Embed Size (px)
Citation preview
Zcash DocumentationRelease 4.1.0
Paige Peterson & Marshall Gaucher
Nov 04, 2020
Introduction
1 Zcash Basics 31.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31.2 Zcash Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31.3 Zcash Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41.4 Project History . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
2 Community Spaces 72.1 Code . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72.2 Regular Events . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72.3 Discussion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72.4 Social Media . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
3 Architecture and Cryptography 93.1 Current Design . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93.2 Current Issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103.3 Roadmap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103.4 Strategy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103.5 End Goal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
4 Development Best Practices 134.1 Development workflow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134.2 Handling Zcash features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
5 Network Upgrade Guide 155.1 Canopy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155.2 Heartwood . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 165.3 Blossom . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 165.4 Sapling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 165.5 Overwinter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
6 Zcash Full Node and CLI 216.1 Install . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 216.2 Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 226.3 Use . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 226.4 Upgrading . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 226.5 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
i
7 Zcash Protocol 257.1 Protocol Specs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 257.2 Zcash Improvement Proposals (ZIPs) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 257.3 Network Upgrade Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
8 Light Client Development 278.1 Lightwalletd . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 278.2 Android . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 288.3 iOS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 288.4 WASM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 298.5 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
9 Zcash Mining Guide 319.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 319.2 Calculating rewards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 329.3 Purchasing an ASIC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 329.4 ASIC hosting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 339.5 ASIC setup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 339.6 Joining a mining pool . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 349.7 Getting payment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
10 Zcash Integration Guide 3510.1 Integration Path . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3510.2 Bitcoin API . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3510.3 Zcash Payment API . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3610.4 Contact Us . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3610.5 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36
11 Recommended Wallets 37
12 Funding 3912.1 ZF Grants . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3912.2 Major Grants . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
13 Further Learning 4113.1 Videos . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4113.2 Quick Reads . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4113.3 Podcasts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4213.4 Investment Theses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4213.5 Research Papers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
14 Developer Tools 4314.1 Zcashd/Zcash-cli RPC Docs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4314.2 Zcash Testnet Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4314.3 Private Containerized Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4314.4 Block Explorer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
ii
Zcash Documentation, Release 4.1.0
This is the home for Zcash documentation for end users and developers. Check out our quickstarts, tutorials, APIreference, and code examples.
Introduction 1
Zcash Documentation, Release 4.1.0
2 Introduction
CHAPTER 1
Zcash Basics
Zcash is a cryptocurrency that uses advanced applied cryptography to provide enhanced privacy via shielded addresses.Zcash is the first practical application of zk-SNARKs, a specific type of zero-knowledge proof.
1.1 Overview
Get a quick dive on Zcash in 8 minutes:
1. Introducing blockchains, Zcash vs Bitcoin, and Zcash’s main feature (2 min)
2. How we define financial privacy, and why financial privacy is important (3 min)
3. How Zcash uses zero-knowledge proofs for financial privacy (2 min)
1.2 Zcash Features
This is a quick summary; the Zcash technology page has additional information and examples.
Primary features:
• Addresses: Zcash has two types of addresses: private (z-addresses) and transparent (t-addresses). Z-addressesstart with a “z,” and t-addresses start with a “t.” The two Zcash address types are interoperable. Funds canbe transferred between z-addresses and t-addresses. There are privacy implications of shielding or deshieldinginformation through these transactions. Today, most wallets and exchanges exclusively support t-addresses,although support for shielded addresses is available for mobile and desktop wallets.
• Transactions: Transactions between two transparent addresses (t-addresses) work just like Bitcoin: the sender,receiver and transaction value are publicly visible. Transactions involving shielded addresses include shielded(z-to-z), shielding (t-to-z), and deshielding (z-to-t), with the z-address getting privacy protections. The mostsecure transaction is a shielded (z-to-z) one, which encrypts the sender and receiver addresses and transactionamount. However, all transactions appear on the public blockchain, so a transaction is known to have occuredand what fees were paid.
3
Zcash Documentation, Release 4.1.0
• Viewing keys: The owner of a z-address can share its transaction details with trusted third parties via a viewkey–a key that grants read access but not spend authority over the address. This allows for “selective disclosure”,where transactions are auditable but disclosure is under the participant’s control. This allows compliance withpayment for auditing, tax regulations, or anti-money laundering rules.
Supporting features:
• Like Bitcoin, Zcash has a fixed total supply of 21 million units.
• Low-fee transactions of .0001 ZEC; default for all transactions, but configurable.
• Encrypted memos to pass along messages or other useful data.
• Transaction expiration to reduce mempool bloat; default expiry is 40 blocks (50 min).
• Multisignature transactions; currently only available for public transactions.
1.3 Zcash Protocol
• Units and divisibility: The unit of account of the Zcash system is a ZEC. The ticker symbol used to representZcash is also “ZEC”. As a nod to Bitcoin’s creator, a zatoshi is the smallest amount within Zcash representing0.00000001 ZEC, one hundred millionth of a ZEC.
• Funding Structure: Zcash pays out a portion of each block reward to fund protocol development and (for thefirst year) to pay back investors. During the first four years of Zcash, 10% of the block reward was transferredto the Founders Reward fund and distributed to the Electric Coin Co., Zcash Foundation and initial investors.After network upgrade 4, 8% of the block reward will be transferred to the Dev Fund and managed by a MajorGrants Review Committee.
• Mining: Originally Zcash could be mined at home, using CPU or GPU machines. As mining hardware evolved,ASIC machines became the preferred mining machine for professional cryptocurrency miners and mining pools.ASICs can be customized for a particular use (such as mining Zcash) and therefore outperformed previousmining hardware such as CPUs and GPUs. Zcash community members voted against ASIC-resistant protocolupdates in mid-2018 citing security concerns. The top mining pools for Zcash include Flypool, Nanopool andSlushpool. The next network upgrade, Heartwood includes ZIP 213, which would allow miners to mine directlyto a shielded coinbase.
