Terms and Conditions
- [x] I agree to the "Grant Agreement" (https://9ba4718c-5…c73-47c3-a024-4fc4e5278803.usrfiles.com/ugd/9ba471_f81ef4e4b5f040038350270590eb2e42.pdf) terms if funded
- [x] I agree to "Provide KYC information" (https://9ba4718c-5c73-47c3-a024-4fc4e5278803.usrfiles.com/ugd/9ba471_7d9e73d16b584a61bae92282b208efc4.pdf) if funded above $50,000 USD
- [x] I agree to disclose conflicts of interest
- [x] I agree to adhere to the "Code of Conduct" (https://forum.zcashcommunity.com/t/zcg-code-of-conduct/41787) and "Communication Guidelines" (https://forum.zcashcommunity.com/t/zcg-communication-guidelines/44284)
- [x] I understand all milestone deliverables will be validated and accepted by their intended users or their representatives, who will confirm that the deliverables meet the required quality, functionality, and usability for each user story.
- [x] I agree that for any new open-source software, I will create a "CONTRIBUTING.md" file that reflects the high standards of Zcash development, using the ""librustzcash" style guides" (https://github.com/zcash/librustzcash/blob/main/CONTRIBUTING.md#styleguides) as a primary reference.
- [x] I understand when contributing to existing Zcash code, I am required to adhere to the project specific contribution guidelines, paying close attention to any "merge" (https://github.com/zcash/librustzcash/blob/main/CONTRIBUTING.md#merge-workflow), "branch" (https://github.com/zcash/librustzcash/blob/main/CONTRIBUTING.md#branch-history), "pull request" (https://github.com/zcash/librustzcash/blob/main/CONTRIBUTING.md#pull-request-review), and "commit" (https://github.com/zcash/librustzcash/blob/main/CONTRIBUTING.md#commit-messages) guidelines as exemplified in the "librustzcash" repository.
- [x] I agree to post request details on the "Community Forum" (https://forum.zcashcommunity.com/c/grants/33)
- [x] I understand it is my responsibility to post a link to this issue on the "Zcash Community Forums" (https://forum.zcashcommunity.com/c/grants/33) after this application has been submitted so the community can give input. I understand this is required in order for ZCG to discuss and vote on this grant application.
Application Owners (@Octocat, @Octocat1)
@Lexiie
Organization Name
Independent / Individual Contributor
How did you learn about Zcash Community Grants
Zcash community resources, previous ZCG grant applications, and public GitHub grant discussions.
Requested Grant Amount (USD)
30,000
Category
Wallets / Developer Tools / Privacy UX
Project Lead
Name: Lexiie Casanova
Role: Project Lead and Developer
Background:
Independent developer focused on privacy-preserving applications, browser-based tools, and user-facing developer products. Experience includes building web applications, extensions, and agent/tooling interfaces with a focus on practical UX and open-source deployment.
Responsibilities:
- Lead product design and technical implementation
- Define the Z-Vault encrypted vault format and local-first architecture
- Implement the web application MVP
- Build Zcash-specific metadata, recovery, and memo anchoring workflows
- Maintain project documentation and public milestone updates
- Coordinate community feedback and milestone validation
Additional Team Members
[]
Project Summary
Z-Vault is a local-first, client-side encrypted recovery toolkit for Zcash users. It helps users manage wallet-adjacent sensitive metadata such as address labels, memo templates, recovery instructions, encrypted notes, backup references, and recovery packets without relying on centralized servers.
Z-Vault does not store plaintext secrets on-chain and does not act as a wallet. Instead, it provides a secure companion layer for Zcash users who need to organize and protect the sensitive information surrounding their wallets. Zcash integration is used as an optional privacy-preserving anchoring layer for encrypted backup commitments and recovery references through shielded memo payloads.
Project Description
Zcash provides strong privacy at the transaction layer, but users still need safe ways to manage the sensitive context around wallet usage. In practice, wallet-adjacent information often ends up in insecure places such as cloud notes, screenshots, plain text files, messaging apps, or unstructured documents. This may include address labels, recovery instructions, memo templates, wallet notes, viewing-key references, backup locations, and emergency handoff instructions.
Z-Vault addresses this gap by creating a local-first encrypted recovery toolkit specifically designed around Zcash usage. The MVP will be a browser-accessible web application that runs client-side, encrypts vault data locally, supports encrypted export/import, manages Zcash-specific metadata, and generates optional shielded memo anchor payloads for backup integrity commitments.
