With all the cool stuff that’s being added to Zashi, I’m kind of blown away that we still can’t generate new T-addresses. Often times receiving to a T-address is unavoidable, why are we forced to reuse the same T-address over and over again in Zashi?
I really appreciate all that amazing work that’s been going into Zashi, but this has me dumbfounded. It seems so fundamental.
They announced that this will be fixed soon. Related: Why does zashi re-use the same receiving t-address? - #21 by pjv
Did you link to the correct post? I don’t see any developer mention that.
It was a bit further up in that linked topic here:
A couple posts down from that one he indicated Q2 as the timeline for it. About 9 days left in Q2 and while all kinds of new, hyper-niche, featurific additions have landed in zashi in the mean time, this most basic, most fundamental to actual, usable, pragmatic privacy, this simple piece of elemental basic crypto-currency plumbing that has tons of examples of open source prior art in over a decade of development of bitcoin and other crypto wallets all over the place, has inexplicably not managed to arrive in zashi. It’s honestly unbelievable.
What did we add that is “hyper niche?”
For taddr rotation, we need to solve a security issue that involves core, and core has been focused on 6.1 and Zallet.
If user receives funds to multiple taddrs and then shields them all at the same time, it reveals information to potential attackers. They will have some ability to determine that they are from the same wallet. For example, if the attacker sends funds to a taddr, they can then monitor when those funds are shielded and gain information from the other balances that were shielded simultaneously. There is some discussion about leakage minimization by spreading the shielding out over time, which could be a usability issue as the user cannot send funds from a taddr in Zashi.
How many people on planet earth own a keystone device?
I ordered one just so I can use it to store shielded Zcash on a hardware wallet. Having the ability to securely store shielded Zcash “at rest” is crucial for privacy in my opinion and you don’t want to store larger amounts on Zashi itself (because of the inherent security issues of mobile phones, not the software itself). And privacy is the biggest differentiator of Zcash, so that’s a very important feature to have.
Would it be great to have support for shielded addresses in more widely used hardware wallets like Trezor? Absolutely. But Keystone support is still a great step in the right direction in my opinion.
That doesn’t mean that having more than one t-Address isn’t crucial, it absolutely is. But it also needs to be designed right, especially in how you deal with a situation where you have multiple UTXOs on different t-Addresses that haven’t been shielded yet.
In an ideal world you would shield every incoming transaction to a t-Address immediately, but that would require Zashi to be active in the moment you receive the transaction. You cannot do push notifications to wake up the app in case of an incoming transaction, that would require to give the t-Addresses to a server and violate privacy.
However, once you have multiple unshielded UTXOs on different t-Addresses (on the same one it doesn’t matter) you have no easy way out anymore:
And how do you communicate all of these subtleties to a user without messing up the UX?
I would probably go with a UX design which goes like this:
So, at least one then.
Not criticizing supporting hardware wallets. I’m criticizing the development priorities and choices.
My point was that both are very important features and should be pursued in parallel, which seems to me what is happening.
The Zashi + Keystone integration significantly boosted ZEC in the shielded pool. Calling Keystone integration a misguided dev priority is ironic. ZCG funded Ledger and Trezor integrations for shielded addresses years ago, but those failed due to Ledger and Trezor’s priorities. Know the history before criticizing those driving Zcash’s future.