The Beginner’s Guide to Zcash

The Beginner’s Guide to Zcash

Zcash is a cryptocurrency that offers anonymity by shielding sender and recipient addresses and transacted amounts. Shielded transactions are possible thanks to the power of innovative zero-knowledge cryptography, namely zk-SNARKs

What is Zcash?

Zcash (ZEC) is a peer-to-peer digital currency that offers an option of anonymous shielded transactions. It leverages recent advancements in cryptography to bring a privacy-centric alternative to Bitcoin.

At the core of Zcash is the Zerocash protocol which improves on the Zerocoin protocol proposed by Matthew D. Green back in the 1980s. Zerocoin employed a sophisticated mathematical technique called zero-knowledge proofs. Zerocash builds on its predecessor and introduces a new form of zero-knowledge cryptography called zk-snarks.

Zcash was launched on October 28, 2016. Its founder is an American computer security expert Zooko Wilcox-O’Hearn. Before launching Zcash, Zooko was a fan of Bitcoin but wished it offered a higher degree of privacy. He took the bitcoin code and integrated it with the Zerocash protocol developed by the Zerocoin team.


Zero-knowledge cryptography enables the prover to prove to the verifier the knowledge of certain information without disclosing it. In other words, you can prove to someone the fact you know a secret without actually telling it. To understand the intuition behind zero-knowledge cryptography, we will draw an analogy.

Imagine, you have a superpower that allows you to instantly know the number of leaves on a tree. Your friend does not believe you and you want to prove it to him without telling him the number of leaves. Besides, telling him the number of leaves will not do much, since your friend will have no way of verifying it other than counting the leaves himself.

You and your friend come up to a tree. You quickly count the number of leaves and close your eyes. Then you give your friend a choice of pulling a leaf off the tree. When you open your eyes, you count the leaves again and if there is one missing, you tell your friend that you know he did pull a leaf. Your friend says that there was a 50% chance that you simply guessed it. So you do it again. Now the chance was only 25%. You can repeat the procedure as many times as it takes to convince your friend. In the end, you prove to your friend that you do in fact have the superpower without telling him the number of leaves or how your superpower works. This, in principle, is how zero-knowledge proofs work. If you want a more thorough analogy, read How to Explain Zero-Knowledge Protocols to Your Children.

The acronym zk-SNARK stands for zero-knowledge succinct non-interactive argument of knowledge and is a variant of zero-knowledge cryptography. The zk-snark protocol does not need the prover and the verifier to interact, hence non-interactive. The word ‘succinct’ indicates that the process is fairly easy and short to perform.

The Ceremony

To ensure the security of the Zcash network and prevent the creation of counterfeit ZEC, the Zcash team held the Ceremony of generating zk-snark public parameters (essentially ‘randomness’), which is similar to generating a public-private key pair. During the Ceremony, six trusted persons, including founder Zooko, each generated a piece of the key-pair. Then the pieces were assembled into the public key which enabled the secure operation of the Zcash network, while the pieces of the private key were destroyed.

Along with the multi-party generation of the pieces, the participants took a number of other precautions such as the use of air-gap computers, i.e. computers that were never connected to the Internet. The necessary data was passed to these computers by burning it to DVD discs from separate computers receiving the data over the Internet.

This was only the initial ceremony and, to reinforce the integrity of the network, subsequent ceremonies will include hundreds of participants.

Zcash transactions

Transactions in Zcash work much like they do in Bitcoin where one has to use their entire balance as an input of a transaction. So, making a transaction in ZEC means:

  • referencing all past transaction outputs associated with the sender’s address;
  • using them as an input of a new transaction;
  • specifying the recipient’s address and the amount to be sent;

The rest of the balance then returns back to the sender as the second output. It is, however, advisable to use a new address, otherwise it would make easier for someone to build an identity behind the address by analysing transaction patterns.

There are two types of addresses in Zcash. Z-addresses (z-addrs) are private and start with a ‘z’, t-addresses (t-addrs) are transparent (public) and start with a ‘t’. Both address types are interoperable, meaning funds can be moved around between z-addrs and t-addrs. This means that there can be four types of transactions:

A Z-to-Z transaction appears on the blockchain but no one besides the transacting parties can read the transaction details such as the sender address, the recipient address, the amount sent or the memo field. The owner of the z-addr can disclose the transaction details, if they wish so.

Mining Zcash

Unlike Bitcoin that uses SHA-256 which can only be brute-forced, Zcash uses Equihash, a proof-of-work mining algorithm based on the Generalized Birthday Problem. One of Equihash’s distinctive features is that it is not as computation-intensive as SHA-256 but it is quite demanding in terms of RAM. Designed to be ASIC-resistant and to democratize mining, Equihash was eventually cracked. Today Equihash ASICs are manufactured by Bitmain.

