The Cambrian Interface Explosion

When Binance threatened to delist Zcash due to its shielding, the community did not opt to backdoor all shielded ZEC transactions to satisfy a compliance department’s interpretations of complex multi-jurisdictional regulations. TEX addresses were invented instead.

Perhaps a middle ground could be to develop a feature that allows T-addresses to hold tokens as well? The ZA: “Zcash Assets” vs “Zcash Shielded Assets”

An upside to allowing T-addresses to hold tokens is that users could temporarily showcase their NFTs, or temporarily prove their financial holdings.

Don’t give transparency to only one powerful entity and their third parties, the issuer. If you’re going to doxx transactions, give the transparency to everyone so that it’s very clear what the threat model is: the Surveilled ZSA transactions will very likely be transparent to the entire world, if not today, tomorrow.

Who cares if some issuer demands traceability. Move on and pitch decentralized projects like DAI instead.

Any stablecoin issuer that demands traceability is not Zcash’s target market, nor is any user that is comfortable with their “shielded” transactions being traced only by the powerful. Dozens of better chains exist for traceable transactions.

USDC is not our target market. Regardless, someone will wrap it, and its pool might get denylisted. That’s not something for a Layer 1 blockchain to worry about, it’s not our problem. Our problem is to define good standards and launch them. The free market does the rest.

Its unreasonable to solicit for an issuer to “confirm” that they’d put their products on a Zcash protocol feature that doesn’t exist. Unfortunately, to complete this project we’ve got to build it first and then hope that they come.

I think this post started a bit odd. I’m glad the sharp-edge ironies are over and we can discuss more seriously.

I don’t think that the following quote is fair

1. It is public knowledge that ALL Zcash engineers from ALL TEAMS are overworked. People might miss things. Example: I entered a FROST rabbithole one day and when I got out two days after there were three NEW DEV FUND PROPOSALS! It can happen that engineers have to choose between reviewing code or carefully reading and replying in the forums. they can’t do both. let’s be nice to each other.
2. Engaging professionally in the forums takes time. Sometime crafting a good post, requires many minutes, sitdowns, rephrasing, maturing the reactions, cooling down, rethinking and probably you end up deleting the post. Zcash devs shouldn’t shoot from the hip in the forums, our word is important, the community has trusted us with resources and they expect we use them delivering the most value possible.

I never thought there was an intention to not request feedback to the core devs on this. I celebrate this statement from ZCG.

proceeds to write a piece of remarkable Internet literature

Respects to @daira

My take on this
I was not aware of all the details shared on ZKProof 6. It kind of scared me when they were explained to me. I’m speaking as someone that really needs the feature: I already have price volatility at home . But if there are bridges, DEX or CEXs I can get transparent stable coins already. What’s the benefit of a lesser-private pool to get stablecoins if users have a faux sense of privacy because we need to trust the keys don’t leak? Isn’t that the trusted setup we worked so hard to get rid of?

I don’t know. I’m sure this is it’s not what most users understand that for a Zcash Shielded Asset.

I think that QEDIT should dedicate to work on deploying “vanilla” ZSAs first.

I understand because I am one of those users. The problem is that other users that leave under more oppresive goverments than me, won’t have the protection against it that they want Zcash to provide for them. A Regulated ZSA will eventually protect you against 5-dollar wrench attacks, it’s not bad, but it’s sub-par under Zcash standards.

I refer to my own posts

META: It took me about 50 minutes to read the thread and write this down

Tbh, I was also surprised by the quick decision to fund zsa stable coins research, especially since the community feedback seemed to be towards the delivery of ZSA first.

I’m ready to launch a ZSA or 2. I don’t want the surveillance features. I do want smooth developer experience and good support across the ecosystem.

We can start building some fun and noble stuff. Eventually, if there are reliable bridges and liquidity, people should be able to figure out better ways to swap in and out of “real stablecoins”

I think a coin could be launched with vanilla ZSAs that wont be “genuine ztether” or “genuine zUSDC.” But, if it can be reliably swapped for a “real stablecoin” then it is just as good or better. We start small, prove the track record, gain trust over time … we have a wholesome, noble community which is an underrated asset in compliance discussions. If the community is rife with “bad actors” then no amount of preemptive compliance tech can keep the heat off. Conversely, if there is nice usage by users and no massive influx of bad actors, then it might not be politically tenable for a rogue officer to come destroy something that is clearly wholesome.