• Scalability: Scalability work is in progress. There are several approaches to making blockchains scalable, bothat the protocol layer (layer 1) and at the application layer (layer 2). In September 2019, Sean Bowe, researcherat Electric Coin Co., proposed Halo, a novel technique for practical recursive zero-knowledge proofs. ECCresearcher Daira Hopwood presented a research proposal for sharding architecture. This proposal calls for theuse of sharding, a technique that partitions a database into sections or “shards” to improve the throughput limit,in order to scale to high transaction volumes.
1.4 Project History
• Pre-launch: Zcash grew out of “Zerocash/Zerocoin,” an experimental proposal from seven scientists to improveprivacy protections in Bitcoin. The Zerocoin company, known today as the Electric Coin Co., raised $3M infunding to develop the initial protocol.
• Creation: Zcash launched on October 28, 2016 by Electric Coin Co., a private company founded by ZookoWilcox. Zcash relies on a novel mathematical proof called a zk-SNARK. “SNARKs are the engine that canquickly and efficiently verify a transaction and add it to the blockchain without revealing any details to the pub-lic.” SNARKs require a set of public parameters which allow users to construct and verify private transactions.These parameters are set up in an elaborate secure multi-party computation; for Zcash, this is known as theTrusted Setup.
4 Chapter 1. Zcash Basics
Zcash Documentation, Release 4.1.0
• 2016 - 2018: After the Zcash launch, the Zcash engineering team released a series of upgrades known as the“Sprout series.” The team also put forward plans for two core protocol upgrades known as Overwinter andSapling. The Sapling upgrade made efficiency improvements and enabled new kinds of core protocol features.The Zcash Foundation was formed in March 2017 with an initial endowment of 273,000 ZEC, taken fromthe Founder’s Reward. The Zcash Foundation organized the Powers of Tau ceremony, which was at the timethe largest multi-party computation ceremony ever performed. In 2017, enterprise partnerships like the Zcashcollaboration with JP Morgan further fueled a wider interest in blockchains and zk-SNARKs. The Saplingupgrade activated October 29, 2018, almost two years to the date from the initial Zcash launch.
• 2019-2020: In early 2019, the Zcash Company rebranded to the Electric Coin Co. to differentiate from Zcash theprotocol and the Zcash Foundation. The Zcash community began a several-month-long governance discussionregarding the continuation of the Founder’s Reward and the Zcash trademark. In February 2019 it was revealedthat a serious cryptographic flaw had affected the zk-SNARK proving system, called BCTV14, that was usedby Zcash before the Sapling upgrade. This flaw could have allowed counterfeiting. The Electric Coin Co.stated in a blog post that they “believe that no one else was aware of the vulnerability and that no counterfeitingoccurred in Zcash”. Electric Coin Co. announced a research project to increase the scalability of Zcash by 2021.One of the results of this research is the Halo proving system. Blossom, the third network upgrade for Zcash,activated in December 2019. This upgrade halved the target block interval, to 75 seconds. Funding discussionsculminated in early 2020 with community consensus around ZIP 1014, a Zcash Improvement proposal thatdescribes a structure for a newly established Zcash Development Fund. Heartwood, the fourth network upgradeis scheduled to activate in July 2020. Heartwood includes Flyclient support and shielded coinbase. Canopy isthe next network upgrade, which activates in November 2020, ahead of Zcash’s first halvening.
1.4. Project History 5
Zcash Documentation, Release 4.1.0
6 Chapter 1. Zcash Basics
CHAPTER 2
Community Spaces
Here’s where to find us, and interact with us. Hope to see you soon!
2.1 Code
• github/zcash: Electric Coin Company (ECC, founding entity of Zcash) projects.
• github/zcash-hackworks: ECC experimental projects.
• github/ZcashFoundation: Zcash Foundation (ZF, non-profit sister to ECC) projects.
Note: There are other projects that feature Zcash! These are ones maintained by core developing entities.
2.2 Regular Events
• Zcon: Yearly Zcash in-person conference, usually around June.
• Zeal call: Monthly general call with updates and featured speakers.
• Gardening club: Monthly round robin presentations of Zcash open source projects.
• Arborist call: A monthly call about protocol development.
2.3 Discussion
• Discord: The place everyone is at! Casual chat with ECC, ZF, and the community.
• Forums: A place to more formally discuss ideas and proposals.
7
Zcash Documentation, Release 4.1.0
2.4 Social Media
• Twitter: @ElectricCoinCo
• Youtube: ElectricCoinCompany
• Web: Zcash website, ECC website
• Blog: ECC Blog
8 Chapter 2. Community Spaces
CHAPTER 3
Architecture and Cryptography
An overview of the cryptography inside Zcash. Don’t worry if you don’t understand what this means–this isn’trequired knowledge to use Zcash or build Zcash apps. However, this is required knowledge for developers who planto contribute to cryptographic improvements.
3.1 Current Design
librustzcash/pairing
• pairing is a crate for using pairing-friendly elliptic curves. Currently, only the BLS12-381. construction isimplemented.
librustzcash/bellman
• bellman is a crate for building zk-SNARK circuits. It provides circuit traits and primitive structures, aswell as basic gadget implementations such as booleans and number abstractions.
librustzcash/jubjub
• jubjub is a pure Rust implementation of the Jubjub elliptic curve group and its associated fields.
librustzcash/zcash_primitives
• Implements some Sapling primitives necessary for testing
librustzcash/zcash_proofs
• Implements Sapling/Sprout circuits on top of bellman, and the APIs for creating and verifying proofs.
librustzcash/zcash_history
• Special implementation of Merkle mountain ranges (MMR) for Zcash!
librustzcash/zcash_client_backend
• This library contains Rust structs and traits for creating shielded Zcash light clients.
zcash/src/rust
9
Zcash Documentation, Release 4.1.0
• FFI library crate that exposes the Zcash Rust components to the C++ zcashd full node.
3.2 Current Issues
• We’re doing lots of refactorings and improvements to the code, but these will span many different crates untilwe get to a stable point. Hard to review and coordinate.
– Example: bellman is going to be a “circuit-only” thing, agnostic to the proving system. groth16 crate willhandle groth16.
– Example: hardware wallets only want/need jubjub and sapling primitives, so we need to pull out zk-SNARK stuff (which requires an allocator, standard library, etc.)
