TAILS ZCash Support

I work strictly through TAILS and have been wanting to migrate away from Bitcoin for some time now.
How should I best go about running zcash on TAILS?

To me it seems that the first privacy centric crypto to have seamless integration into TAILS will quickly become the defacto anonymous currency, but when searching I haven't found much on this front.

I don't recall where but I've seen posts about how to change the UDEV rules on TAILS to allow a Trezor and the https://wallet.trezor.io to be accessible. That would give you transparent transactions. Private transactions will still need the official wallet - which stands a better chance of working on TAILS now that it's 64 bit. But I haven't tried it.

I don't think it is a good idea to use anything that requires a full node on a livecd-based OS: you would need to download the whole blockchain each time you boot your computer.

You dould use a lightweight client approach, but there are two problems:

  • AFAIK, there is no desktop light client for zcash.
  • In order to create shielded transactions without revealing information, you really need to use the whole blockchain. So you either don't use shielded transactions at all, or you relly on a thirthd party to generate them for you (with all the privacy and security issues that brings). That kind of defeats the purpose of zcash.

Sure. That is, if you don't do a manual save / restore of the appropriate folders or bribe some kind developer to get zcashd to look in Persistence.

Including the official Zcash wallet in Tails would be a real game changer for Zcash.

It looks like the TAIL developers are open when the official wallet becomes an official Debian Package.

It has been reqeusted several times as a feature in TAILS.
https://labs.riseup.net/code/issues/12718
https://labs.riseup.net/code/issues/12095

With regards to blockchain persistance is possible in TAILS.

I hope that some will poke the Zcash developers and Tail Develops enough to make this happen.

Dedicated “Zcash on Tor” .onion addnode’s are here:

TAILS is ‘amnesic’ and is therefore not as ideal as some other solutions, perhaps, for running a full Zcash node / wallet.

If you are working ‘strictly’ through TAILS then you should already be somewhat familiar with using Encrypted Persistence;

Whonix (server and gateway) is also a great alternative option. However, the main release is still only 32-bit (unless you can build from source);

Moreover, Qubes-Whonix is 64-bit and this is where I’ve focused my own attention currently on getting this type of set-up working with a detailed guide also in the works.

I’ll have a go with TAILS this weekend (or during next week perhaps) to see what I can get working. :zcash:

Whonix and Tor for privacy & anonymity

“If you’re serious about security, Qubes OS is the best OS available today. It’s what I use, and free.” - Edward Snowden, whistleblower and privacy advocate

“With Qubes OS, I feel more comfortable accessing Tor Project infrastructure from the same laptop I use to execute random GameBoy ROMs I downloaded from the internet.” - I. Agora Lovecruft, cypherpunk, Tor Project core developer :joy:

I tried to play a bit with tails trying to make a zcash bundle for it (my idea is to make a tarball that could be downloaded to the encrypted persistent partition, with the binaries, the parameters, a gui and maybe a snapshot of the blockchain, together with some scripts to set it up and running). But i found a problem that is nontrivial to solve: tails have a very aggresive firewall rules that prevent even the loopback connection from the gui to the daemon. That would afect also the command line interface, since it uses the same interface.

This may be helpful: https://www.reddit.com/r/Monero/comments/5e3zfz/easy_guide_to_monerotailstor/

1 Like

I can confirm that that command modifies the tails default firewall configuration to allow zcash-cli to talk to zcashd. Except in the case of zcashd, the default port is 8232, so the full command is:

sudo iptables -I OUTPUT 2 -p tcp -d 127.0.0.1 -m tcp --dport 8230 -j ACCEPT

I believe this port can also be set in zcash.conf.