By the way, this sort of empirical analysis of Zcash would be great! It is unclear — to me, at least — how safe are the transactions that people are currently making on the Zcash blockchain today.
There are two important values we would get from someone doing a thorough https://monerolink.com -style analysis of the Zcash blockchain:
First value: user education. The most important factor in user safety is: how well does the user understand the security properties? (This is true of all security/privacy tech, by the way, not just cryptocurrencies.) If a tech offers weak security properties and the users understand that, then they don’t use it in a way that would harm them. It may therefore be less useful than a stronger tech, but it isn’t dangerous to the user.
On the other hand if a tech offers medium-level security properties and the user thinks it offers super strong security properties then it is dangerous! Users may mistakenly rely on it to protect them when they are danger, and then may be seriously harmed.
So the most important effect of research like this is to provide information that people can then use to educate users so that they can make an informed choice.
Paige has written a great pair of blog posts on the basic principles (“Transaction Linkability” and A Shielded Ecosystem), but we still need empirical analysis to complement these basic principles.
The second value we get is feedback on the technology design. Are our current privacy/security mechanisms working as well as intended? What is the empirical consequences of the majority of addresses being unshielded? (Certain people have been publicly asserting that the consequence is that almost no Zcash users are actually getting privacy. I’m pretty sure that’s wrong, but I’m not 100% sure, and we don’t know empirically just how wrong it is.)
Are there some low-hanging fruits for privacy improvements that we could easily deploy? We already have a roadmap for improvements that pave the way to a Shielded-Only future, but good empirical analysis might reveal to us that there are more urgent needs, or bigger payoffs from different improvements.
Here’s a forum thread about such empirical analysis. I humbly request to the security researchers of the world to consider digging into this. I know it is a huge amount of work, but you will be helping move mankind forward in an urgent and important way.