• Code is inconsistent (with naming, as far as we know) with specification
• Nothing is labeled as constant/variable time
3.3 Roadmap
librustzcash/pairing
• pairing is being refactored into a generic library for working with pairing-friendly curves. After the refac-tor, pairing will provide basic traits for pairing-friendly elliptic curve constructions, while specific curveswill be in separate crates.
librustzcash/bellman
• bellman is being refactored into a generic proving library. Currently it is pairing-specific, and differenttypes of proving systems need to be implemented as sub-modules. After the refactor, bellman will begeneric using the ff and group crates, while specific proving systems will be separate crates that pull in thedependencies they require.
librustzcash/zcash_client_sqlite
• Warning: This is an alpha build, not yet intended for 3rd party use.
• This library contains APIs that collectively implement a Zcash light client in an SQLite database. We areactively rebasing this and adding features where / when needed.
3.4 Strategy
• librustzcash repository is a Rust workspace containing all of our dependencies, for the time being, via git sub-trees
• We refactor code and integrate test vectors closely, following stringent code review processes and quality policies
• Later, we break the subtrees out into crates with stable APIs
10 Chapter 3. Architecture and Cryptography
Zcash Documentation, Release 4.1.0
3.5 End Goal
• Complete cleanup of code (match spec, best practices)
• More members of the team learn how all this stuff works, good documentation
• Refactor of code into modular pieces that all relate to each other nicely
• no_std support for hardware wallets and other projects
• In the meantime, everything is CI’d and developed together
• The coolest, most awesome crypto codebase written in Rust anywhere in the world
3.5. End Goal 11
Zcash Documentation, Release 4.1.0
12 Chapter 3. Architecture and Cryptography
CHAPTER 4
Development Best Practices
We pledge to respect all contributors. In the interest of fostering an open and welcoming community, we also expectcontributors to adhere to the contributor code of conduct.
4.1 Development workflow
The Development workflow and guidelines will get you up to speed and contribute to Zcash projects. It talks about theZcash Github workflow, which has a few quirks from the general git flow, how Zcash core developers code and test,and the nuts and bolts of operation (CI, versioning, and release process).
4.2 Handling Zcash features
The Zcash feature UX checklist will give you an idea of how Zcash features are standardly treated, and how you shoulddesign for them. For instance, shielded addresses should be used long term, since using a new one per transaction(industry standard) does not provide additional privacy. These lessons learned over time will save you some technicalcomplexity and support calls if you follow these guidelines.
13
Zcash Documentation, Release 4.1.0
14 Chapter 4. Development Best Practices
CHAPTER 5
Network Upgrade Guide
We recommend all wallets, exchanges, and clients that accept/support Zcash to follow these guidelines to prepare forthe upcoming network upgrade. Network upgrades on a bi-annual basis to maintain the Zcash network.
Below is general advice that applies to all network upgrades:
Keep your zcashd node updated Check that you are running the latest stable version of zcashd
Version verifiability Clearly state the version of Zcash in a place users can find it. Somewhere inside the client’suser interface, state the protocol name and version number (available from the getblockchaininfo method). Thisallows users to check what version of Zcash their client is running.
Pre-upgrade notification Inform users that a network upgrade is happening before it happens. 4000 blocks (ap-proximately a week) in advance, tell users a network upgrade is happening soon, and that transactions will beunavailable for about an hour at the activation block height.
Defensive transition Disable the initiation of new transactions starting 48 blocks (approximately one hour) beforethe activation block-height. If a user sends a transaction right before the upgrade, it is likely to not make it ontothe chain. This can cause user confusion and frustration.
Post-upgrade notification Tell users when the upgrade has finished and re-enable initiation of transactions. Notifyusers with a message or at their next login after the network transition.
5.1 Canopy
Canopy is the fifth network upgrade for Zcash, coinciding with the first Zcash halving. Canopy will establish a newdevelopment fund for the next four years.
Consensus Branch ID change See ZIP 251
Development Fund ZIPs ZIP 207 and ZIP 214 are needed to establish a new development fund. ZIP 207 specifiesa mechanism to support funding streams, distributed from a portion of the block subsidy for a specified rangeof block heights. ZIP 214 describes consensus rule changes interpreting the proposed structure of the ZcashDevelopment Fund, which is to be enacted in Canopy and last for 4 years.
15
Zcash Documentation, Release 4.1.0
Disabling Addition of New Value to Sprout Pool ZIP 211 disables the ability to add new value to the Sprout valuepool balance. This takes a step toward being able to remove the Sprout protocol, thus reducing the overallcomplexity and attack surface of Zcash.
Sapling Ephemeral Secret to Recipient in Note Plaintext ZIP 212 improves the security assumptions needed toensure that diversified addresses are not linkable. It does this by introducing a new note plaintext format forSapling Outputs in transactions.
Fix Ed25519 Validation Rules to Allow Batch Validation ZIP 215 improves the validity criteria of Ed25519 signa-tures used in Sprout transactions by explicitly defining criteria and changing them to be compatible with batchvalidation.
5.2 Heartwood
Heartwood is the fourth network upgrade for Zcash and enables more third-party integrations and better privacythrough shielded coinbase.
Consensus Branch ID change See ZIP 250
Flyclient Support Flyclient, specified through ZIP 221, enables efficient proofs of Proof-of-Work for light clients.In addition to enabling improved light-client wallets, this improves many cross-chain protocols. This ZIP spec-ifies modifications to be made to the Zcash block header format to include Merkle Mountain Range (MMR)commitments.
Shielded Coinbase ZIP 213 defines modifications to the Zcash consensus rules that enable coinbase funds to bemined to shielded Sapling addresses. It does not disable the use of transparent addresses in coinbase transactions.
5.3 Blossom
Blossom is the third network upgrade for Zcash.
Shorter Block Target Spacing
This feature increases the frequency of blocks, allowing transactions to resolve faster. This will improve Zcash’susability and increase how many transactions per hour the network can sustain while keeping transaction fees low.This feature has undergone a specification audit. It is currently being tested on testnet as part of the Blossom NetworkUpgrade Pipeline, before version 2.1.0 of zcashd supporting mainnet activation is released in September.
