Could you please tell us a bit more about the history of the Zcoin project and explain us the reasons which push you to work on the Zcoin project?
Poramin worked on how to practically implement Zerocoin tech while he was at John Hopkins’s University under Matthew Green. At that time, Zerocoin only existed as a library called libzerocoin and on academic paper. When he graduated, his first attempt was ZeroVert which although worked, had many usability and scalability issues. With no outside funding, it was also closed source to protect his work. At the time, being closed source meant many people didn’t take it seriously and the Vertcoin community (which it was created for) wasn’t particularly interested in it so the project was discontinued.
It was only after investor funding was secured could Poramin restart the project as Moneta and continue his development on a practical and usable Zerocoin implementation. Moneta was rebranded to Zcoin before launch to reflect its use of Zerocoin technology. Zcoin is much improved from Zerovert with much better performance and because of investor funding, the code could be open sourced and examined by the public. It is noted that there have been many attempts to implement Zerocoin in a cryptocurrency before even using libzerocoin but Zcoin remains the first and only known original implementation of Zerocoin today. All other coins implementing Zerocoin use our codebase.
Many people have overlooked Zerocoin for the Zerocash protocol that is used in ZCash because of its small proof sizes and the strong team behind it and we applaud ZCash for pushing the envelope. We however believe that Zerocoin maintains many advantages over Zerocash such as using much more proven cryptography (RSA), an auditable supply and a short client side computation time for Zerocoin transactions. There is also continuing research in Zerocoin which allows smaller proof sizes addressing its main weakness and also removing the need of a trusted setup. Multiple privacy solutions should be explored and Zerocoin should not be disregarded as it remains to be a very viable solution to financial privacy. We hope that a working Zcoin implementation would lead to renewed interest and research in the Zerocoin protocol.
Working together with Poramin, Aizensou and Sebastian has also been very rewarding and their commitment to the project and friendship drives me to continue working on this project.
What is the real role of Roger Ver and Tim Lee in the project?
Roger Ver was one of the original angel investors that provided Poramin funding to get a working implementation of Zerocoin up. He continues to provide his support through advice, his contribution in various Zcoin projects and his network and contacts in the crypto community.
Tim came in at a later stage in the project but has been instrumental in helping us to penetrate the China market including being listed on BTC38, China’s largest altcoin exchange. He has provided the team significant funding and has helped us build our team. He remains very active in promoting Zcoin in China and has been very supportive of our team.
The investors are generally quite hands off but we seek their opinions for important development direction and decisions. They do however want to make sure we deliver on our roadmap in particular our key features such as MTP, Zerocoin improvements and Znodes.
In general, they too want to see Zcoin to become the premier privacy coin so as long as we continue showing good progress and effort in growing the coin, they will continue to support us.
Among the crypto currencies, there are an average of 900 alcoins. What are the specialities and the strength of Zcoin?
The crypto coin space is indeed crowded but there are only a handful of truly innovative coins that aren’t just copy-cat frankenstein clones of others. We believe that eventually only coins with original and continuous development will survive and we can already witness this with the decline of the old-guard of altcoins in favour of more innovative projects with active development.
Zcoin’s development work is original as the first cryptocurrency to successfully implement Zerocoin. We will also be the very first coin to use MTP, a proof of work algorithm that allows a hard proof of work to be verified quickly and also puts CPUs and GPUs on more equal footing. This promotes fair PoW and decentralization, a problem that is now glaringly present in Bitcoin.
MTP has the potential to revolutionise PoW mining since you can slot in other memory hard proof of work into MTP and make them fast to verify, opening a wide range of new PoW algorithms that were previously not used due to poor verification performance.
We are indeed primarily a privacy coin that competes with coins such as Dash, Monero and Zcash and we feel our implementation has advantages over these implementations in areas such as scalability, auditability, anonymity sets and usability.
Unlike other anonymity methods which involve mixing inputs or funds from other users, Zerocoin totally breaks the transaction links and from a single Zerocoin transaction gives a plausible deniability of several thousands which compares favorably to other anonymization mechanisms which typically give you an anonymity set of less than 10 per transaction (and in many cases by default no more than 5) when compared to Coinjoin or Cryptonote.