I think that chokepoints should be a better place to put KYC/AML and similar compliance measures than into the ZSA protocol.

It’s a very tricky area indeed - definitely more art than science. Compliance is more the area of lawyers than software engineers and cryptographers. Designing a cryptographic backdoor that might be deemed compliant seems more like the last step than the first. Have we brought in lawyers and stablecoin compliance experts to OK the design or is that part of the grant in question?

I think I’d rather see explicitly transparent and fully shielded ZSAs side-by-side than hopefully-kinda-shielded-but-not-really ZSAs.

USDT ↔ transparent ZA ↔ shielded ZSA

I think something like that could be made to work and be compliant?

No, it would be a significant change to the Orchard Action circuit, in the core consensus protocol. Any mistake could potentially affect security properties for the whole of the Orchard pool.

The Zcash users want to get rid out of Transparent Pool and here we are building a surveillance mechanism to the core protocol?

oh no this sounds worse than i thought. i also had impression its somehow additional to the core not straight in the core.

also i find it weird to build compliant stablecoin support or even ZIPs before we have any stablecoin that has said YES to integrate in the future.

another thing:
payy says their stablecoin is private and censorship resistant. i dont know too much more but couldnt this be integrated as a ZSA maybe? x.com
Welcome to Payy | Payy Docs

Thanks for raising this important point. It doesn’t sound like a significant portion of the committee was aware of this requirement. However, I don’t think it would have changed my opinion to approve this grant because:

1. There had been multiple points of prior discussion between Qedit and ECC. My point of view was that this would continue until there was consensus around a design.
2. We funded research and design, not implementation.
3. We expect security audits and critique and review from multiple stakeholders. I expected that, given Qedit’s track record, they would undoubtably adhere to this standard.

This was 100% my expectation.

They are. See Zcash Shielded Assets -- Asset Swaps and beyond

Once vanilla ZSAs are deployed, the next step is to enable asset swaps. Once that’s in place, Zcash becomes a private, trustless, permissionless settlement layer, which is the hard part of building a non-custodial DEX. Counterparty (and price) discovery can happen offchain, with the trades settling on the Zcash network (effectively replacing the role of a central counterparty in the traditional financial markets).

Anyone can then build an exchange (centralized or decentralized) on top of Zcash that enables the trading of any asset that is issued as a ZSA (or gets bridged to Zcash from another chain).

That’s a game-changer for DeFi in general, never mind Zcash.

Imagine if Zcash became the default settlement platform for DeFi trading?

Some perspective might be useful here.

From Q4 2020 (when the Dev Fund started) thru Q4 2023 (the last published quarterly report), ECC spent $24.5m, or an average of $628,769 per month.

So, this research and design grant is roughly equal to one month of ECC’s average burn rate.

I grok this argument. However, I think it’s worth exploring this space as a means to better understand the trade-offs and implications. In the process, we may discover solutions that we can’t conceive of today.

Everyone in the Zcash community had the opportunity to provide feedback, and indeed, as has already been pointed out, @joshs did.

With that said, we can all do things better going forward, in terms of ensuring that core developers are aware of grant applications relating to protocol development.

However, to be clear, the fact that we can do better going forward does not mean that anyone did anything wrong in the past. Growing the ecosystem isn’t easy. There’s no decentralization fairy godmother. We need to be prepared to put the effort in, and collaborate to make it work.

I also grok the protocol complexity and risk argument.

However, it could be deployed in a separate pool (notwithstanding the anonymity set tradeoffs). Hell, it could deployed as a sidechain, to keep it entirely separate.

There’s a whole design space we can explore to see if these risks can be mitigated.

And if, after doing the research, and exploring the design space, we conclude that the downsides outweigh the upsides, and end up discarding the idea, that’s fine. Research has value, even if the answer is “No”.

ZCG approving a grant doesn’t automatically imply that any new functionality resulting from that grant will be deployed on mainnet - the community still needs to reach consensus on changes to the protocol.

Maybe we need to explicitly recognise that it’s an important part of the core Zcash engineers’ role to provide feedback on these sort of grant applications, and to engage with and support other teams entering the Zcash ecosystem.

If that means that less time is devoted to other work, then so be it. The importance of growing the ecosystem and making it more decentralized cannot be understated.