Consensus Branch ID change See ZIP 206
Amount of FR to be paid in coinbase transaction See ZIP 208 and Protocol Section 7.7
Function from block height to FR has changed See ZIP 208 and Protocol Section 7.8
5.4 Sapling
Sapling is a network upgrade that introduces significant efficiency improvements for shielded transactions that willpave the way for broad mobile, exchange and vendor adoption of Zcash shielded addresses.
Transaction formatting
All transactions must use the new transaction format from Sapling onwards. Make sure that you canparse these v4 transactions. Previous formats will not be valid after the Sapling upgrade, so if youcreate transactions, the v4 format must be used after the upgrade has activated (but not until then).Hardware wallets and SPV clients are particularly affected here.
16 Chapter 5. Network Upgrade Guide
Zcash Documentation, Release 4.1.0
See ZIP 243. Test vectors for ZIP 243 have been pushed and are being reviewed.
Shielded HD Wallets All Sapling addresses will use hierarchical deterministic key generation according to ZIP 32(keypath m/32'/133'/k' on mainnet). Transparent and Sprout addresses will still use traditionalkey generation.
See ZIP 32.
Also see Sapling Protocol Specification.
5.4.1 General Guidelines
Using zcashd unmodified
If you use the RPC as provided in the zcashd client, which is true for most exchanges and general users of Zcash, youmust update your zcashd node to at least version 2.0.1.
For an updated list of specific parameter changes for Sapling in the zcashd wallet RPC, please see: Sapling RPCUpdates v2.0.1 (PDF).
Additionally, Sapling introduces new parameters which must be downloaded by running the fetch-params.shscript. These new parameters are placed in the same directory as the older Sprout parameters.
Using custom code to create/sign/send transactions
If you manually create transactions, the following changes are critical. Reference section 7.1 of the Sapling specifica-tion for complete details:
• The transactions version number MUST be 4.
• The version group ID MUST be 0x892F2085.
• At least one of tx_in_count, nShieldedSpend, and nJoinSplit MUST be nonzero.
• If version 4 and nShieldedSpend + nShieldedOutput > 0 then:
– Let bvk and SigHash be as defined in §4.12 ‘Balance and Binding Signature (Sapling)’;
– bindingSig MUST represent a valid signature under the transaction binding verification key bvk ofSigHash - i.e. BindingSig.Verifybvk(SigHash, bindingSig) = 1.
• If version 4 and nShieldedSpend + nShieldedOutput = 0, then valueBalance MUST be 0.
• A coinbase transaction MUST NOT have any JoinSplit descriptions, Spend description, or Output descriptions.
• valueBalance MUST be in the range {-MAX_MONEY .. MAX_MONEY}.
In addition, consensus rules associated with each JoinSplit description (§7.2 ‘Encoding of JoinSplit Descriptions’)each Spend description (§7.3 ‘Encoding of Spend Descriptions’) and each Output description (§7.4 ‘Encoding ofOutput Descriptions’) MUST be followed.
Mining Pools
Mining pools running the Stratum protocol will have to make some changes as well.
The hashReserved field in the Stratum Protocol will have to be replaced by the hashFinalSaplingRoot fieldfrom the block header (§7.5 ‘Block Header’).
5.4. Sapling 17
Zcash Documentation, Release 4.1.0
5.4.2 Testing
Sapling is currently activated on testnet. To test transactions you’ll want to follow the testnet_guide. Alternatively,developers can use these features in regtest mode.
5.5 Overwinter
Overwinter is the first network upgrade for Zcash. Its purpose is strengthening the protocol for future network up-grades. It includes versioning, replay protection for network upgrades, performance improvements for transparenttransactions, a new feature of transaction expiry, and more.
Overwinter activated successfully at block 347500, mined at June 25, 2018 20:42 UTC-04:00
Transaction formatting All transactions must use the new transaction format from Overwinter and onwards. Makesure that you can parse these “v3” transactions (write a parser for them if you aren’t using our code). Previousformats will not be valid after the Overwinter upgrade, so if you create transactions, the “v3” format must beused after the upgrade has activated (but not until then). Hardware wallets and SPV clients are particularlyaffected here. See ZIPs 202 and 203 .
Transaction version number The 4-byte transaction version will have its most significant bit set from Overwinterand onwards, for two-way replay protection of Overwinter and unambiguous transaction parsing of all currentand future formats. For example, existing “v1” and “v2” transactions use version numbers “1” and “2”, but “v3”Overwinter transactions will use the unsigned version number “(1 << 31) | 3” in the transaction serializationformat. See ZIP 202 .
Version group IDs A transaction version will be uniquely paired with a version group ID to ensure unambiguoustransaction parsing. For example, a “v3” transaction will always have the version group ID “0x03C48270” inits serialization format, even after future network upgrades. See ZIP 202 .
Branch IDs Each network upgrade has an associated branch ID that identifies its consensus rules. For two-wayreplay protection, creating transactions will require the branch ID of the current chain tip when signing a trans-action (in the BLAKE2b personalization field.) You can obtain the branch ID of any block height from thegetblock API. See ZIP 200 .
Signature hashing There are new SegWit-like features in this upgrade, such as transaction signatures committingto values of the inputs. We suggest reusing code from SegWit (e.g. for hashing transparent outputs) whenimplementing the new SignatureHash function. See ZIP 143 .
Transaction expiry We recommend that you do use the default expiry height (20 blocks/~1 hours) and follow theseUX guidelines so that Zcash users can develop a consistent expectation of when Zcash transactions expire andwhat happens. Zee ZIP 203 .
This isn’t an exhaustive list of the changes. Look at the Overwinter Zcash Improvement Proposals (ZIPs) below forcomplete details on the changes that will be made. The five ZIPs cover network handshaking, transaction format,transaction expiry, signature hashing, and network upgrade mechanisms.
• ZIP 143 Transaction Signature Verification for Overwinter
• ZIP 200 Network Upgrade Mechanism
• ZIP 201 Network Peer Management for Overwinter
• ZIP 202 Version 3 Transaction Format for Overwinter
• ZIP 203 Transaction Expiry
The network upgrade is coordinated via an on-chain activation mechanism.
