While 2018 was largely dominated by the declining price of ZEC (and all major cryptocurrencies), it marked a significant milestone in the evolution of Zcash with both the Overwinter and Sapling network upgrades taking place. As a result, shielded transactions can now routinely be sent in a couple of seconds using a fraction of the RAM previously required (~40MB). Despite this, the percentage of shielded transactions on the network is still low, and as such, there is a greater emphasis on the adoption and usability of shielded transactions.
Sapling is an enabling technology that allows for other services and tools to be built, and there is plenty to look forward to in 2019 expanding upon the successes of this development.
1. Light Client Protocol
The official zcashd client remains the only way to send shielded transactions (it can be used in conjunction with a GUI such as zec-qt-wallet). While Zcash is well supported on many mobile applications, they all only support transparent addresses which are functionally identical to the (lack of) privacy properties of Bitcoin.
While Sapling enabled proofs for shielded transactions that may be feasibly completed on a mobile device the issue remains that currently, a mobile wallet would need to act as a full node with the associated costs of bandwidth, storage space and processing power. As explained by Ian Miers, currently, to be notified you received a (shielded) payment from someone else, you need to scan the blockchain and try and decrypt every transaction. If you can decrypt it then it is meant for you. Clearly, downloading all transactions is very bandwidth intensive hence a new light client protocol is being developed to reduce some of this burden and dramatically reduce the requirements for low-power, bandwidth-conscious devices such as mobile phones.
While the light client protocol is still in development the approach taken is to reduce the size of blocks (known as compact blocks) only to contain enough data to detect Sapling transactions and update witnesses. Light clients, such as mobile wallets, obtain these blocks from one or more intermediary proxy servers that broadcast the compact blocks, which they then process locally to update their view of the blockchain. As a light client is still receiving transaction data for all transactions there is no loss of privacy using this scheme (alternative approaches are then required if the full details of a transaction, such as the memo field are needed). The use of compact blocks amounts in a reduction of 80% in bandwidth use for detecting incoming transactions.
The first iteration of the light client protocol will still impose a relatively heavy bandwidth constraint to attain the requisite privacy properties, but it has been noted that future developments regarding Private Information Retrieval schemes as discussed here and in the future other improvements that may be integrated into the base protocol.
2. Reference Wallet
To spur the adoption of shielded transactions and in conjunction with the light client protocol detailed above the Zcash Company are engaged in developing a reference light client wallet. In a blog post introducing the reference wallet:
Zcash Company is building a reference light client wallet featuring a Sapling shielded address that can receive and send transactions. The objective of this project is to prove that shielded transactions can work on mobile devices and to build reusable solutions for functionality required to support shielded addresses.
Development of the reference wallet on Android is progressing and will be released in the first quarter of 2019 and is demonstrated in the following video detailing the general use screens:
The reference wallet may or may not develop into a fully supported wallet but will provide the necessary libraries and best practise implementations so that other existing mobile wallets may bring shielded transaction support to their applications. No doubt the launch of such a mobile wallet and supporting libraries would be the biggest driver of adoption of shielded transactions.
3. Harmony Mining
The development of ASIC miners being produced capable of mining Zcash was one of the hot topics of 2018. While ASIC miners also appeared for other cryptocurrencies the approach taken by each differed with the likes of Monero and Bitcoin Gold forking to alternate implementations to disable the current batch of ASIC miners from mining on their networks. Zcash adopted a wait and see approach with a community vote offering little clear direction on the matter.
Announced in the community forum on the eve of the Sapling network launch, the resulting Harmony Mining strategy from Zcash is an attempt to get the best of both worlds with a dual proof-of-work system with one side favouring ASIC mining and the other GPU-friendly. Nathan Wilcox, Zcash CTO summarises Harmony Mining as:
What is it? A dual-proof-of-work scheme, where one algorithm is backwards compatible with current mining equipment, and another is designed to work well with GPUs on a temporary time scale. By attracting distinct mining userbases (ASIC & GPU owners), we aim to make the Zcash ecosystem more resilient by spreading issuance and political influence among distinct kinds of stakeholders.