Unlike Coinjoin and its variants, it doesn’t require a central server to process such mixing, does not require you to trust any third parties and does not require other users to provide liquidity for a mixing transaction. For example, in Dash which uses masternodes to process coinjoin, although there are mitigation mechanisms where several masternodes perform the mixing and hence no one masternode has a full picture, there is a potential issue when the majority of these masternodes are hosted in VPSes with US jurisdiction. If a government issues an order to monitor those VPSes in bulk (especially when the masternode IPs are known and public), these transactions can be potentially deanonymized. Dash also relies on other people wanting to mix and therefore if no one else is around to mix, your funds may take a long time to be anonymized.
Cryptonote as used in Monero is pretty solid technology but its main weakness is its scalability. It uses a completely different codebase than Bitcoin and currently there is no effective way to prune the database without sacrificing security. Transactions are also pretty large especially with RingCT with each and every transaction taking up around 12kB-25kB in space. In comparison a typical Bitcoin transaction (and a normal Zcoin transaction) is about 250 bytes only.
While Zerocoin transactions do occupy around 25kB, they are not going to be as frequent as regular transactions especially when you can anonymize a 100 coins in one transaction. Also these large Zerocoin proofs can be stored off chain which we intend to implement in our Znodes incentivized node system. As such Zcoin’s scalability path is much clearer. Zcoin, using Bitcoin’s codebase for its coin also can enjoy all the benefits of Bitcoin development such as pruning and segwit. Again our anonymity set per transaction is also many magnitudes higher than Cryptonote in a single transaction.
We are often confused with ZCash that uses the Zerocash protocol which is based of different cryptographic principles. Compared to the Zerocash protocol which uses zk-SNARKS which only Zcash uses, we use proven cryptography such as RSA which is used in many aspects of internet security such as HTTPS and SSH. Zcoin also features an auditable supply while Zcash’s supply cannot be audited. An auditable supply is important in zero knowledge constructs since a flaw in coding or cryptography could allow coins to be counterfeited. This is even more so when zero knowledge proofs require a trusted setup where you need to trust parties to destroy the initial parameters. In Zcoin, this can be detected since our total supply is still auditable while in Zcash, detecting such a flaw is problematic. If compromised, again counterfeit coins are possible. There is also promising academic development in moving to a trustless setup in Zerocoin. You can read more here: https://zcoin.io/zcoin-and-zcash/.
Our privacy tech is built into the protocol, is trustless, doesn’t require liquidity to be provided and offers large anonymity sets. Being based on Bitcoin core also allows us to utilize all the quality development on Bitcoin’s core too and easy integration with existing ecosystems. Being an altcoin based on Bitcoin also allows us to adopt many high quality. BIP proposals that improve privacy such as BIP47 payment codes and BIP151 for peer to peer encryption without having to reinvent the wheel.
Besides financial privacy, Zerocoin also has other potential uses such as anonymous distributed e-voting systems and as Bitcoin is unlikely to implement Zerocoin, Zcoin can become platforms for such systems. Collaboration with smart contract platforms such as Ethereum is also possible in the future after Metropolis and a possible use case is enabling a cross-chain decentralized exchange between the two currencies.
How does the team work together ? (nb of people, dedicated roles, governance…)
We have currently 4 developers with an additional 2-3 joining us in May/June. Poramin does most of the coding for the Zerocoin and MTP sections and Aizensou and Saran help him with other tasks such as wallet bug fixing, Bitcoin Core upgrades or coding for the ecosystem.
We have me as the social/communications manager though at times I function a bit like a project manager. Sebastian Bausch is our Chinese liaison that handles communications from our team to the Chinese team and investors.
We are looking to expand our ranks especially in the marketing area as well and have just engaged several marketers to help us. If they perform, they’ll join us as well.
What did you learn from the Zcoin hacking ?
The Zcoin hack was a tough but important lesson. We were under a lot of pressure to constantly keep coming up with new developments despite our lean team and this overstretched our resources so that we couldn’t properly test or review our code.
Since the hack, we are adopting a more prudent approach with more time on testnet and are in the process of engaging external audits on crucial portions of our code. We are also educating our devs on the Zerocoin code so we aren’t overly dependent on Poramin for those sections and it always helps to have a second eye. We are confident that these things will quickly resolve as our team and funding grows.
We have also implemented some inbuilt checks into monitoring our blockchain so that we can detect such exploits a lot quicker.