18 Chapter 5. Network Upgrade Guide
Zcash Documentation, Release 4.1.0
Zcashd v1.1.0 (and future releases) running protocol version 170005 will activate Overwinter at block 347500 atwhich point only v3 transactions are processed. Older versions of Zcashd <= 1.0.14, running protocol versions <=170004, will partition themselves away from the main network into a legacy chain.
Wipeout protection is provided by the new transaction format and signature hashing scheme. Blocks from the legacychain will not be accepted by the upgraded network. That is, the upgraded network is permanent, and Zcashd v1.1.0(and future releases) can not reorganize back to the older non-upgraded chain.
5.5.1 Common Issues
tx-overwinter-active This error is simply saying that Overwinter has been activated and your client must be upgradedto the latest version. Upgrade your client and try again. If the issue persists try restarting the client. If this erroris appearing on a third party app like a mobile wallet, please file a support request with the developer of theproduct and let us know in the #user-support channel on the community chat - https://discord.gg/PhJY6Pm
mandatory-script-verify-flag-failed (Script evaluated without error but finished with a false/empty top stack ele-ment)
This error has been most commonly seen when using sendrawtransaction. This can be caused by a few things.
1. When creating raw transactions, the signrawtransaction step must be completed correctly. Thereis a field in signrawtransaction called prevtxs which can be seen here (https://zcash-rpc.github.io/signrawtransaction.html). The prevtxs parameter is optional, but if it is specified, the amount pa-rameter must also be specified. This amount is the total amount of the previous output. Prior toOverwinter the amount parameter was not required, this is a change between Overwinter and theprevious version.
2. This issue can also arise in an edge case where a user is signing the transaction from an offlinenode. If this is the case the offline node must be synced to above the Overwinter activation height,block 347500.
Node sync is stuck before Overwinter activation height This bug occurs when you are starting a fresh node orrestarting a node that is not synced to above the Overwinter activation height (block 347500) and causes thenode to sync very slowly. The bug has to do with your node incorrectly banning peer nodes. The end result isyour node will sync very slowly as it will not be able to maintain as many connections to other nodes as usual.
This issue has been fixed in 2.0.0. Please update your client to 2.0.0 or above.
5.5. Overwinter 19
Zcash Documentation, Release 4.1.0
20 Chapter 5. Network Upgrade Guide
CHAPTER 6
Zcash Full Node and CLI
Zcashd & Zcash-cli allow you to run a full node and interact with it via a command-line interface. The zcashd full nodedownloads a copy of the Zcash blockchain, enforces rules of the Zcash network, and can execute all functionalities.The zcash-cli allows interactions with the node (e.g. to tell it to send a transaction).
Zcashd & Zcash-cli are maintained by Electric Coin Company (the founding team for Zcash).
6.1 Install
• Docker (containerized DebianOS)
• Debian/Ubuntu (officially supported) Debian Jessie support ends on Oct 1st 2020.
• Other Linux Systems (“best-effort” supported)
21
Zcash Documentation, Release 4.1.0
• OSx (“best-effort” supported)
• Windows (unsupported)
6.2 Configuration
Zcashd requires a zcash.conf file to run.
A blank zcash.conf file will run with all default settings. To generate one, run:
mkdir -p ~/.zcashtouch ~./zcash/zcash.conf
Zcashd can be configured in various ways to suit different use cases; see the Zcash.conf guide for an extensive list ofoptions.
6.3 Use
Now, run zcashd!
./src/zcashd
If you are running Zcash for the first time, the Zcashd node needs to fully sync before using the RPC. This may take aday or so.
With a fully-synced running zcashd in the background, open a new terminal window and run:
./src/zcash-cli getinfo
See the available RPC commands for all the capabilities of Zcashd & Zcash-cli.
Try generating some addresses, then sending and receiving transparent and shielded transactions! Note that there areseparate commands for transparent and shielded addresses/transactions.
If you’re running Zcashd for development, configure Zcashd to run on testnet, which takes significantly less time tosync than mainnet. Use the Zcash Testnet Faucet to get test funds.
6.4 Upgrading
If you use zcashd but have not upgraded within 16 weeks of a release, it will reach the end-of-support (EOS) halt andexit with an error message. See the release cycle for details.
The node gives a warning two weeks in advance if you have the metrics screen enabled (and if there are no otheroverriding errors). A getdeprecationinfo RPC call will also return the block height at which the node will halt.
To upgrade Zcashd & Zcash-cli, fetch the latest updates:
git fetch origin
Helpful tips:
• Upgrading to v4.0.0 requires a build; try the following:
22 Chapter 6. Zcash Full Node and CLI
Zcash Documentation, Release 4.1.0
git checkout v4.0.0./zcutil/clean.sh./zcutil/build.sh -j$(nproc)
• Run Zcashd again and verify that the version number matches that of the source repository.
• If parameters need re-running, try ./zcutil/fetch-params.sh. This is unlikely, and the node shouldtell you if this is necessary.
• If you don’t have nproc or if the build runs out of memory, try again without the -j argument, just ./zcutil/build.sh.
• If you run into issues upgrading, please see the Network Upgrade Guide.
6.5 References
An extensive list of Zcashd & Zcash-cli pages, including ones linked inline in this page above.
• Zcash RPC Commands
• Zcash.conf guide
• Troubleshooting Guide
• Wallet Backup Instructions
• Sending Memos with Zcashd
• Zcash Mining guide
• Known Issues
• Data Directory Files
• Tor Support in zcashd
6.5. References 23
Zcash Documentation, Release 4.1.0
24 Chapter 6. Zcash Full Node and CLI
CHAPTER 7
Zcash Protocol
This page has what you need to know all about the Zcash protocol, its upgrades, and how to contribute.
A blockchain protocol operates on top of the Internet, on a P2P network of computers that all run the protocol and holdan identical copy of the ledger of transactions, enabling P2P value transactions without a middleman though machineconsensus. The Zcash protocol allows all this with added privacy.
