ZCash May Not Be That “Anonymous” After All
Zcash is one of the first coins that come to mind when it comes to privacy and anonymity. Developed by academics and cybersecurity experts, this coin is also the preferred choice for gamblers who want to remain anonymous for the same reason. Especially if you live in a country where gambling can result in imprisonment and whip punishment, you want to stay as anonymous as possible. ZCash, developed by Zooko Wilcox, was thought to be able to provide this anonymity, but a report by University College London claims this may not be true (1).
Let’s give some information about ZCash first. This coin, which uses the Zero Cash protocol, has two different addresses. One of the addresses starts with “t” and the other starts with “z”. Addresses starting with T are almost transparent and does not provide any privacy. But both fee and transaction times are lower. Addresses starting with Z use the zk-SNARK algorithm. Without going into too much technical detail, we can say that this algorithm resembles the HTTPS protocol and heavily encrypts the transaction to hide sender and recipient information. Theoretically, such encryption can only be broken by quantum computers.
So, What Seems to Be The Problem?
The report by University College London shows that there is a serious flaw in this system: if you are using both T and Z addresses to make transactions, the zk-SNARK algorithm becomes much more fragile. Theoretically, it is possible to determine the identity of parties who use Z addresses by following their T address transactions. This is a fairly complex process, but to put it simply, it is possible to create a database by following both addresses long enough and using it to reveal the Z users’ identities.
Only the users who use both address types are affected. So if you are only doing transactions with Z addresses, there is no danger to you. However, if you are using both addresses, you are at risk.
The developers of ZCash have accepted this problem (2), but they do not offer any solution. The only advice they give is for users to perform transactions with only Z addresses. In the near future, they plan to disable their T addresses entirely, so they do not want to deal with fixing that flaw.
In short, if you live in a country that has heavy sanctions for gambling and you are using ZCash, be careful: you may not be as safe as you think.
- (1) https://smeiklej.com/files/usenix18.pdf
- (2) https://blog.z.cash/maintaining-privacy/