What is Zcoin? | Beginner’s Guide
What is Zcoin?
Zcoin utilizes the Zerocoin protocol to provide anonymous transactions in a unique scalable way. The protocol, originally intended to be an extension of Bitcoin, allows you to send coins with no transaction history. Bitcoin records the history of every transaction on a public ledger for anyone to see. Wallet addresses are only pseudo-anonymous with the potential for people to link your identity to an address. However, with Zcoin, you can preserve the fungibility and privacy of your spending.
When sending Zcoins, the process works exactly like Bitcoin, with transactions recorded in a public ledger. However, the Zerocoin protocol involves destroying your Zcoins to mint a Zerocoin. Zerocoins are new coins with no transaction history. “You can think of the Zerocoin layer as a form of coin laundry where you will put in your existing ‘dirty‘ coins (that have a long transaction history) and then redeem new ‘clean‘ coins that appear to be brand new and have no prior transaction history.”
You are then able to use the Zerocoins in a spend transaction, which converts the Zerocoins back into Zcoins. With many people minting Zerocoins, it will not be obvious who the spent Zerocoins came from, thus preserving your anonymity.
Minting and Spending
Creating Zerocoins involves selecting the number of coins you’d like to mint and a fee of 0.01 Zcoins (XZC).
There are a predetermined amount of coins you can mint to improve anonymity. For example, if you mint 1723 Zerocoins and then spend 1723 later, it would be easier to trace the transaction back to you.
You must wait about 70 minutes before you’re allowed to send the Zerocoins so it’s advised you mint ahead of time if you know you will eventually do some spending. Once you actually click spend, the address of your choice receives the Zerocoins with no transaction history.
To conceptualize how Zerocoins maintain anonymity, you first need to understand zero-knowledge proofs. “In cryptography, a zero-knowledge proof or zero-knowledge protocol is a method by which one party can prove to another party that she knows a value of x, without conveying any information apart from the fact that she knows the value of x.”
A very simplified example of a zero-knowledge proof would be proving you know your Reddit password to a friend without telling it to them, by simply logging in and showing them it worked.
Ultimately for Zcoin, you need to show proof that you can send Zerocoins without conveying information that it was your Zcoins that were burned for them.
First, you destroy a Zcoin and the Zerocoin protocol generates a random serial number S for a Zerocoin and a secret number r. Then you use S and r cryptographically to create a value C which you are committed to. This value C is posted on the blockchain so that you cannot change it later. Anyone can see the public C values created from numerous people minting coins.
To spend the Zerocoin S, you give a zero-knowledge proof that you have an S value that corresponds to a public value of C. The zero-knowledge proof only shows that there is some C that corresponds to your S, not explicitly which one. Thus some Zerocoins would be spent but no one would know it’s the value of C that corresponds to you.
To avoid double spending of Zerocoins, nodes verify that the zero-knowledge proof was valid and that Zerocoin S was not already spent.
In summary, “When someone is sent Zerocoin, the person only knows that X amount of money was sent to their wallet. Unlike Bitcoin, there is no other unintended identifying information about the sender and receiver. Zero-Knowledge proofs ensure that there is zero information leakage about the sender and receiver of a transaction.”
Currently, Zcoin uses the Lyra2z algorithm for proof of work. Eventually, they will transition to a Merkle Tree proof of work algorithm, known as MTP. MTP is a unique memory hard algorithm that aims to solve several problems. Memory hard algorithms help prevent the development of ASICs which lead to centralized mining farms.
Memory hard algorithms also prevent the use of botnets infecting computers for mining purposes. If a botnet was using up multiple gigs of memory, you’d be likely to notice something is wrong.
“The basic concept is that it should establish the same price/cost for a single computation unit on all platforms meaning that there is no single device that should gain a significant advantage over another for the same price hence promoting egalitarian computing. “
The ultimate goal is to keep CPU mining as a feasible way to participate in the security of the network. Previous memory hard algorithms also required a lot of memory for verifying nodes to confirm transactions, making running a node relatively expensive and vulnerable to DOS attacks. If you are interested in mining Zcoin you can take a look at the guides here and here.
For the first four years, the Founder’s Reward collects 14% of mined Zcoins. The Founder’s Reward funds further development of Zcoin. Within that 14%, the founder Poramin Insom receives 2%. Seed investors receive 6% and the Zcoin team receives 6%. After 4 years, the block rewards will go entirely towards Znodes and miners.
“Znodes are nodes on the Zcoin network that are incentivized to run a full copy of the blockchain and to process Zerocoin transactions. The nodes earn a share of 30% of the newly mined Zcoins, 15 every block. But running a Znode will require staking 1,000 Zcoins. “
You are required to stake coins as proof that you are highly invested in Zcoin. If you are highly invested, you’ll be incentivized to keep the network running honestly and with consistent uptime.
Johns Hopkins University professor Matthew D. Green and graduate students Ian Miers and Christina Garman originally proposed the idea of Zerocoin. Bitcoin never added the protocol due to a lack of consensus so Poramin Insom implemented Zerocoin in his own cryptocurrency, Zcoin.
