The Nym mixnet for Network Privacy for Zcash

@harryhalpin at the most recent meeting, the @ZcashGrants Committee voted to approve the revised proposal for $150,000 and has requested that you provide updates per milestone via the forum in this thread. This approval is contingent on your team making those changes on the Submittable platform and the elaboration of your milestones specifics.


Below are the links for the revised proposal that ZCG approved for $150,000. This ensures that all relevant information is consolidated in this thread for easy reference.


The ZingoLabs team is thrilled to announce completion of a basic Proof Concept Implementation of sending Zcash Transactions over Nym. We owe thanks to @zooko and @harryhalpin for explaining the problem space and setting us off in the right direction!

This POC is code complete, and has been manually tested and independently verified (aka sanity tested) by two separate parties in disparate environments.

I’ve been asked to provide a quick explanation of why users must care about network privacy.

Isn’t Zcash private already?

The answer is Yes! Zcash uses Zero Knowledge Cryptography to provide state of the art privacy on the Zcash blockchain. No one outside of the sender and recipient can learn anything about the details of your financial transactions.

Nym integration builds on the protection offered by Zcash.

Nym uses a state of the art Mixnet to prevent surveillance from detecting that a user has communicated with the blockchain at all.

That is, Nym protects your data on its way to the blockchain, Zcash protects your data on the chain.

To reiterate, this POC is EXPERIMENTAL CODE. It will only work for a use willing to clone and build the source code for themselves, and has not yet been thoroughly test, audited, or packaged in any way.

Buyer Beware: GitHub - idky137/zingo-proxy at nym_integration


A kind of double armor or double protection?

Well, your activity becomes invisible in different places.

On the Blockchain:
Zcash stuffs your money into an envelope that can only be opened by the person you are sending it to.

On the Network
Nym sends a continuous stream of completely identical envelopes to the post-office.

So, if you use Zcash over Nym then the Zcash envelope, that only the recipient can open, is mixed in with many, many, many other envelopes that look the same.

So if there’s a bad guy, at the post-office, he won’t even know that you’re using Zcash.

Of course, even if he did, he couldn’t open the envelope.


Excellent explanation - thank you!

1 Like

Simple and easy explanation to understand how Nym and Zcash work together. Thanks!


Hi Harry, I have a few questions for you if your please.

Would converting grpc streaming to http proxy incur any kind of performance / feature penalty?
Is Nym going to add latency to the traffic to synchronize between packets in the mixnet?
Finally, do users need to have NYM tokens to pay for the service?


1 Like

Excellent explanation! Thank you very much!

Hi @hanh, thanks for your questions!

We’re starting with sending transactions over Nym.

This is a critical use-case, and plausibly protects against some of the most damaging attacks.

We don’t believe that streaming efficiency is relevant to UX in this case.

Per your question regarding the cost of usage, Nym is currently free-to-users. I believe operations costs are covered by NymTech budget and token sales on an open global market.

This is in contrast to the Tor model where the cost of network operation is free-to-users, and the cost of operation is subsidized by the US government including elements of its military and intelligence agencies.

Per the critical question of User Experience our UI will make any costs incurred by the User for its use:

(a) clear
(b) opt-in

This means that a User will be able to opt-out of Nym in the case that they don’t wish to pay for security.

For streaming services we might consider tunneling data over Tor.


Do you have a reference for that?

how will this look like in the future? doesn’t sound like a great business model if the user doesn’t have to pay for the service?

btw, i am excited about the NYM integration

Users do have to pay for Nym-network security, if they want that service. They’ll always be able to use Zingo without that service/security.

1 Like

You’re asking me for a reference demonstrating that US intelligence agencies are invested in TOR infrastructure?

Yes. This is a pretty serious accusation, it would be nice to have some proof. By the same argument, you can say that crypto is NSA.


Well you can see the below links that I offer for convenience after 5 minutes of wikipedia search. It’s possible that the US Intelligence Community has divested interests in TOR since 2012… so I agree that I need to qualify my assertion that the IC does run TOR infrastructure with a more nuanced:

almost certainly

since I don’t have first hand experience.

Here’s a wikipedia article concerning the original raison d’etre for TOR:

“protecting American intelligence communications online”:

“The core principle of Tor, onion routing, was developed in the mid-1990s by United States Naval Research Laboratory employees, mathematician Paul Syverson, and computer scientists Michael G. Reed and David Goldschlag, to protect American intelligence communications online”

From: The Tor Project - Wikipedia

As of 2012, 80% of the Tor Project’s $2 million annual budget came from the United States government, with the U.S. State Department, the Broadcasting Board of Governors, and the National Science Foundation as major contributors,[32] “to aid democracy advocates in authoritarian states”.

I’m not anti-TOR BTW. As far as I know it’s as good as it gets for streaming services, and I know some very dedicated privacy activists that work hard to make that true. That having been said, I believe that it’s well-established that it doesn’t offer strong privacy against adversaries that can surveil both ends of a stream of traffic.

I assume that many (plausibly MOST) cryptocurrency validators/miners are run by Chainalysis or related entities. Don’t you?

I believe that there’s a lot of value to using stream-based mixers, because I don’t think that US IC is the only threat that should be mitigated, and there’s not a better option for streams. (AFAIK) So, again, I am glad TOR’s around. And frankly, I am glad that (again presumptively) Chainalysis is doing all that validation work!

I think there’s room for nuance.

In my opinion, the way you present TOR as

is misleading to the user. It seems to imply that the traffic is readable by the US gov.

Moreover, it would have been better to clearly announce that getting data from the server through NYM is not in your milestone proposal. Or is it?

  • This is technically difficult to do without latency penalty,
  • It accounts for >99.99% of the traffic between a client and a node.

But I thank you for the clarification and I’m looking forward to you solving the synchronization over nym part.

1 Like

You are implying, by this statement, that you believe that it’s not.

Is that correct?

Are you asserting that TOR traffic is NOT vulnerable to US government surveillance?

Again, I believe that TOR offers significant privacy benefits against many classes of attackers. We’d like to support TOR in cases where Nym cannot be used.

It’s important to understand what protection TOR does provide.

I am saying that having investments in TOR does not mean they can read the traffic.

Otherwise by the same logic, the ECC can read the zcash transactions.

1 Like