The project intentionally avoids handling private keys, broadcasting transactions, or replacing existing Zcash wallets. Its role is to improve the recovery, organization, and privacy UX around Zcash wallet usage.
Proposed Problem
Zcash privacy depends not only on shielded transactions, but also on how users manage the sensitive information surrounding their wallets. Many users store wallet-related metadata in insecure or centralized places because there is no simple, Zcash-oriented recovery and metadata management tool.
Common examples include:
- Address labels stored in plain text
- Recovery instructions kept in cloud notes
- Memo templates copied across messaging apps
- Backup locations forgotten or undocumented
- Transparent and shielded address context mixed together
- Sensitive wallet-adjacent notes stored without encryption
- No simple way to verify whether an encrypted backup has been modified
This weakens user privacy and recovery reliability even when users are using Zcash correctly at the protocol level.
Proposed Solution
Z-Vault will provide a local-first encrypted vault for Zcash wallet-adjacent metadata. Users will be able to create an encrypted vault, store Zcash-specific recovery context, export/import encrypted backups, generate recovery packets, and optionally create Zcash shielded memo anchor payloads that commit to encrypted backup integrity.
The solution focuses on:
- Client-side encryption
- No backend dependency for core vault functionality
- No plaintext secrets stored on-chain
- No custody of funds
- No private key management
- Zcash-specific metadata and recovery workflows
- Optional shielded memo anchoring for encrypted backup commitments
Solution Format
- Local-first web application
- Open-source repository
- Encrypted vault file format
- Zcash address metadata manager
- Recovery checklist and recovery packet generator
- Memo template manager
- Optional Zcash shielded memo anchor payload generator
- Public demo deployment
- Documentation and reproducible demo steps
Dependencies
- Browser cryptography APIs or audited open-source cryptographic libraries
- Zcash address format references
- Zcash memo format references
- Public feedback from the Zcash community
- Open-source hosting and demo deployment infrastructure
The project does not depend on custom backend infrastructure for the core encrypted vault functionality.
Technical Approach
Z-Vault will use a local-first architecture. Vault data will be encrypted on the client before storage or export. The application will support encrypted backup files that users can store wherever they choose. The system will also generate backup integrity commitments, allowing users to verify whether a backup matches a previously saved commitment.
For Zcash-specific functionality, the MVP will focus on wallet-adjacent metadata rather than transaction signing or wallet custody. It will support Zcash address labeling, address-type metadata, memo templates, recovery checklists, and optional shielded memo anchor payload generation.
The project will avoid storing plaintext secrets on-chain. If a user chooses to use Zcash memo anchoring, the memo payload will contain only a commitment or reference related to an encrypted backup, not raw secret data.
Upstream Merge Opportunities
Z-Vault is not expected to require upstream changes to core Zcash protocol repositories. However, the project may produce reusable documentation, vault format references, Zcash memo anchoring patterns, and UX learnings that can inform other Zcash wallets, recovery tools, and privacy-focused user applications.
Hardware/Software Costs (USD)
$0
Hardware/Software Justification
No dedicated hardware is required for the MVP. Development will use existing personal development devices and open-source tooling.
Service Costs (USD)
$1,500
Service Costs Justification
Service costs cover public demo hosting, project website/domain, CI/release tooling, dependency scanning, browser testing, and basic project infrastructure required to make the project reviewable and maintainable by the Zcash community.
Compensation Costs (USD)
$28,500
Compensation Costs Justification
Compensation costs cover product design, security and threat modeling, implementation of the local-first encrypted vault, Zcash-specific metadata tools, encrypted backup export/import, recovery packet generation, optional shielded memo anchoring payload generation, testing, documentation, public demo deployment, community feedback processing, and milestone reporting.
Total Budget (USD)
$30,000
Previous Funding
No
Previous Funding Details
No previous ZCG funding has been received for this project.
Other Funding Sources
No
Other Funding Sources Details
No other funding sources are currently committed to this project.
Implementation Risks
- Security design mistakes in encrypted vault architecture
Mitigation: produce a public threat model during startup phase, avoid custom cryptography where possible, document crypto choices, and keep scope limited to client-side encrypted metadata rather than wallet private key custody.
- Scope creep into wallet functionality
Mitigation: the MVP explicitly avoids transaction signing, private key management, wallet custody, or transaction broadcasting.