The hack also highlighted the importance of the auditability of supply and had this happened in a system like ZCash, it might not have been detected. Even with the best of security audits, there is always a possibility of flaws such as with the DAO that created the ETH and ETC split and even Bitcoin suffered a value overflow bug in its early days. Bugs and vulnerabilities are always being discovered even in mature projects and even more so in new ones. The important thing is that it should be quickly detected and fixed.
Thankfully the damage was limited to only ~1.8% of the total supply of Zcoin and the coins had been all sold on Bittrex at market price over a period of time thus ensuring a fair distribution of the hacked coins.
What are the main objectives of Zcoin for 2017 ?
We are planning to launch MTP and tweak it to be our final mining algorithm and we’re also planning to release Znodes that addresses Zerocoin’s scalability issues. One of our top priority tasks is also updating the Bitcoin Core codebase which would allow us to use many of Bitcoin’s improvements and systems and we would also be doing a code review of our Zerocoin implementation.
There are other ongoing tasks such as stealth addresses, encrypted peer to peer communications, integrated TOR/I2P client support and GUI revamp as well. Once this is in, we can begin focusing on merchant adoption.
As far as I know you are the first ones who decided to implement the MTP technology inside the world of crypto currencies. Why have you decided to implement it today ? What are the advantages ?
MTP is actually a relatively new development and it was first elaborated in a paper in June 2016 by Alex Biryukov and Dmitry Khovratovich, who are also the authors of Equihash and Argon2.
They sought to create a PoW system that was fair in that no single class of device can gain a significant advantage over another and that it would be hard to develop specialized hardware such as ASICS for it. Their idea was to use a memory hard algorithm that was hard for the miner but could be verified very quickly without using much memory.
Previous attempts at making memory intensive algorithms such as Scrypt ran into difficulties as increasing the memory made it slow to verify which is why ASICS could be developed for it. Using MTP, you can slot memory hard proofs of work but retain quick verification with little memory so it has to potential to revolutionise PoW mechanisms by making truly ASIC resistant algorithms without sacrificing performance.
Compared to Equihash, MTP is progress-free as it doesn’t have an initialization time which arguably encourages centralisation of miners. MTP also verifies faster than Equihash.
Could you explain why the Chineese people are so keen on Zcoin ? Was it done on purpose on behalf of your investors?
One of our investors Tim Lee has strong contacts in China and being listed on China’s premier altcoin exchange BTC38 with a CNY pairing greatly attracts Chinese investors. Getting listed on BTC38 isn’t easy and we are proud that they have decided to list us. We are very grateful for the support the Chinese community has shown us. With increasing crackdowns and capital controls by the Chinese government, it is not surprising that Chinese people are rallying behind a privacy coin that they feel is backed by one of their own.
You have published about the very soon launching of the masternodes (Znodes). Could you please explain us the reasons of this choice ? What are the main differences and particularities of Znodes versus DASH ‘ones ?
Zerocoin has some scaling challenges due to the large sizes of its proof and also the relatively long computation time for verification of spend transactions. Znodes would allow us to create an additional layer of incentivized nodes so that they can be more high performance to support the network and to verify Zerocoin transactions while keeping regular nodes light and not burdening the mining pools. Another side benefit is that we have seen that ‘masternode’ type systems provide price stability. In other words Znodes will be tasked with processing Zerocoin transactions efficiently. We also have other ideas on using these nodes as a platform for other services such as decentralised mining pools but nothing confirmed yet.
Dash has really contributed to the cryptocurrency industry by introducing its masternodes concept. Dash’s masternodes provide PrivateSend, InstantSend and governance features. In PrivateSend they rely on masternodes to perform the mixing and although they utilize multiple masternodes, as elaborated before, they all see part of the mixing. If sufficient masternodes are compromised or monitored especially when many of these are hosted in a handful of VPS companies, these transactions can be potentially deanonymized.
In Znodes, even if the VPSes are monitored, due to the nature of zero knowledge proofs your anonymity isn’t compromised. You can also independently verify the Znode calculations if you wish so you don’t really have to trust Znodes like you do on Dash masternodes.
Unlike Dash, we have no immediate plans at the moment on using the Znode system as a governance system. It introduces complexity and politics and in a young coin, we probably aren’t ready for that right now. We already have the founder’s reward which is transparent and we want to avoid any accusations of the devs or initial investors calling all the shots which would be the case if we implemented a governance model into the Znode system.
