Attention seems I found a fraudulent site that masquerades as a wallet for Zcash.
I’m not 100% sure, but all the signs are there on this site:
https: - zcashwallet -net
The site is at the top of the list for “Zcash” queries.
This thread is created more for those who will be looking for information about this site from verified sources.
We’ll review and take any required action on this site ASAP.
The site is well done for a scam website but the wallet pics show a Monero wallet.
Accusing a project of being a scam when you have not even tried using and seeing is not right and only discourages anyone contributing to the zcash ecosystem. The community also discriminated against YWallet before it finally accepted it if I remember history correctly. This wallet has existed for at least a year and has added value to the zcash ecosystem and I have used it for 6 months and it has been solid.
The wallet supports multiple privacy coins, which is why the general screenshot shows Monero, but it also has full zcash support. Whether or not you think Monero is a scam does not mean this wallet is a scam.
As far as I am aware it is also the only wallet that integrates Tor which reduces one of the primary weaknesses of ZCash and it makes it easier to avoid temporal analysis and other ways that Zcash is tracked.
Before accusing a project of being a scam I think at a minimum standard you should download and try it using on a spare laptop of course or other secure computer. Random accusations against solid projects is not how zcash will grow in adoption.
ZCash needs to be able to embrace a diverse array of different projects even if you don’t agree with what those projects are doing (such as including a monero or pirate chain wallet in the wallet).
Are you the owner of the zcashwallet website?
Where can I find the GitHub repo for this wallet to check that it’s legit?
Who are you writing this to? I was mining monero long before I registered on this forum and was an active member of the Monero thread on Bitcointalk. Believe me, I know what I’m talking about and I know the history well enough to stay away today. Zcash became my lifeline because my beliefs in the need for privacy don’t jibe with my aversion to darknet markets.
As for the wallet, I’ve never heard anything about it. That’s why I labeled it as a likely scam. I don’t have Windows to check this file, but when I see in the description a suggestion to disable OS protection, and an exe file is downloaded rather than a link to GitHub, it’s a sign of scam to me. Although I wrote that I’m not 100% sure.
I’d be happy to be wrong, but without source code, I can’t trust any wallet.
Etherscan? Blockchair? Seriously? Where are the Apple and Microsoft logos? Well, that looks super suspicious.
No, I am not the owner, but I have used it because it has features no other zcash wallet has. As far as I am aware the source code is not released. That is not uncommon for zcash multi wallets: Exodus, Atomic, and a dozen others also do not have released source code.
If you do not trust it because it is not yet open source, then that is a respectable position, but I do not think that should mean that a popular zcash wallet should be labeled a scam. Simply don’t use it. When there is a diverse ecosystem there will are always multiple options for people with various trade-offs.
I also do not have windows. You can run it in Tails OS, which is a secure operating system protected away from your normal installation. That is how I run it.
I have never run it on windows, but the wallet does not require you to disable malware protection. It asks you to disable developer signing protection, which is common place for small projects that they do not sign packages with a microsoft signing key. Especially a project that is linux-focused. Again, malware protection like Microsoft Defender is NOT disabled.
My assumption would be these are infrastructure used by the wallet, etc. Hence the Tor logo. It’s obvious Tor is not sponsoring the wallet, but the wallet is using Tor.
The wallet also supports Ethereum, so it makes sense it may be using etherscan or blockchair API services, etc. It does not mean these companies are endorsing the project or sponsoring the projects, but providing technology, guideance, infrastructure to the project. That is how I interpret it.
How can you be sure your keys aren’t going to the wallet creators? The whole question is this. Exodus and Atomic wallets have been subject to public third-party audits. By the way, Atomic failed it in 2022 and was hacked a year later. Here it’s just a noname wallet from obvious supporters of confidential coins. So in my opinion you are taking a huge risk with your funds. I wouldn’t be posting this thread if I didn’t care. But I don’t want anyone in the community to get hurt. I will note that I am not the developer of any of the wallets.
You can’t be certain. You can’t even be certain with an open source wallet unless you have verified every dependency and compiled it yourself. And, you can’t be certain with any “audited” wallet unless it received multiple audits after the last update and the current build was reproducible based on the last audit, which none have.
NO software wallet should be used for any serious amount of funds. Any large amounts of funds should only be on hardware wallets such as ledger, trezor, etc. That should be obvious as no one has verified their entire OS stack to know if it is secure even if the software wallet is secure.
Calling a solid project with history a scam because you do not like that it is not open source is not proper, IMO. Warn people that is not open source and remind them to use open source, audited code is one thing. But to slander it as a scam is completely another in my opinion especially when you have not even tried the wallet.
The trademark policy exists for a reason, so people cannot squat on “Zcash” domain names to get search rankings.
CC: @FPF @ZcashFoundation
There are a fair number of auditors in the community, not to mention that the key programmers of the Zcash protocol worked for a leading audit firm. Therefore, I only trust the software that is published on the z.cash website. Although anything can be uploaded via an update. However, I am confident in the integrity of the people associated with the software, because they are public and respected. This is reason enough for me to trust, unlike anonymous developers. However, for the sake of a fair comment that I can’t be sure of anything, I slightly changed the title of the thread.
I think someone making an accusation would need to provide proof? There is no way to prove a negative. I have used the wallet without issue. As it ranks highly in search engines for “zcash” according to OP and there have been no reports of lost funds, then my assumption is that the wallet is legit. My own personal experience is positive, but I am just one anecdote.
I have no relation to this wallet other than as a user. In addition, I also use other wallets such as YWallet and Zingo. My primary use of this wallet is for the instant swapping between coins and because it works on Tails OS. I have had > $5,000 on this wallet at a time without issues.
Would I put a large quantity on this wallet? Absolutely not. That is for Trezor hardware wallet. But, my personal experience is that this is a solid wallet for small quantities of funds.
Unlike every one else in this thread I actually have personal experience with the wallet.
Users should still beware this wallet, many red flags remain despite one users arguments otherwise.
I have removed the hyperlink to this wallet in the OP. If the actual developers of this project show up then feel free to PM me regarding this thread if they wish to re-open it.
Thread is closed.
