least resistance. You all say Zcash is the https to Bitcoin’s http? The only reason https is used is because it is used, deployed, and supported to the extent that the end user has to do ZERO thinking to use it. If they had to do any at all, they wouldn’t use it.
Actually good analogy because as of today HTTP is still available and not deleted from WWW (according to Grok 2-5% of traffic). I will just leave this screenshot here, as it is self-explanatory (“…strong incentives…”). Compare the Zashi approach to below explanations and you see the similarities.
All that remains for me to say is that I am really not a diehard defender of transparent addresses. Yes, I would also like to see an ecosystem that consists solely of shielded addresses with viewing key possibility. The fact is that the current distribution of ZEC would not have been possible without transparent addresses, because the technology of shielded addresses has not been widely adopted since Zcash came into existence. Otherwise, we already would have had Trezor, Ledger, and exchanges with shielded addresses long ago. But we don’t. That’s why I’m a realist and see the practical barriers that the proponents of “shielded only” seem unwilling to acknowledge. Incidentally, I haven’t just been “watching from the sidelines”; I’ve been buying coins since 2018. Back when there were no Zcash supporting DEXs yet. From CEXs with transparent addresses, which allowed me as a normal user to invest early in the potential of Zcash.
5 Likes
Zcash couldn’t participate in Defi without transparent addresses. Nobody should trust some random protocols if they can’t verify themselves that they have the funds they pretend to have.
I’m not sure Monero works with any defi, so this could be a fundemental difference. If this isn’t the case, I would be curious to know which dex/services are out there, live, working right now?
Having choice, flexibility, is a wonderful thing and shouldn’t be shamed because its less private. Zoom out?
1 Like
This can be dangerous if folks think they are anon when they are not. You can’t hide the truth/education forever.
Education is hard, and yes folks fight it, but that doesnt mean we should just avoid it.
I very much hope your team can add shielded ZEC, would be great 
Yes I have yet to see in real life people protesting to have less choice
zano and beam are live. it’s similar to ZSA trying to get.