7.1 Protocol Specs
The most up-to-date Zcash Protocol Specification contains the most complete description of everything that happenswith Zcash. It introduces the protocol abstractly, dives in technically, and details what each upgrade to the protocolhas changed. The draft of the spec including Canopy details what will change, but is subject to change frequently.
7.2 Zcash Improvement Proposals (ZIPs)
Zcash Improvement Proposals (ZIPs) are the way to: propose new features and their rationale, specify the implemen-tation details of the feature, collect community input on the proposal, and document design decisions. Anyone canwrite a ZIP! The author(s) of the ZIP are responsible for building consensus within the community and document-ing/addressing dissenting opinions.
7.3 Network Upgrade Guide
The Network Upgrade Guide gives advice on how to stay current with the Zcash protocol and network. It alsodetails the changes made with each network upgrade, and if and how those changes necessitate changes on supportingservices. Network upgrades on a bi-annual basis to maintain the Zcash network.
25
Zcash Documentation, Release 4.1.0
26 Chapter 7. Zcash Protocol
CHAPTER 8
Light Client Development
The following resources allow development of apps and services that can transact on the blockchain without down-loading an entire copy of the blockchain. A light client (also known as lightweight node) is referencing a trusted fullnode’s copy of the blockchain, whereas a full node is a node that fully enforces all of the rules of the blockchain.
8.1 Lightwalletd
A stateless server that serves light clients with blockchain information. It fetches blockchain data from zcashd, pro-cesses them to reduce data, and stores it in a database. This allows light clients with different requirements to getrelevant data without interacting with zcashd directly.
27
Zcash Documentation, Release 4.1.0
Resources
• Lightwalletd source code
• Lightwalletd instance setup guide
• Lightwalletd API docs
Quick info
• Parallelize-able, stateless, and containerized
• Can run virtually on the cloud (EC2, GCP, AZURE, Docker, etc.)
• Not using load balancers, orchestrators, schedulers (yet)
• Metrics, stress tests, and testing done (ask us)
8.2 Android
We maintain a SDK that allows for wallet functionalities (address management, send, receive, etc.), documentation ofthe APIs, and a demo app that exercises the SDK.
Resources
• Android SDK source code
• Android Demo app
• Android API docs
Quick info
• Native Android SDK and app, written in Kotlin
• Architecture: targeting ARM64, ARMv7 and x86
• APIs: We support API 16+ but we optimize for API versions 21+
8.3 iOS
We maintain a SDK that allows for wallet functionalities (address management, send, receive, etc.), documentation ofthe APIs, and a demo app that exercises the SDK.
Resources
• iOS SDK source code
• iOS Demo app
• iOS API docs
Quick info
• Native iOS SDK and app, written in Swift
• Less mature then Android SDK but working towards parity
• Targeting the latest (past two 2 years) iPhones
28 Chapter 8. Light Client Development
Zcash Documentation, Release 4.1.0
8.4 WASM
A minimal functioning demo web wallet that allows desktop OSes to use shielded addresses and separates web-specificwallet functionalities.
Originally built 2019, and is not actively maintained: https://github.com/str4d/zcon1-demo-wasm.
8.5 References
• Light client threat model
• Contributing guidelines
8.4. WASM 29
Zcash Documentation, Release 4.1.0
30 Chapter 8. Light Client Development
CHAPTER 9
Zcash Mining Guide
Welcome! Want to earn Zcash while strengthening the security of the Zcash network? Whether you are a hobbyistor a professional, mining is a great way to do it. Given the current network difficulty you must use an ASIC to mineZcash.
Thanks to Luxor for assistance with this mining guide.
In this guide we cover:
• Overview of the Zcash mining process
• Calculating rewards
• Purchasing specialized hardware (ASIC)
• Finding a hosting solution for your hardware
• Setting up your ASIC
• Choosing and configuring a mining pool
• Setting up a Zcash wallet
9.1 Overview
Like many blockchains, transactions on the Zcash network are secured using a cryptographic method known as Proofof Work (PoW). In this process, application-specific computers compete to find a solution to a difficult mathematicalproblem defined by the Equihash hashing algorithm. As a result of performing this work, miners are rewarded withnewly minted coins.
Just over 2 years ago, Equihash coins were being mined solely by GPUs. Since the release of the Antminer Z9 mini,more and more ASICs have been deployed to the network achieving a staggering 10x growth. A chart below showsthe growth of the Zcash network difficulty with popular ASIC releases.
31
Zcash Documentation, Release 4.1.0
9.2 Calculating rewards
Zcash mining economics can be distilled down to three inputs: revenue, operating expense & capital expenditure.
On the revenue side, you can check out the current profitability using many publicly-available mining calculators. Atthe time of writing this guide, 1Msol of hashpower generates $55 in revenue a day. The next thing to do is to predicthow this will change over the investment horizon (2-3 years). Usually, you want to assume some increase in networkdifficulty (decreasing the revenue) and make a prediction on the price of Zcash. Also, make sure to factor in changesto the block reward to miners.
On the operating expense side, this is largely dependent on your electricity cost. It is crucial that you source cheapelectricity to use to power your equipment. As of 2020 you ideally want to pay less than 7-8 cents USD per kWh.
By leveraging expertise in equipment procurement, operating with low-cost power, and more, miners can generatesolid risk-adjusted returns, in many cases over that of Bitcoin mining.
9.3 Purchasing an ASIC
ASIC stands for Application-Specific Integrated Circuit and describes a type of processor that is designed for a singlepurpose. ASICs are a popular choice for mining cryptocurrency because they can offer higher efficiency than CPU orGPU miners.
Please note that the information on this page may become obsolete due to the rapidly changing market. Make sure todo your own proper due diligence into any machine listed below.
The following Equihash ASIC miners are available on the market today:
32 Chapter 9. Zcash Mining Guide
Zcash Documentation, Release 4.1.0
Going direct to the manufacturer is an option for the latest-gen machines:
• Bitmain: https://www.bitmain.com
• Innosillicon: https://www.innosilicon.com
ASIC resellers may also have miners available:
• Blockware Mining: https://www.blockwaresolutions.com
9.4 ASIC hosting
Some miners host ASICs in their own home if they have a good shed or basement. They also usually only do thisin smaller volumes due to power constraints. ASICs can be intrusive in your home as they are extremely loud whenoperating (think a vacuum cleaner). In addition, mining hardware consumes a very significant amount of electricity,so running multiple mining ASICs in your home may damage your wiring or fuse board. It is key to understand theserisks ahead of hosting an ASIC at home.
