Resetting Zcash: its about privacy, not scale, econ, dev funds, or governance

The reason to hold zcash, in my view, is first and foremost as a store of value. Its a way to save money to convert into future purchases. Privacy is important; yet secondary.

Who wants to work hard and save money only to find out the currency has been debased. I’d much rather own a safe and sound currency that is public than a private one that could be be debased from counterfeiting. And the best would be a store of value free from the risk of debasement and private - zcash in theory. So, anything that can be done to ensure the supply is fixed and can not be counterfeited is needed. So far I have not heard anyone say the supply can be known with certainty.

It would be great if zcash supply could be regularly audited for supply while at the same time maintain privacy. If there is a supply breach then a system and protocol to resolve it.


Check secparams’s replies above. That requires a separate discussion if you want to dig further for new solutions/ideas.


That may be a reason to hold cryptocurrency, but why buy, use, or hold Zcash specifically vs BTC or LTC? The answer is you think privacy is important, either to you, or cynically, to others so your holdings will appreciate.

Zcash can be a store of value and should be : Swiss bank accounts had privacy for a reason Because of privacy there’s a slightly larger risk of bugs leading to inflation than BTC, but privacy has value and we can mitigate those risks. However, if you buy into “hidden” inflation being uniquely risky, then you start looking for audits and safeguards for this special risk. And then you start justifying taddrs as the safety valve for hidden inflation: hidden inflation only effects the shielded pool, so money in taddrs is safe. This is fine on its own, but once you’ve bought into that, then you can never have most money be in the shielded pool. And so now you can’t have zcash really be about privacy. And again, privacy is the only reason to hold ZEC over LTC.
We have to agree its all about privacy, even if it takes time to get there.
(note, we can temporarily have a transparent pool as part of a process of iteratively improving our privacy tech and slowly moving everything over to shielded. But that still means privacy is the end goal. we’ve lost site of that)


I have to disagree. It’s only about privacy after a person knows the currency is safe. For example, would you want to own a Venezuelan Bolivar based crytpo with complete privacy or a USD based crypto with complete transparency? The answer is obvious. Privacy is less important than inflation of the currency.

But once you can guarantee safety, privacy becomes important. You won’t get big money to invest without a safety protocol and you won’t get small money because they can’t accept the vol.

zcash is akin to a savings account not a checking account.

I own zcash. But I won’t for long if I can’t get comfortable the supply is safe. I bought it thinking it was better than Bitcoin. But it’s not if Bitcoin has better safety on the supply of coins.

Everyone is speculating at this point because no one really knows if the supply is truly fixed. Although it sounds like t-address is fixed and z-address is the issue.I don’t completely understand the issue. But my preference would be to eliminate the supply risk to the extent it exists.


If you don’t trust zcash tech & devs then why hold money in t-addr, what do you achieve by doing that - you don’t get real privacy by storing in t-addr then doing t2z & z2z etc


There are safeguards in place, but if you want 100% supply auditability on demand then you will be dissatisfied with any privacy coin.

Even the Monero guys are honest and say that they cannot guarantee supply, that’s the nature of “privacy”. You have to rely on established cryptographic assumptions.

With Bitcoin you rely on some cryptographic assumptions, like the way private keys and addresses are generated: you assume that the bar is too high for a computer to brute force a public/private keypair. But will that hold true even with quantum computing, forever? Who knows.


Maybe it’s a naive question. But why can’t a coin have some type of unique ID or seal that can simply be counted without giving away private info. Assign a unique ID when it’s created and cross reference against the master list when it’s used. If the master list of IDs is more than expected or if the coin ID does not match the master list, then a protocol is in place to resolve the issue.

That’s how Zcash kinda already works, when a private transaction is made there is a unique “nullifier” that verifies that the transaction is valid without revealing the transactions details to everyone. It’s a bit over my head exactly how they work:

But what you are asking implies that there would also be some sort of “amount” tied to that nullifier.

I believe that would probably create a major privacy leak because amounts would something that can be correlated between transactions. Combine that with other metadata like time/blockheight/etc… and you have many ways to track funds via statistical graph analysis.


I have heard different kinds of arguments for which there is a clear answer & explanation for deprecation of transparent addresses in the long term. So what we do now?

I’m taking about the number of coins outstanding; not transaction values. Assuming 21m coins are outstanding, there would be 21m unique IDs. However each coin can be used infinitely. So the IDs associated with the transactions would be different. Is there a concept like this built into zcash coin supply?

The unique identifier in the protocol is a big problem for anonymity, so it is impossible to implement. You can check if there are counterfeit coins in the secure pool when they are moved from the secure pool of the outdated protocol to the new one, read about the turnstile, everything seems to be clearly described there, but this does not guarantee complete safety against counterfeiting.
All coins with anonymity protection are subject to hidden issue, this is the nature of the technology, in zcash these risks are minimized due to: code audit, turnstile, existing unprotected address, code complexity, which means implementation of hidden errors. For today I think this is enough and zec is the safest coin in terms of technology and team.


I agree with this.

1 Like

The post above is self-contradictory when it references:


and then

every exchange and … regulator

Exchanges and regulators are enemies of privacy. Governments are enemies of privacy.

