ZCash’s anonymity vs other currencies

I’ve pondered about a thing, and I hope some of you can enlighten me. The thing that sets Zcash apart from other currencies are the promise of shielded transactions. Without this, Zcash would just be another generic altcoin, right?

Now, Bitcoin was the first cryptocurrency, and has a lead in both usage and visibility in the media. I read somewhere that it is possible (or planned) that Bitcoin could implement encryption in its network to open up for real anonymous transactions (sorry, no source).

So my worried question is: Is there a possibility that one of the big currencies (BTC, ETH, LTC) can implement encryption changes that can compare with the shielded transactions of ZEC? Which in turn would make ZEC obsolete overnight?

Popular subject :slightly_smiling_face: search around the forum. The answer in short, probably not. The difference between zcash and the others being the trusted setup ,the powers of tau should eliminate any doubt as to its validity (4th time ive mentioned it today, wild!)

4 Likes

If you glimmer over this enough (i posted it elsewhere as well), you’ll see the main intention of all of it is to emulate what zcash does without the trusted setup. So essentially its the opposite of zcash because they choose to eliminate instead of fixing what is required. Seems illogical.
https://crypto.stanford.edu/bulletproofs/

Edit- “what zcash does” isn’t actually correct, CTs only hide the amount and not the addresses, one of the examples in the paper refers to how CTs could hide a persons wage if they were paid in btc, which is cool but you could still tell if they worked there, its just a patch (hopefully that person makes enough to cover all the transaction fees, not a very good example)

2 Likes

If bitcoin CTs are “bulletproof”, then zcash STs are “invincible”, dont buy the hype, zcash was meant for this and now all these other coins that, before, never were suddenly, now, are too? Theyll tell you its faster, better, trustless. When not compared to zcash, the shortcomings dont really get a bulletpoint. If the trusted setup is performed so that the possibility of it being compromised is completely infeasible, then the whole paper is a moot point, i.e. compared to zcash.

1 Like

Great question. I’d say nothing is going to obsolete Zcash overnight as everything has its tradeoffs.The ETH comparison is probably the best one and the FAQs on the Zcash site are very helpful:

What’s the point of Zcash if Ethereum is going to have SNARKs? https://z.cash/support/faq.html#ethereum-zk-snarks

The other side would be something like Monero. Technically Zcash offers better anonymity - again a good link is here: https://z.cash/support/faq.html#how-does-zcash-compare-to-other-cryptocurrencies-with-anonymizing-properties but that doesn’t make Monero obsolete. Indeed the tradeoff for zk-SNARKs is that it relies on a trusted setup and that proving is very computationally expensive compared to Monero (current after latest upgrade it is 1.7GB of RAM and ~1 minute time) - note that both of those are being significantly improved on for the Sapling hardfork.

As for Bitcoin… The breakthrough in confidential transactions which is what you are eluding to still means the transaction size is 3x current ones (albeit this can be somewhat mitigated by aggregation techniques). If you’ve witnessed the last few years of all-out war over the block size such an increase in transaction size is unlikely to be rolled out anytime soon. Yes, it could be rolled out on Litecoin but again it doesn’t offer the same anonymity properties of Zcash (Zcash is a theoretically perfect mixer in that the anonymity set is literally every single other shielded transaction) not least as it only hides amounts and not addresses like Zcash.

Mimblewimble is also of interest which will be launching soon (I don’t know enough about this to make an informed comment) but again I think wouldn’t offer the same privacy properties as Zcash.

Finally, things like zk-STARKs may be the holy grail for privacy-focussed coins as it removes the need for the trusted setup https://www.coindesk.com/zk-starks-new-take-on-zcash-tech-could-power-truly-private-blockchains/. The good news if you are a Zcash fan is that the researchers of this technology are part of the Zcash team so if any blockchain is going to get it first it’s probably Zcash!

6 Likes

cool

i know IOHK devs from ukraine are paid in bitcoin maybe they should switch to zcash hehe

Anway always better to have as many private coin as possible so once one become kind of cracked, we can switch the other ones.

This thread seems to be a good place to ask this:

As of the current version, what is the least amount of RAM that can generate a shielded transaction?

What are the estimates for this requirement after Sapling?

Currently still the same 1.7GB (this doesn’t include the system memory so that’s the absolute baseline and in reality will be higher).

Sapling, last I read was 40MB, so while that number might be improved I think it’s safe to say it’ll be in the order of the 10s of MB as opposed to GB.

1 Like

There’s loads here too https://speed.z.cash if you really want to dig into it.

1 Like

Exactly what I was looking for - thank you!

For those interested: it was 1.6525 GB in the latest test.

1 Like