- User confusion around Zcash memo anchoring
Mitigation: documentation will clearly explain that memo anchoring is optional and stores only backup commitments or references, not plaintext secrets.
- Browser storage limitations
Mitigation: support encrypted export/import as a core feature and avoid dependence on a single browser storage mechanism.
- Lack of early user feedback
Mitigation: publish the repository and startup-phase specification early, post to the Zcash Community Forum, and incorporate feedback into milestone validation.
Potential Side Effects
- Users may misunderstand Z-Vault as a full wallet
Mitigation: the product and documentation will clearly state that Z-Vault is not a wallet and does not manage private keys or funds.
- Users may store overly sensitive data despite warnings
Mitigation: the interface will include clear warnings, safe usage guidance, and documentation about what should and should not be stored.
- Users may assume Zcash memo anchoring backs up their data automatically
Mitigation: documentation will clearly distinguish between encrypted backup files and optional memo-based integrity commitments.
Success Metrics
- Users can create and unlock a client-side encrypted vault
- Users can export and import encrypted backups
- Users can manage Zcash wallet-adjacent metadata locally
- Users can generate encrypted recovery packets
- Users can generate a backup integrity commitment
- Users can generate an optional Zcash shielded memo anchor payload
- Users can verify whether an encrypted backup matches a saved commitment
- Public demo is available and reproducible
- Documentation explains the threat model, safe usage, and limitations
- Community reviewers can validate each milestone deliverable
Startup Funding (USD)
$6,000
Startup Funding Justification
Startup funding will cover the initial project setup, technical specification, threat model, encrypted vault schema, UX design, Zcash memo anchoring format, repository setup, documentation structure, and early prototype work.
This phase is important because Z-Vault deals with sensitive wallet-adjacent data. The project should not begin with implementation before clearly defining what data is handled, what is explicitly out of scope, how encryption is performed, and how optional Zcash memo anchoring avoids putting plaintext secrets on-chain.
The open-source repository will be published during the startup phase. The initial repository will include the project specification, README, license, contribution guidelines, threat model draft, and early prototype structure.
Milestone Details
- Milestone: 1
Title: Encrypted Vault Core + Local-First Prototype
Amount (USD): $7,000
Expected Completion Date: 2026-08-15
Scope: Build the core local-first encrypted vault prototype. Focus on secure client-side encryption, vault file format, import/export, and basic Zcash metadata storage.
Deliverables:
- Local-first web app prototype
- Create/open encrypted vault flow
- Passphrase-based encryption flow
- Encrypted JSON export/import
- Zcash address metadata model
- Basic recovery checklist
- Initial automated test suite
Acceptance Criteria:
- User can create an encrypted vault locally
- User can export and re-import encrypted backup
- No plaintext vault data is sent to any backend
- Vault schema and crypto choices are documented
- Tests pass for encryption/decryption and backup restore flow
- Milestone: 2
Title: Zcash Recovery Metadata + UX Layer
Amount (USD): $8,000
Expected Completion Date: 2026-09-15
Scope: Build the Zcash-specific user workflows around wallet-adjacent recovery metadata, address labels, memo templates, backup notes, and recovery packet generation.
Deliverables:
- Zcash address book
- Shielded/transparent address classification
- Transparent address privacy warning
- Memo template manager
- Recovery packet generator
- Improved user interface
- Documentation for user flows
Acceptance Criteria:
- User can manage Zcash addresses and labels
- User can distinguish transparent and shielded address metadata
- User can create encrypted recovery packets
- User can store wallet-adjacent notes without exposing plaintext
- Public demo shows complete local-first workflow
- Milestone: 3
Title: Zcash Memo Anchoring + Public Release
Amount (USD): $9,000
Expected Completion Date: 2026-10-15
Scope: Add optional Zcash memo anchoring support for encrypted backup commitments and prepare the project for public release.
Deliverables:
- Backup integrity hash generation
- Zcash shielded memo anchor payload generator
- Backup verification flow
- Public demo deployment
- Full documentation
- Release build
- GitHub repository with README, CONTRIBUTING, and license
- Final report and community forum update
Acceptance Criteria:
- User can generate a commitment hash for an encrypted backup
- User can generate a memo payload suitable for optional shielded Zcash anchoring
- User can verify whether a backup matches a saved commitment
- Project has public documentation and reproducible demo steps
- Release is tagged and reviewable by the Zcash community