Below is a list of topics with the most frequently asked questions about Zcash and its technology. For troubleshooting the Zcash client, please see our troubleshooting documentation.
What are the key differentiators for Zcash?
In addition to cutting-edge, privacy-preserving cryptography, Zcash has unique characteristics that differentiate it from other projects. Zcash supports fast block times (75 seconds), low fees (default 0.0001 ZEC) and large block sizes (2 MB). Zcash has regular upgrade schedules, which means this protocol is adaptable to meet the varied use cases of today, as well as the unforeseen use cases of tomorrow. This promotes innovation and prevents ossification.
Zcash is also self-funded with strong community governance that aligns the incentives of key stakeholders. Zcash’s governance structure is inclusive and capture-resistant. With the Canopy upgrade, a new community development fund is secured from 2020 to 2024. With Major Grants fund, at least $20 M is ear-marked for future zcash development, decentralizing the ecosystem. Read more about the MGRC.
How is Zcash different from other privacy-preserving cryptocurrencies?
There are several approaches to protecting financial privacy. In the realm of digital currencies, we strongly believe that Zcash has the best approach. With a fully-shielded Zcash transaction, the sender, recipient and amount are fully encrypted and completely private. Please note that fully transparent Zcash transactions are similar to BTC in that the sender, receiver and amount are visible on a public blockchain. Shielded transactions help preserve financial privacy by making it more difficult to link transactions. Learn more about transaction linkability.
Other projects, such as Monero, use ring signatures that obscure the sender and recipient. Monero’s use of Bulletproofs hides the transaction amount but not the transaction graph (the latter relies instead on their ring signatures and mixins). Advanced forensics and analytics companies claim to be able to trace these types of transactions. Zcash’s use of Groth 16 proofs hides both the transaction amount and the transaction graph (the latter by proving that the note being spent exists in the global note commitment tree).
Privacy-enhancing technology also must fit within a regulatory framework. Zcash is trusted by regulated exchanges such as Gemini, who recently announced support for shielded withdrawals.
How is Zcash different from Bitcoin?
Zcash is a code fork of the bitcoin protocol and maintains its own blockchain and currency token. Zcash builds on the existing work from the Bitcoin core team to enable privacy preserving transaction data using zero-knowledge proofs. It also includes some non-privacy changes to bitcoin, including its proof of work algorithm.
When did Zcash launch?
The Zcash block chain launched on October 28, 2016, bringing into existence the first Zcash monetary units. This software release and the initial phase of the blockchain is called 'Sprout' to emphasize that it is a young, budding blockchain with great potential to grow. Please read our launch blog post for more details.
Zcash is based on the peer-reviewed Zerocash protocol, which was published in the IEEE Security & Privacy conference in 2014. The Zerocash paper provides a detailed technical overview of the specification. Changes to the protocol are not generally peer-reviewed, but they are described and justified comprehensively in the protocol specification. Those changes have been subjected to several independent security audits.
How can I acquire Zcash (ZEC)?
You can buy ZEC from cryptocurrency exchanges with another cryptocurrency or fiat currency (depending on which exchange you use). You can also purchase Zcash directly from another person or “peer-to-peer.” Use caution when exchanging with services and individuals that you are not familiar with. You can also acquire Zcash by mining Zcash. Mining Zcash lets you earn tokens while taking part in securing the decentralized network.
How do I install a Zcash wallet?
There are a variety of third-party wallets for storing and sending ZEC, in addition to the officially supported core client, zcashd. When choosing a wallet, you have several options in terms of custody (custodial vs non-custodial), operating system (desktop, iOS, Android) and shielded support. You can also browse options available on third-party sites such as Zcash community site.
What is the difference between shielded and transparent Zcash addresses?
Addresses which start with "t" behave similarly to Bitcoin, exposing addresses and balances on the blockchain and we refer to these as "transparent addresses". Addresses which start with "z" include the privacy enhancements provided by zero-knowledge proofs and we refer to these as "shielded addresses". It is possible to send ZEC between these two address types. The Sapling network upgrade introduces a new shielded address for improved efficiency and functionality. The legacy shielded addresses start with a "zc" and the new Sapling shielded addresses start with a "zs". See our blog posts Anatomy of A Zcash Transaction, Sapling Transaction Anatomy, How Transactions Between Shielded Addresses Work for more details.