We should be welcoming and encouraging innovation, not stifling it.

A ~small minority of Zcash users want rid of T-addr/ tx.

Keep track of total network activity, where transactions are almost 85% transparent, and ZEC in circulation is also 85% transparent.

Zcash is a predominantly transparent blockchain, with just a small minority of people using the advanced privacy features.

100%

We’ve got to be realistic here. Imagine how this community looks from Qedit’s perspective. They’ve done a lot of work -the results are exemplary, in a relative sense i.m.o., yet nothing is in production because ECC and ZF have been hamstrung for a year (and will continue to be for another 6-10 months) ahead, battling to deprecate Zcashd.

We constantly run the risk of Qedit picking up/ leaving and working with a more agile competing privacy blockchain/ R&D team. The ZCG thankfully extended the olive branch by supporting another large, forward thinking Qedit R&D grant.

ECC’s monthly burn rate is a little more than half that. Additionally, whether or not you believe the grant is of good value, this a false equivalency.

My direct feedback was that it shouldn’t be baked into the core protocol. We can’t compromise.
I didn’t provide any feedback on the grant itself.

Since I’m here and have had meaningful dialogue in DC, including w/ FinCEN (and their guests) and the White House, I will add that this is a dangerous path. I wholeheartedly agree with @daira.

I think once @daira is reading our feature proposal as a core Zcash change called “surveillance”, it’s dead in the water and there’s no need to research any of it.

we’re now in talks with ZCG on cancelling it, and will figure out what are R&D directions that stand a chance to pass review → zip → review → implementation → security audit → review → merge

I’m not sure I follow your point. Zcash is an enterprise. Even if QEdit is the most brilliant team in the world, if there is no business reason for their work, you don’t make a project just to have them on board (unless you have unlimited funding to burn) and especially not a project that can ruin the rest of your business.
Either,

• you find something else that they can contribute,
• or unfortunately, you part ways.

I understand what you mean here, my point for a long time has been that the greatest potential for ZSAs is to support stablecoins/ stablefiats (both crypto native MKR DAI, or centralized ones like USDT USDC et al).

So along that assumption, thats why at face value, I’d suggest that there is value in building the feature first (even with compliance features, if practical/ possible), in anticipation that stablecoiners would move in and utilize it.

Again though, if there are notable technical problems with the concept as @daira provided, then its a non-starter.

ZSAs without stablecoins feels pointless to me, sorry to be blunt. If people can’t use a shielded dollar, then what on Earth of higher value are they supposed to want to shield as an asset/ transact with?

Wrap a non-KYC stable and/or build one

Yep! that would suffice in my opinion.

On the general topic here, I think everyone could benefit from this recent analysis/ glimpse into the economics/ reach of stablecoins.

Update: After discussing the community’s feedback on QEDIT’s stablecoin proposal, ZCG has decided to cancel the grant. It is evident that further discussions between QEDIT and the protocol engineering teams are needed, and that more time is required to gather additional community feedback on this project. ZCG may reallocate some of the approved funding to other projects that QEDIT can oversee, such as asset swaps, deprecation of zcashd, and other ecosystem priorities.

ZCG acknowledges a breakdown in communication. We misunderstood the technical requirements necessary for the implementation. Additionally, we assumed certain conversations had taken place between QEDIT and the protocol engineers, and that the engineers and community were aware of QEDIT’s grant proposal and the forum discussions. This was not the case, which indicates that we need to improve our communication strategies.

To remedy this, going forward we will take a more active role in the Arborist calls. We will make certain that all technical grants are brought to the attention of ecosystem developers and engineers to gather their feedback on the technical merits of the proposals and assess any potential risks. We will also aim to ensure that other stakeholders in the Zcash community are properly engaged on proposals that impact the protocol.

We recognize our shortcomings and apologize to the community for this oversight. ZCG is a part-time committee with a 15-hour monthly commitment. We are doing our best to fulfill our directive with the limited resources available.

We appreciate the community for raising their concerns. We take community feedback very seriously and are committed to addressing the issues raised. We will do our part to ensure something like this does not happen again in the future.

If I may make a suggestion, I think that a great step forward, and something that would be well worth funding, would be everything that’s necessary to make “vanilla” ZSAs and atomic swaps available in wallets, and to provide high-quality tools for ZSA issuance. After all, these protocol features will only be impactful to the degree that they’re available to end users.