It is worth noting that 20% of all miner rewards are allocated to the Founders Reward as a way of supporting the ongoing development of Zcash. Starting from October 2020 the Founders Reward will be removed, and miners will be receiving 100% rewards. Block rewards are halved every four years, the current block reward is 12.5 ZEC with the average block time of 2.5 minutes. The total supply of ZEC is capped at 21 million coins.


Official website


Zcash Company twitter

Zcash documentation

Zcash subreddit


Zcash protocol specification

What are zk-SNARKs?

Reddit FAQ thread

the Ceremony

Wikipedia page


Why Equihash?



60.39 USD -7.75%
0.01131000 BTC -5.28%
Volume, 24h
222,333,002 USD
395,032,200 USD

Related news

Symantec Finds New Beapy Crypto Mining Malware Is Hijacking Chinese Companies for Monero

Beapy, a new cryptocurrency malware, is spreading very fast around the world, especially in Asia. This new malware is being used to infect several thousand highly valued companies. It uses some U. S. National Security Agency (NSA) exploits and hacked credentials in order to work and can infect many machines quickly. This latest infection spike […]
Bitcoin Exchange Guide

Bitcoin Q&A: Unspent transaction output (UTXO)

What are unspent transaction outputs (UTXOs) and where are they stored? What is dust UTXO? What should you do if all your coins are in a single address? How should you consolidate UTXOs while maintaining privacy? These questions are from the January and February monthly subscriber sessions, and the fifth session of MOOC 11, which took place on January 26th, February 23rd, and March 1st 2019, respectively. RELATED: How do I choose a wallet? - Secure, tiered storage system - Hardware wallets and attack surface - Setting up secure storage devices - What is a private key? - How do mneomonic seeds work? - Using paper wallets - Wallet design and mass adoption - Cryptographic primitives - Public keys vs. addresses - The lifecycle of a transaction - Re-using addresses - Passphrases and seed storage - Coin selection and privacy - Coin management and change - Multi-signature and distributed storage - Is quantum computing a threat? - The 21 million supply cap - Denominations and voluntary burning - Lost coins and the deflationary experiment - Divisibility and deflationary monetary policy - Inflation and debt systems - How to get people to care about security - Honest nodes and consensus - Why running a node is important - Wallets, nodes, and monetary sovereignty - Andreas M. Antonopoulos is a technologist and serial entrepreneur who has become one of the most well-known and respected figures in bitcoin. Follow on Twitter: @aantonop Website: He is the author of two books: “Mastering Bitcoin,” published by O’Reilly Media and considered the best technical guide to bitcoin; “The Internet of Money,” a book about why bitcoin matters. Subscribe to the channel to learn more about Bitcoin & open blockchains; click on the red bell to enable notifications about new videos! MASTERING BITCOIN, 2nd Edition: Translations of MASTERING BITCOIN: THE INTERNET OF MONEY, v1: THE INTERNET OF MONEY, v2: Translations of THE INTERNET OF MONEY: Spanish, 'Internet del Dinero' (v1) - French, 'L'internet de l'argent' (v1) - Russian, 'Интернет денег' (v1) - Vietnamese, 'Internet Của Tiền Tệ' (v1) - MASTERING ETHEREUM (Q4): Music: "Unbounded" by Orfan ( Outro Graphics: Phneep ( Outro Art: Rock Barcellos (

Bitcoin [BTC] will always end up being centralized around mining pools, says IOTA Founder

David Sønstebø, Co-founder of IOTA, explained the reason why they opted for Proof-of-Stake [PoS] over Proof-of-Work [PoW], in an interview with Anthony Pompliano on Off the Chain Podcast. On choosing Proof-of-Stake, the Co-founder stated that it was partially an experiment in 2013 as there was no real-world use case for blockchain back then, despite some gambling and darknet markets using it. That “was kind of the blockchain” space back in 2013, he remarked. He further stated that over the same time period, they realized that Proof-of-Stake was more efficient than Proof-of-Work, adding that it was one of the ways to get rid of mining pools and the centralization that is present in Bitcoin. He said, “[…] because ever since the beginning, Bitcoin and other blockchains have been saying, ‘this is decentralization’, but then you look under the hood and you see the consensus mechanism and how the incentives are structured in Bitcoin and then you realize it will always end up centralized around hashing power which is the mining pools […]” Sønstebø added that there were other concerns that led them to take a different route, contrary to a majority of the community. This included the energy consumption involved in mining, which could become a problem if worldwide adoption were to be set as the goal. He further stated that there were concerns surrounding regulatory actions as well, adding that the space was currently witnessing these problems, citing the rumor of China’s ban on mining farms as an example. […] So we thought, okay let’s actually explore this proof of stake route and we implemented it, it worked very well. Of course, it was still very early days […] We just didn’t see the reason to waste insane amount of computation that could be otherwise outsourced via the ledger to carry out actual computation. So that why we explored PoS early on.” The post Bitcoin [BTC] will always end up being centralized around mining pools, says IOTA Founder appeared first on AMBCrypto.

Hot news

By continuing to browse, you agree to the use of cookies. Read Privacy Policy to know more or withdraw your consent.