Does Zcash offer complete anonymity for all transactions?
Zcash enhances privacy for users by encrypting sender, amount and recipient data within single-signature transactions published to its public blockchain ledger, specifically for transactions involving shielded addresses. Zcash does not: encrypt data for multisignature, protect against correlations made with public transactions (for example, when Zcash is traded to/from another cryptocurrency) or obfuscate IP addresses. Further reading: A Shielded Ecosystem
What is the difference between Zerocoin, Zerocash, Zcash and ZEC?
Zerocoin is a cryptographic currency protocol invented by Ian Miers, Christina Garman, Matthew Green, and Aviel D. Rubin in 2013. Zerocash is an improved cryptographic currency protocol invented by Eli Ben-Sasson, Alessandro Chiesa, Christina Garman, Matthew Green, Ian Miers, Eran Tromer, and Madars Virza in 2014. Zcash is an implementation of the Zerocash protocol, with certain improvements as described in our protocol specification. We have adopted ZEC as the informal three letter currency code for the Zcash currency, and ⓩ as its currency symbol.
What are the economics of Zcash?
How can we determine the amount of ZEC in circulation within transparent and shielded pools? How does Zcash prevent counterfeiting?
Zcash miners validate every on-chain transaction. Transactions that involve a shielded address (either sending or receiving) come with a zero-knowledge proof. The zero-knowledge proof ensures that the transaction doesn't violate the "conservation-of-money" rule (i.e. a proof that the money coming out of the transaction is less than or equal to the money going into the transaction). ECC uses Turnstiles as a method of auditing the monetary base in Zcash’s shielded pools.
How secure is Zcash? Is it vulnerable to attacks like 51% or Cybil Attacks?
Electric Coin Co and Zcash Foundation regularly conduct security audits and produce security reports to ensure the security of Zcash. The chance of a 51% attack on Zcash is near zero, because the aftermath of such an attack would potentially leave the attacker’s hardware worthless, so anyone with the resources to carry out such an attack would make more money by simply mining legitimately. That’s the beauty of proof of work as defined by Nakamoto consensus.
Will Zcash contain a backdoor?
Is Zcash used for illicit activities?
ECC commissioned the RAND Institute to conduct research into Zcash usage for illicit purposes. The research revealed no evidence of any substantive use of Zcash for money laundering, terrorism financing or trade in illicit goods and services. The report also found, "the governance of Zcash and its branding by ECC as compliant with the relevant AML/CFT regulations may make it less susceptible to exploitation for illicit or criminal purposes."
Read the report.
Where can I use my Zcash?
Zcash is supported at top cryptocurrency payment providers, including Flexa and Gemini Pay. Today, Zcash can be used at more than 39,000 major retail locations, coffee shops, movie theaters and more. Privacy is necessary for both a medium of exchange and store of value and we are working with partners to support new use cases for Zcash. Hundreds of merchants and nonprofit organizations already accept Zcash. Check out PaywithZcash for a crowd-sourced directory of places to use Zcash. Learn more about the State of Zcash Adoption.
Cryptography, Protocol Design, and Network Upgrades
What is a zero-knowledge proof? How does Zcash integrate it?
Zero knowledge proofs are a scientific breakthrough in the field of cryptography: they allow you to prove that a statement is true without revealing the statement itself. Think about this example: if you want to prove you are old enough to drink alcohol, you generally have to show your ID card which reveals a lot of information about you beyond just your age. Your ID card can reveal your address, your face, your height - all of that has nothing to do with your age. A zero-knowledge proof could let you prove that you are old enough to enjoy a cold beer and only that. Zcash uses a particular type of zero-knowledge proof called zk-SNARKs (or "zero-knowledge succinct non-interactive arguments of knowledge"). These zk-SNARKs are used in any transactions that involve shielded addresses. Dive deeper into zk-SNARKs and how they work in Zcash on the explainer page.