Depending on the considerations above and your electricity rate, it could make sense to send your ASICs to a mininghosting site. The hosting business takes a “hosting fee” in return for setup, ensuring proper operations, electricity andongoing maintenance.
There are many hosting options available in the US and Canada which can be found in a database here. This databasecontains some of the top facilities like Blockware, Compute North, Core Scientific, Frontier, Box Miner, and manymore. Please make sure to do your own research before making any decision on engaging a colocation business.
9.5 ASIC setup
• Powering up the Miner: Connect your machine to the power outlet via the built-in PSU. Then connect yourminer to your internet-connected router or switch using a standard network cable. You are now ready to powerup your miner.
• Scanning for Devices: To get started, use a scanning tool like AngryIP or Locator to scan every device on yourlocal network and see its IP address. After you have identified your miner’s IP address, you are ready to proceedwith Configuration.
• Configuration: Enter the local network IP address of your miner in the URL bar of any web browsr. A dash-board similar to the one shown below will pop up.
9.4. ASIC hosting 33
Zcash Documentation, Release 4.1.0
9.6 Joining a mining pool
• Joining a pool: We highly recommend joining a mining pool rather than mining solo. It provides a more steadyincome stream based on the hash rate contributed, rather than only getting paid when your ASIC mines a block.
In choosing a mining pool, you can consider the size of the pool, payout methods (PPS vs PPLNS),pool fee, geographic location of the pool, ping time to the server, user interface, statistics / data, andcustomer support. Ultimately you want to find a pool that can be trusted, has high payouts and a greatuser experience. A list of pools can be found here.
• Completing Configuration: Once you have created a user account with a chosen mining pool, you will need tocomplete the setup process at the specific mining pool so that the ASIC is registered as a mining participant inthe mining pool. We recommend that you contact the chosen mining pool directly with any assistance.
• Monitoring Results: Each mining pool will have a different monitoring dashboard. Once set up, you should beable to see how much you are contributing to the mining pool, the status of the ASIC miner, and the estimatedpayout for the work.
9.7 Getting payment
The last step is to set up a Zcash wallet and corresponding Zcash address to receive payouts. If you do not have oneset up yet, we have a list of recommended wallets here.
Once you have your address, navigate to the settings or account details page in the respective mining pool’s interface,and add the address to pay out to. Commonly, payments are paid out either periodically or after a certain threshold ofZEC has been earned. What you choose is up to you, but we encourage you to be paid out to a zcash shielded addressfor enhanced privacy, if the mining pool supports this feature.
34 Chapter 9. Zcash Mining Guide
CHAPTER 10
Zcash Integration Guide
Zcash is based on Bitcoin, and has a superset of functionality, both in the protocol and the RPC interface. Thisdocument describes Zcash integration into services and products.
10.1 Integration Path
There are two approaches to integrating a service or product with Zcash: the Bitcoin-compatible approach, and theZcash API approach. The Bitcoin-compatible approach is convenient for deployments that already use Bitcoin Core,because the API is (almost) identical. Alternatively, if new integrations are being developed, using the Zcash API maybe simpler for most use-cases.
Services that use the Zcash API can send to and receive from both z-addrs and t-addrs. One current drawback is thatthis API does not support multisig transactions. Services that use the Bitcoin-compatibility approach can only send orreceive to/from t-addrs which do not provide the privacy features Zcash is known for.
A service that supports both z-addrs and multisig will use the Zcash API for all transactions except multisig, in whichcase it will use the Bitcoin API.
Designation Features to SupportLevel Description Transparent Trans-
actionsTransparentMultisig
Private Transac-tions
EncryptedMemo
1 Bitcoin- com-patible
Bitcoin API Bitcoin API
2 Zcash API Zcash Payment API Bitcoin API Zcash PaymentAPI
Zcash PaymentAPI
10.2 Bitcoin API
• Backwards compatible with Bitcoin-Core 0.11.2 with minor modifications to JSON output.
• Recommended for: time to market for existing Bitcoin applications, familiarity with Bitcoin and multi-sig.
35
Zcash Documentation, Release 4.1.0
The zcash daemon, zcashd, presents the same kind of RPC interface as Bitcoin Core, and this interface (see BitcoinRPC reference) provides a very similar set of Bitcoin API calls, which we call the Bitcoin API. Transactions whichonly involve transparent addresses can be created with this API just as for Bitcoin.
This API can be used for advanced Bitcoin transactions, just as in Bitcoin Core, such as those involving multisigaddresses. Multisig addresses begin with “t3” whereas standard transparent addresses begin with “t1”.
10.3 Zcash Payment API
• For sending both transparent and private payments. Extends the existing Bitcoin API with new commands.
• Recommended for: new applications looking to add private transactions and encrypted memo field supportwhich do not need multisig.
In addition, zcashd adds the Payment API (see payment_api reference). This is a high-level API that simplifies thecommon use cases of transfers. This API can send from or to both z-addrs and t-addrs through the z_sendmany call.
Example of using curl to make a z_sendmany call:
curl --user "$USER:$PASSWORD" \-X POST \--data-binary "{ \"jsonrpc\": \"1.0\", \"id\":\"curltest\", \"method\": \"z_sendmany\→˓", \"params\": [\"$FROM_ADDR\", [{\"address\": \"$TO_ADDR\" ,\"amount\": $AMOUNT}]]→˓}" \-H "Content-Type: text/plain;" \http://127.0.0.1:8232
This API does not yet support advanced Bitcoin transaction types, such as those involving multisig addresses.
10.4 Contact Us
For assistance with integrating Zcash into your product, send us a message at [email protected].
10.5 References
user_guide
payment_api
Bitcoin RPC reference and Bitcoin API calls
Zcash benchmarking site
36 Chapter 10. Zcash Integration Guide
CHAPTER 11
Recommended Wallets
Electric Coin Company does not endorse specific digital wallets, other than the Zcashd full node wallet. We providesome recommendations as a courtesy at z.cash, in order to simplify the overall digital currency experience for you.