Bitcoin is a success because it is amorphous. It has no corporate structure that can be leaned on by governments to impose anti-privacy AML/KYC requirements.

Unfortunately Zcash has several affiliated corporate structures. Corporations work to ensure their own survival. So the people running these Zcash-affiliated corporations hope that they can play the “compliance” game well enough to keep themselves afloat rather than squashed by governments.

I think it’s a vain hope. Governments prize their monopoly control of money flows. It keeps the tax revenues flowing and allows them to wage financial war, through sanctions and other means. A truly successful, truly private cryptocurrency would be too much of a threat for governments to tolerate. They would seek to either ban it or cripple its privacy features, as we are already seeing with Mnuchin’s latest proposal.

So every ounce of effort the Zcash community expends on playing a losing “compliance” game is wasted effort.

Where should that effort go instead?

Zcash is a privacy-oriented technology. So its competitive advantage would be strongest with users who value privacy the most. And who would that be? People doing things those in power don’t like. These days that mostly means: selling merchandise forbidden by the nanny state, and transacting with designated Evil countries.

So Zcash should be engaging quietly with every single dark web marketplace out there, asking why they are adopting Monero rather than Zcash, and making the technical case for zk-snarks rather than ring signatures. And it should be reaching out to the communities using Bitcoin to circumvent sanctions, so that Zcash can replace Bitcoin when Mnuchin’s successor starts prosecuting people for spending Bitcoins that started their life in Iran or Venezuela.

Now, if any of that actually started happening, no doubt that would bring down all sorts of regulatory hurt on Zcash’s affiliated corporate structures like ECC and the Zcash Foundation. So the people manning those structures have a big incentive to not do any of that. I don’t expect it to, dooming Zcash to remain technically brilliant, but mostly unadopted and largely irrelevant, until its backers give up and/or USG bans all privacy coins.

But I do expect a real privacy-focused cryptocurrency to come into existence someday, maybe even based on the Zcash codebase. zk-snarks are a better mousetrap, and the world will beat a path to their door. It’s just that that path won’t have signposts marked “KYC” or “AML” along the way.


I love Zcash, and completely agree with Ian here. It’s about privacy stupid.
Wanted to jump on here for the first time, and voice my opinion. Shielded ZEC FTW! At very least set privacy as a standard. z2z by default, and prohibit all t2t transactions. If you want transparency, you can use many other blockchain out there. If the main focus for Zcash is to be ‘privacy-protecting digital currency’’, then taddr should be taken out completely. Complete privacy || GTFO.


I expressed this point of view several times, no one apparently understands the real problem that zcash is facing and will face in the future, if it becomes popular, it will be banned, if it enters the darknet, it will be banned (by the way, therefore, the ECC team has repeatedly said that the advantage of zcash is that it does not exist illegal operations, what? it is not used because it can be exposed through pressure on its developers.), and any bad news means a loss of funding due to a fall in prices or a ban, which is why in 2020 all efforts were thrown into the extension of the tax from block a not to increase the popularity of the coin). First you need to solve real problems and then try to solve the issue of the full Z direction.
But they call me a troll for such posts.
If the ECC and the Fund announce their intention to abandon salaries for a certain period that will be used to develop a completely Z direction, then this makes sense (why refuse salaries because all the accumulated money will need to be spent on introducing zcash into exchanges and, in principle, spend all the same work that was done before. Do you think someone will agree to such a plan, but think that we will decide to abandon T addresses and everything will remain the same and even get better, then this is not proven, but again I agree that if zec leaves from the leading exchanges, then he will have a chance to keep the price and even rise, because my point of view is also not proven, but the risk for the teams will have problems.
That is why a plan and agreement is needed.

1 Like

Wow, so you understand everything about Zcash? :clap:

Three sentences:

  • For the last time, Zcash is about privacy
  • Under no circumstance that I care what everybody thinks, Zcash is about privacy
  • Do we want to care about what someone, who have no skin in the game, thinks? NO. This one is about privacy.
1 Like

I understand your point of view, but zcash is not the property of the public, so it doesn’t matter what we all want, it is important what can be done with the project and what is not, here you only need to consider what you can, which means you need to find out whether what we want is possible or not, here that’s all.

A case can be made that Mimblewimble coins are safer, as they directly compare the total value in the UTXO set against the expected emission, using only a few lines of code. For example the Grin expected emission up to some height ((height+1) * 60) is checked against the UTXO set in

1 Like

I suppose you are right, but GRIN has a slightly different concept regarding data storage in the chain, I cannot say who will win in a direct comparison of reliability and security, but you are right that GRIN has the advantage of double-checking. And on the topic: the same GRIN transfers are fully protected, there is neither a fund nor an official development company, but this all does not allow him to become the first among equals, therefore, for zcash, the above points can be both negative and positive, or have no effect at all for adoption, but what is not to use 100% is the real “bad” with which you need to fight, do you agree?

Wow, if only someone had seen this and pointed it out in January 2016. Oh wait…

…Or followed up in December 2016 with the specifics of exactly how the rollout failed:

Both of these quotes from this thread:

Maybe there is still time to turn things around. Still invoking the ghost of SJ: Think Different!