What is the "trusted setup"?
A set of public parameters is required in order to generate zk-SNARKs, the specific proof required for Zcash shielded transactions. In Zcash, generating these public parameters is known as the "trusted setup" because you have to trust the players involved in the process. Zcash has had two trusted setups, the Ceremony in 2016 just before the launch of Sprout and the Powers of Tau that concluded in early 2018, just before the launch of Sapling.
In Zcash, the process generating the public parameters was split between a number of people, each of whom generated a piece of the parameters during what we refer to as the Zcash Ceremony. These pieces were then brought together and combined to create the public parameters. This process also produces a by-product (which we have nicknamed the "toxic waste") that could theoretically be used to subvert the blockchain by creating fake coins that are indistinguishable from real ones (the relationship between the public parameters and this toxic waste is similar to that between a public key and a private key). It is therefore important that this toxic waste be securely destroyed. As long as one of the people involved in generating the parameters destroyed their portion of the "toxic waste," there is no way to subvert the parameters. Eventually, Zcash could eliminate these setups altogether with cryptographic breakthroughs such as Halo. For technical details on these parameters and documentation of the Ceremony including participants' destruction of "toxic waste" shards, see our Parameter Generation explainer page.
What operating system do I need to run zcashd or zebrad?
Electric Coin Company provides download instructions for zcashd for a variety of operating systems: Docker (containerized DebianOS), Debian/Ubuntu, Other Linux Systems ("best-effort" supported), macOS ("best-effort" supported).
ECC does not currently support Zcashd & Zcash-cli on Windows. We do not have documented instructions to build Zcashd & Zcash-cli on Windows, and do not recommend doing so. However, it is technically possible to run on them on Windows with a cross-compile from Debian. More detailed instructions are available in Zcash's documentation.
What is a network upgrade for Zcash?
These are non-backward compatible updates that require an upgrade to all Zcash full nodes and wallets. Each network upgrade has a name and associated versions. Check the network information page for upcoming and past upgrades. Electric Coin Company plans for regular network upgrades approximately two times a year. Once the code is finalized for a network upgrade, the next release of zcashd has that block height hard-coded in. The activation date is selected to be at least 3 months after the first code release with the upgraded protocol. This means users have a 3-month window in which to update their zcashd software.
How do I prepare for a network upgrade?
Detailed instructions for preparing for a network upgrade can be found in Zcash's documentation: Network Upgrade Guide and here. If you use a third party service, such as an exchange or hosted wallet, verify that they support the new network upgrade. If you use zcashd directly and you have upgraded within three months of a network upgrade, there are no further actions to take. If you issued transactions near the time of the upgrade, you may need to resubmit them. If you use zcashd but have not upgraded within three months of a network upgrade, it will reach the end-of-support (EOS) halt and exit with an error message prior to the upgrade. If you have set "disabledeprecation" in your configuration file or you are using third party software which has done so, you are in danger of splitting off from the upgrade and remaining on the old protocol.
Does Zcash have multi-signature transactions?
Yes, transparent addresses support multi-signature transactions but shielded addresses do not yet. You can see the difference between single-signature and multi-signature transparent addresses with their starting characters: "t1" and "t3" respectively.
How will Zcash be created?
Like Bitcoin, Zcash is a mined cryptocurrency, which means that new ZEC are created each time a block is added to the Zcash blockchain. New blocks are created roughly every 75 seconds (1.25 minutes). The monetary supply curve mirrors Bitcoin's, except that, because Zcash's blocks will be mined 8 times as frequently as Bitcoin's, the number of ZEC created per Zcash block are an eighth the number of BTC created per Bitcoin block at the equivalent block height. The first weeks after Zcash launch were a "slow-start" mining period.
What mining algorithm does Zcash use?