As for Monero and Dash, can we expect a positioning of Zcoin on the Poloniex exchange platform ? If yes, what would be the main advantages of being on Poloniex ?
We do not like to give news on speculations but Poloniex is of course a goal. Being a truly innovative project, with prominent backers and good trading volume, we see no reason why it shouldn’t be added though at the end of the day that is Poloniex’s decision. Being listed on Poloniex would give us primarily credibility and also increased trading liquidity in the international markets.
We often heard speaking of 2 topics regarding the crypto currencies : governance issues and economical models. What are precisely those two as far as Zcoin is concerned ?
We have a Founder’s Reward giving us 20% of the block reward for the initial 4 years of the project which is equivalent to 10% of the total Zcoin supply. This Founder’s Reward is split equally into 5 wallets, 3 of which go to investors such as Roger Ver and Tim Lee, 1 to Poramin Insom and the final one is a bounty wallet.
I know that there’s some controversy in the founder’s reward but for us Zcoin is not a part time hobby and for some of us, our full time jobs. We are dedicating years of our lives into Zcoin and we wish to be in it for the long haul without resorting to unsavoury tactics and are transparent of what we are getting.
It is also noted that 20% of the Founder’s Reward goes into a bounty wallet which is used to pay off expenses of the project and to fund community efforts. As the price of Zcoin continues to increase, we will be able to do more with this bounty wallet.
We hope to achieve a balance between community, the miners (and with a fair POW who also are hopefully the community) and the devs. It is intended that Znode holders are just a part of the community who are rewarded for providing services to the network. With decentralised mining, we can hopefully avoid the type of issues we are seeing with Bitcoin.
What do you think will be your economical model at the end of the first 4 years of Zcoin existence ?
We hope that with our founder’s reward and with price appreciation we would be incentivised to keep growing the coin as we would be significant holders of Zcoin similar to other crypto projects. We would also host our own Znodes which should give us some passive income.
We may at a later stage form a foundation but we do not see it necessary at this stage of development. We want to get our tech fundamentals right first and a larger community and user base before going through the time and financial expense of managing a separate entity.
World legislation concerning the anonymous crypto currencies is moving at the moment. Do you think anonymous altcoins will still exist by the next 10 years ? In some cases, lack of country legislation may lead to tax avoidance as well. What is your opinion on this ?
This is really difficult to predict though I think if governments are too harsh on it, it will just go underground and create a dark market. You can see governments such as China realize this and try to achieve a compromise by regulating the exchanges rather than the cryptocurrency itself knowing if they banned it outright, they would lose all control over it. With the rise of decentralised exchanges also, killing privacy coins completely would be quite hard.
In my opinion though I’m no tax expert, the tax implications of crypto holdings are no different than let’s say stacks of physical cash except it’s perhaps easier to hide large amounts of crypto holdings. Also through the regulation of exchanges, conversion of coins into fiat still gives an opportunity for the tax collector. I think seeing how the taxation of Bitcoin evolves will give us guidance. Note that in 2015, only 802 reported Bitcoin gains on tax to the IRS so it’s still early days.
What is your vision of the today main anonymous alcoins (Dash, monero, zcash, zclassic, navcoin, blackcoin, aeon, boolberry, shadowscash, PIVX etc…) in the next 10 to 20 years ?
I do think that we will see a consolidation of anonymity technologies to a few good ones. Only a couple have cryptographic setups that have been put under scrutiny. And hopefully we will see clone coins that do not have any real innovation weeded out completely.
Note that Zerocoin development is not at a standstill and as all good available technologies, it can be adopted. There are quite a few ways to improve the Zerocoin protocol but we’re keeping quiet on this right now though we do have some exciting leads such as removing the trusted setup requirement and increasing the efficiency. These are not immediate priorities right now.
What are the main projets of these crypto currency you enjoy the most ? Why ?
There are so many!
Despite the controversies and as they are direct competitors, I actually do quite like Dash, Monero and Zcash. They are each trying to do the best they can in their niches and some of them are really pushing the envelope. It’s always good to pursue multiple privacy implementations.
For non privacy coins, I like what Ethereum is doing with being a smart contracts platform. I’m also particularly interested in the idea of Golem which is almost like Folding@Home expanded to a wide range of uses!
Thank you very much to Reuben, community manager of the Zcoin team!