Starting in September 2016, Zcoin and the Zerocoin protocol required setup utilizing RSA encryption. RSA encryption involves multiplying large prime numbers to create a number that is extremely difficult to factorize. This allows for a one-way function that’s near impossible to reverse. In order to select a number that even Zcoin didn’t know how to factorize, they chose a number from a factoring challenge held over 25 years ago. RSA had a contest with a $200,000 reward for factorizing a 617 digit number, known as RSA-2048, No one ever factored the number, and the hard drive used to create the number was destroyed. While it is conceivable that someone out there associated with RSA knows the prime number factorization of the number, it seems unlikely. Regardless, Zcoin is looking to utilize different encryption methods and eventually move away from RSA encryption.
There are several other coins associated with anonymity. Zcash also utilizes zero-knowledge proofs. Zcash used a different strategy for their initial encryption set up. They had 6 individuals each generate part of a master key and then asked all 6 to destroy their portion. Zcash’s security depends on at least one of them truly destroying their portion.
“In other cryptocurrencies, the anonymity set can be limited by how many people you mix with or how many people with which you form a ring. However, the anonymity set in Zcoin is based on the number of people who have performed a mint of a particular amount and is an ever-increasing amount which can scale into the many thousands as opposed to mixing solutions which are typically limited to a couple of dozen.”
The Zcoin team goes into even greater depth about the pros and cons of different privacy technology in cryptocurrency here.
Coin Supply and Sustainability
There were originally meant to be 21 million coins like Bitcoin but a bug led to the creation of an extra 388450 coins. The Zcoin team fixed the bug. In March 2018 the circulating supply is around 4,204,000 XZC.
Zcoin has a block time of 10 minutes and rewards of 50 coins per block currently. Like Bitcoin, eventually, these block rewards will halve over time. After all block rewards are released, the miners will make money by collecting fees on transactions.
Zcoin Team and Progress
As mentioned earlier, Poramin Insom is the founder and core developer of Zcoin. He originally founded Vertcoin but saw the need for anonymous transactions in the cryptocurrency space. As he was already working under Matthew Green at Johns Hopkins University, it provided the perfect mentor to be able to work on implementing Zerocoin. He says he wants to eventually return to development on Vertcoin but Zcoin is his main focus for the time being. In addition to Insom, there is Peter Shugalev, head developer, as well as several other developers and contributors to the Zcoin team.
It’s important that RSA never releases the factoring challenge numbers. If you knew them, you could start creating Zcoins out of nothing. However, we know this has not happened yet since it is possible to know the total amount of Zcoins on the network. Zcoin is working on implementing the Sigma protocol instead of RSA. Sigma would diminish the size of Zerocoin proofs, keeping the blockchain size smaller.
The Zcoin team is also looking into the use of TOR or other ways to hide your IP when using Zcoin to add additional privacy. You can take a look at their 2018 and 2019 roadmap below.
Like with most coins, Zcoin saw an explosion in price at the end of 2017 with some level of retracement. We might see some positive change in price if the Merkle Tree Proof of work delivers on its promises. Decentralization and anonymity could prove to be a powerful combination.
Where can you buy Zcoin?
It’s fascinating, but perhaps not surprising, that the majority of trading volume is on AEX, where Zcoin pairs with BITCNY. BITCNY is like Tether but pegged to the Chinese Yuan. China banned the purchase of Bitcoin with Chinese fiat due to capital flight concerns. With the general lack of privacy in China, it’s no wonder that people are trying to obfuscate the movement money.
Where can you store it?
Zcoin has an official GUI desktop wallet which you can find here. The wallet has the built-in mint and spend functions.
You can also use Coinomi, a third-party wallet which supports numerous cryptocurrencies. There are no browser wallets available at this time.
On the surface, it might seem strange that a certain percentage of block rewards go directly to the owner. But to give you perspective, Satoshi Nakamoto owns an estimated one million Bitcoins. While Insom invented Vertcoin, he has acknowledged that he doesn’t work on it anymore due to a lack of funding. With funding for Zcoin in place and promising developments in the roadmap, there are reasons to be optimistic about Poramin’s new team. He is back in Thailand looking to help his country become a leader in cryptocurrency with Zcoin.
Moving forward, Zcoin has an advantage that the code is based on Bitcoin. It will be relatively easy for them to integrate Bitcoin’s new code developments. Whether you believe in Zcoin or not, it’s important to know that there are options out there for the anonymous transfer of funds. And finally, even though Bitcoin rejected the Zerocoin protocol in the past, if Zcoin proves its mettle, perhaps the anonymity feature will be a part of Bitcoin’s future.
Additional Zcoin Resources
Blockchain is best known for its ability to support cryptocurrencies and dapps, but...
This week marks another hearty notch in the continued uptick in cryptocurrency markets, and boy, is it more fun to write about cryptocurrency market gains rather than weekly losses for…
ABOUT THE AUTHOR
ABOUT THE AUTHOR
Paul is a crypto-enthusiast, strategy game world champion, mathematician, and educator based in Taiwan. When he’s not drinking coffee to fuel these interests, you can find him on the way to a coffee shop.