At the time of writing the final specifications are yet to be set but the first algorithm will be compatible with existing ASICs (Equihash 200,9) and the second algorithm also likely to be Equihash but with modified parameters such as the 144,5 used by Bitcoin Gold and others to favour GPU mining. The second algorithm (GPU) mining portion is expected to be ramped in over time (currently over the course of a year) until there is a 50/50 split.
While the final implementation details may vary expect to see GPU mining back on Zcash in some form by the end of 2019. Harmony mining will be rolled out with the Blossom network upgrade.
Since writing this article Harmony Mining will likely be delayed to NU3.
4. Blossom network upgrade
First, there was Sprout, then Sapling and next-in-line is the Blossom network upgrade tentatively scheduled for October 2019, i.e. 1 year after Sapling activation. While Sapling delivered groundbreaking developments to the Zcash protocol, the goals of Blossom are a little more understated and while decisions are still being made regarding features that will be present the current list contains:
- Harmony mining (as detailed above).
- Shorter block times keeping the same block size to increase transaction throughput.
- Splitting of the founders’ reward so that each funding stream (Zcash Foundation, Zcash Company reserve and others) are separated and in so doing increasing the transparency of the reward.
In addition, the feature to allow transaction version 4 through the Blossom upgrade will aid those services that are required to upgrade their applications to support the new transaction formats introduced by network upgrades. It was notable that during the Overwinter (v3) and Sapling (v4) network upgrades some services were slow to upgrade making these coins stuck for some time. This issue was exacerbated with the short time period between Overwinter and Sapling, but this proposed feature goal will ensure that the current transaction format will continue to work for Blossom and hence a service would have a release cycle to upgrade and on their own timeline (the next upgrade currently known as NU3 is scheduled for April 2020).
5. Zcash Foundation development and grants
One of the more exciting developments of 2018 was the Foundation joining forces with Parity to produce an alternative client for Zcash, and we can expect to see this client during 2019. This directly addresses one of the primary criticisms regarding the centralised nature of development. This is particularly important given that the founders’ reward will end at the time of the first halving in 2020 with at yet no replacement proposed.
Thanks to the direct funding of wallet development we can look forward to future improvements and features in both the
zec-qt-wallet cross-platform desktop application and the proposed iOS reference wallet to mirror the Android reference wallet produced by the Zcash Company.
- Funding of the BOLT second layer protocol implementation (i.e. Lightning network on Zcash).
- Research into alternate POW systems such as ProgPoW and a formal review of those implemented.
- Addition of Zcash to the Anypay merchant payment system to enable shielded payment support on a large payment network.
6. Continued implementation of Sapling features
While the Sapling protocol was deployed in October, a number of features have yet to be implemented in the official
zcashd client or in accompanying services. We can expect to see these features that have been enabled by Sapling being rapidly rolled out in the first part of the year.
- Full support of viewing keys in zcashd. In Sapling full viewing keys now allow the owners of shielded addresses the ability to view incoming and outgoing transaction details without exposing their private spending key.
- Improved payment disclosure that allows a user to selectively prove details of an individual transaction whilst providing no other information.
- Generation of diversified addresses via zcashd to easily allow the creation of unlinkable addresses without the performance implications of using multiple shielded addresses.
Notably, regarding hardware wallets, Sapling’s decoupled spend authority feature allows the hardware that constructs the zero-knowledge proof to be independent from the hardware that signs for the transaction. This allows hardware wallets to sign transactions with the proofs being generated on a more capable devices, such as a trusted PC. There is clear interest from hardware wallet providers such as Ledger to implement shielded support on their devices with Josh Swihart Zcash Company stating:
Ledger has communicated an intent to add shielded addresses as soon as feasible, perhaps mid next year. We are releasing libraries in Q1 that should be of help to them.
While it is expected headlines in 2019 will likely continue to be driven by price movements there is no doubt there is an exciting and diverse roadmap ahead of Zcash with 2019 looking to be the year of shielded transaction adoption.