Zcash currently uses Equihash as the proof-of-work for block mining in Zcash. Equihash is a proof-of-work algorithm devised by Alex Biryukov and Dmitry Khovratovich. It is based on a computer science and cryptography concept called the Generalized Birthday Problem. As of May 2018, Zcash's Equihash parameters have been implemented in custom hardware ("ASIC") miners. ECC is closely monitoring the effectiveness of alternative consensus algorithms such as PoS and will continue to evaluate as part of our long-term roadmap to increase scalability and sustainability.
What are the general characteristics of a Zcash block?
- Average block time: 1.25 minutes (75 seconds)
- Maximum block size: 2MB
- Block Reward: currently 6.25, 3.125 after November 18, 2020
- Each 4 year period, the ZEC creation amount will halve (from 12.5 to 6.25 to 3.125 to 1.5625 and so on).
What is slow-start mining?
In order to minimize the impact of any unforeseen problems during the launch of Zcash, the amount of ZEC each time a block was mined started at zero and gradually ramped up to 12.5 ZEC after 34 days. The slow-start period ended on December 1st, 2016.
What do I do if my transaction is not being mined?
All transactions expire by default after ~25 minutes/20 blocks and funds are returned to the original sending address. If your transaction expires, the best thing to do is to try your transaction again with some possible modifications.
There may be various reasons why your transaction is not included in a block
- Loss of connectivity
- Transaction fee too low
- Network overload
- Too many transparent inputs (transaction size too large)
We suggest trying your transaction again with:
- Try again with a better connection
- Use the standard fee (0.0001 ZEC)
- Try again later, or increase the fee for high priority transactions
- Use a minimal amount of inputs to limit the size, or increase the fee for large transactions
Governance, Funding and Community
What is Zcash's approach to governance?
Our fundamental philosophy is consensuality. Currently Electric Coin Company and the Zcash Foundation both contribute to research, the protocol, and the reference client, as well as public communications and many other important tasks. The Zcash Community Advisory Panel (ZCAP) votes on major community decisions such as establishing the Community Development Fund and electing the Major Grants Review committee. To better understand Zcash’s approach to governance, check out ECC's Reaching Consensus page.
What is the Zcash Foundation?
The Zcash Foundation is a non-profit entity for maintaining and improving the Zcash protocol in the interests of all users, present and future. Originally, Zcash Foundation was funded through a donation of several Zcash stakeholders. This donation came from the Founders' Reward. After the Canopy activation, Zcash Foundation will receive its funding from the Community Development Fund. Read more about the Zcash Foundation’s mission and team.
How is Electric Coin Company funded?
Electric Coin Company’s earliest investors include Pantera Capital, Digital Currency Group, Fenbushi Capital, London Trust Media, Evolve VC, Naval Ravikant, Niraj Mehta, David Dacus, Roger Ver, Alan Fairless, Ben Davenport, Brian Cartmell, James Nicholas, Jonathan Perlow, Charlie Songhurst, Adam Ludwin, Devon Gundry, Ryan Smith, and Rop Gonggrijp. In the summer of 2016 there was a private raise that included the following new and already established funders: Aaron Grieshaber, Branson Bollinger, Maple Ventures (Amir Chetrit and Steven Nerayoff), Brian Cartmell, Vlad Zamfir, Roger Ver, Digital Currency Group, Barry Silbert, Charles Songhurst, Fenbushi, Shapeshift, Erik Voorhees, David Lee Kuo Chuen, Fred Ehrsam, Sebastian Serrano, and Li Xiaolai. Prior to November 18, 2020, ECC received funding from a strategic reserve portion of the Founders' Reward. With the activation of Canopy, Zcash’s fifth network upgrade, ECC now receives a portion of the Community Development Fund.
How is Zcash development funded?
From October 28, 2016 through November 18, 2020, 10% of the Zcash monetary base went to a fund called the "Founders' Reward." The Founders' Reward was distributed incrementally over the first four years of mining and established continued incentives and resources for the founders to improve the value of the coin. Unlike a pre-mine or an Initial Coin Offering, this structure offered little or no opportunity for the founders to pump-and-dump. After four years, the Founders’ Reward ended. After a year-long process of community discussions, a new Community Development Fund was established with the activation of Canopy.