Digital wallets can help keep your cryptocurrencies safe, private and in your control. We highly recommend the useof wallets for storing Zcash (technically, they store the keys to your Zcash addresses). But keep in mind, your walletis like your bank account, so take extra precautions with your passwords, and be sure to perform regular backups toprotect your money.
37
Zcash Documentation, Release 4.1.0
38 Chapter 11. Recommended Wallets
CHAPTER 12
Funding
We’re building a decentralized collaborative community around Zcash, and paying contributors helps strengthen theproject (even if they are not part of the two Zcash official entities).
Currently, ZF Grants are used to fund community contributions. After the Canopy upgrade in Nov 2020, additionalfunds will be available via the Major Grants system.
12.1 ZF Grants
The Zcash Foundation funds Zcash development, research, and other ecosystem projects through a platform called ZFGrants. Submit your idea there to get funding. If you don’t have an idea of your own, there is an open requests-for-proposals listed on the ZF Grants website.
ZF Grants is similar to Kickstarter. But instead of using fiat money, users can pledge $ZEC to projects that grow orstrengthen the Zcash ecosystem. The Foundation will evaluate proposed projects on a rolling basis and choose whichones to sponsor. We are able to match funds or attach a bounty payment to a given campaign. But you can also fund aproject solely through the contributions of. . . anyone!
12.2 Major Grants
In Jan 2020, the community voted to create a new development fund with 20 percent of the mining rewards. Thedevelopment fund will be distributed to ECC (7 percent of mining rewards), the Zcash Foundation (5 percent ofmining reward) and an additional fund to be used for grants to support third-party Zcash efforts (8 percent of miningrewards). Grant participants will receive the largest portion of development funds which will further decentralizeZcash-related efforts. Stipulations were also introduced for formal accountability and reporting requirements of eachparticipant.
Translation: the amount of funding available community contributors exceeds the funding for ECC (the foundingentity for Zcash) and ZF (sister nonprofit entity)! We’re looking for the opportunity to collaborate on our efforts onthis important project and its potential to bring economic freedom and opportunity for all of humanity.
39
Zcash Documentation, Release 4.1.0
Although Major Grants (MG) will not be paying out until after Canopy activation (estimated Nov 2020), we encourageyou to formalize your ideas to be ready for when applications are open.
40 Chapter 12. Funding
CHAPTER 13
Further Learning
Zcash is a new form of private money that is controlled by no one and is developed as an open collaborative project.Below are some curated educational resources to get you jump started at unerstanding the system.
Note that this list is open source; please suggest changes on Gitlab!
13.1 Videos
• Coinbase Earn Video series:Intro, Privacy, Tech
• Goodbit, What is Zcash
• Zcash, Fortune Magazine
• Down the Rabbit Hole with Zooko
• Around the block - Episode 1 - “Genesis Block”
• Security and Privacy for Crypto with Zero-Knowledge Proofs (15 min)
13.2 Quick Reads
• Coin Center - What is Zcash
• Zcash, the HTTPS of Blockchains
• A beginner’s guide to Zcash, also in Spanish
• What are zk-SNARKS?
• Understanding Zero-knowledge proofs through illustrated examples
• Anatomy of A Zcash Transaction
• How Transactions Between Shielded Addresses Work
41
Zcash Documentation, Release 4.1.0
• Transaction Linkability
• Zcash Glossary
13.3 Podcasts
• The Ceremony, RadioLab
• Zooko Wilcox, CEO of Zcash: The Evolution of Legitimately Private Crypto
• Zcash Review - Episode 2 - Design of the Ceremony with Zooko Wilcox and Andreas Antonopoulos
13.4 Investment Theses
• Messari Zcash Profile
• Grayscale - An Introduction to Zcash
• Kraken - Zcash Brief
• Etoro - Zcash Market Research Summary
• Aumentum - A Case for Zcash & Privacy
13.5 Research Papers
• Zerocash: Decentralized Anonymous Payments from Bitcoin (extended version, 2014)
• An Empirical Analysis of Anonymity in Zcash (2018)
• On the Size of Pairing-based Non-interactive Arguments (2016)
• A Proof of Security for the Sapling Generation of zk-SNARK Parameters in the Generic Group Model (2018)
• Constructing Elliptic Curves with Prescribed Embedding Degrees (2005)
• Pairings for beginners
• Zkp.science (extensive list of zero knowledge proof research papers)
42 Chapter 13. Further Learning
CHAPTER 14
Developer Tools
Here are the most helpful tools to test and debug code.
14.1 Zcashd/Zcash-cli RPC Docs
Thee Zcash RPC webpage makes it easy to look at zcashd commands, their parameters, and examples. The content onthat page is the formatted help text for each of the Zcash RPC calls, extracted by an open sourced tool. This is one ofthe most frequently used resources by core developers.
14.2 Zcash Testnet Guide
The Zcash testnet is a blockchain that attempts to mimic the main Zcash network for testing purposes, with its owncoins that hold no monetary value (TAZ). It’s used by developers to experiment with Zcash apps having to use Zcash(ZEC) and test network upgrades before activating on the main Zcash network. Since it’s public and long-running,you can see a lot of historical data, and interact with many peers.
14.3 Private Containerized Network
The Zcash testnet-in-a-box (TNB) will deploy a collection of monitored and peered zcashd instances to a Kubernetescluster. This is useful for isolated testing in a controlled environent. This gives the ability to control of how many nodesare on the network, how many transactions are sent and mined, and more. New protocol development or research onnew RPCs will benefit greatly from this tool.
14.4 Block Explorer
By default, zcashd will operate as a full node and wallet. However, zcashd can alternatively be run as a full node withaccess to a block explorer, which allows it to see and fetch additonal fields (i.e. utxos, spent txid). This zcashd mode
43
Zcash Documentation, Release 4.1.0
is commonly used along with zcash-cli to service exchanges, wallets, and other zcash services, but cannot be used asa wallet itself since it will contain no private keys.
44 Chapter 14. Developer Tools
