This week on The Defiant podcast we speak to Zooko, the founder of Zcash.
He’s a crypto OG who wrote the first-ever blog post about Bitcoin and contributed to its early development before starting the privacy-focused blockchain.
Privacy remains one of the hottest issues in crypto after the U.S. Treasury’s recent move to sanction Tornado Cash. And when using the biggest blockchains, Bitcoin and Ethereum, transactions are publicly visible on-chain. Zooko wonders if users really want all their financial information out in the open.
Zcash aims to provide users with the choice to transact privately in crypto. Zooko believes the ability to consent to what information is made public is more about freedom than privacy and he thinks that eventually, this will be expected in the blockchain space.
We explore what a private transaction using ZEC actually looks like, with shielded addresses visible only to the sender and receiver.
The level of control governments have managed to exert on a space that was seen as censorship resistant has sent crypto enthusiasts spiraling. We talk about what this means for the future and if Zooko is concerned about governments imposing sanctions on Zcash.
Finally, Zooko talks about The Electric Coin Company’s future plans, which include moving Zcash from proof-of-work to proof-of-stake, a standalone wallet, and improved interoperability between different blockchains and apps.
🎙Listen to the interview in this week’s podcast episode here:
🙏 Thanking our podcast sponsors:
1inch is a DEX aggregator that finds the best rates across multiple networks. Why use a single DEX when you can use them all? Find your best deal at 1inch.
Pods stETHvv allows you to accumulate more ETH in only one click. Every time ETH price bounces, up or down, the vault earns more ETH. In this market it’s not a matter of IF price will move, but WEN.
ZenGo a crypto wallet that uses biometric encryption, 3FA authentication and MPC wallet cryptography instead of private keys.
ApeX Protocol: Engineered for high-performing precision trades in the decentralized derivatives market.
👀 Only paid subscribers have access to the full interview transcript below.
Cami Russo: I’m very excited to have Zooko here on The Defiant Podcast. Zooko, welcome, it’s great to have you here!
Zooko Wilcox-O’Hearn: Hey, thank you, thanks for inviting me.
CR: Of course, welcome. So Zooko Wilcox is a founder of the privacy-focused blockchain, Zcash, and CEO of the Electric Coin Company, a for-profit company leading the development of Zcash… He’s made such a huge impact on the space — I’ve been following him for years, and I’m a bit starstruck to have him on the podcast. But right now, it’s especially interesting to have a conversation with Zooko because of everything that’s happening around Tornado Cash.
So as we’ve discussed in the podcast before, Tornado Cash, this cryptocurrency mixer, was sanctioned by the U.S. Treasury Department in a very unprecedented move where regulators are sanctioning a protocol, a decentralized application, instead of an entity or an individual. And that’s really affected every user’s use of Tornado Cash for the very legitimate reasons of maintaining privacy while transacting on public blockchains. So Zooko, having founded one of the first, if not the first, cryptocurrencies enabling more private transactions, I’m really interested to hear your take on all of this.
To start though, I want our listeners to get your background and your involvement in crypto — you are a real OG — we’ve had some OGs on this podcast, but you’re from the very, very early days of crypto, even before Bitcoin. So yeah, I would love some of that story, and then [the story of] what led you to start Zcash?
ZW: Well, I was super interested in computers since I was a little kid, and I got interested in cryptography and encryption because of Phil. Zimmerman’s ‘Pretty Good Privacy’ application. That was one of the sparks for the first crypto wars in the 1990s. Do you know about that story?
CR: No.
ZW: This guy named Phil Zimmerman wrote an encryption program for Windows or MS-DOS or something back in the day, and he distributed it for free to everyone. It came with a little text file called something like PGP1.txt, or something like that, on MS-DOS. And that text file was a manifesto that said having private communications between people is an important part of human life and that this new computer revolution that’s happening in the 1990s could threaten that, and that cryptography offers a way for us to preserve that part of humanity, despite computers.
CR: Is that The Cypherpunk Manifesto? Or is that a different document?
ZW: This is a different document, this is the text file that came with PGP — I don’t know the proper title of it. It was what I discovered when I was probably about 17 years old when I downloaded PGP from a bulletin board system over the phone line. And it was my first exposure to cryptography as political activism. Then there’s The Cypherpunk Manifesto from a few years later, which was also very influential to me, that was written by Eric Hughes. And that one, The Cypherpunk Manifesto really holds up. I haven’t reread the PGP text file in a couple of decades — I should reread it and see if it holds up. But The Cypherpunk Manifesto I reread every few years, and it seems more and more relevant every time. So all of your listeners should go read The Cypherpunk Manifesto by Eric Hughes.
The negative impacts of digitization
CR: I agree. There’s this part about cryptography being like the clippers around the barbed wires, there was this great metaphor around cryptography being this great tool [and] enabling freedom that really stuck with me from that. Okay, so that opened your eyes as to the potential for cryptography to be a tool for activism, specifically around privacy. So what happened next? Did you just dive straight into becoming a cryptographer and experimenting with all this stuff? What happened?
ZW: Well, let me object. For me, when I was young, it wasn’t really about privacy — it was about freedom, and that’s why I kind of disagree with your introduction of Zcash as a privacy-focused coin. I don’t really think Zcash is a privacy-focused coin, at least in my view. But I don’t get to control what Zcash is, so if other people think it’s a privacy-focused coin, then it is because it is yours as much as mine.
But the way I think about it is that people need tools — economic tools, tools to do their lives, which empower them and are fair and open and equitable, and give them freedom. And there’s a whole lot that needs to go into that, that the crypto community has not yet achieved to make it normal for normal people. Like, it has to be usable and make sense, and not require education before you can use it. It has to be fast and reliable and all that, and that you can use it — like you can go buy a coffee or an ice cream without exposing your private information to anyone, without putting yourself at risk. That’s just normal, that’s not a special thing, that should just be the expectation that everyone has about everything.
CR: For those listening, Zooko is holding up his t-shirt that says [Zcash’s slogan], ‘privacy is normal’.
ZW: Privacy is normal, it’s normal for mainstream things. And I think it’s a funny sort of inversion in the popular discourse where some people want to portray tools that give people free expression and free choice as being like radical, weird novel newfangled things — that’s the opposite of reality. Like, everyone had the ability to spend money freely, under their own choice and their own consent, and in privacy, until about 10 or 15 years ago maybe. And everyone always had the ability to have a private conversation with their friend with no exposure, no risk, not not having to think what other people are going to think about until like 10 or 15 years ago. I think this is what Phil Zimmerman’s manifesto text document might have said back in 1990, or whenever I first read it — I need to reread it — but these kinds of tools are really just preserving and restoring normal old time-tested conservative values and social structures.
CR: When you say that changed 10 to 15 years ago, what exactly happened at that point?
ZW: What happened was the internet revolution took off and companies that were trying to figure out how to make products and services that people could use through the internet tried all different business models, and only one of them really worked and scaled up. And that was the advertising business model, and that inevitably led to a concentration of surveillance capitalism in three or four corporations, and inevitably led to people’s private information being mined and exploited for profit — but not profit for the people, profit for the three or four corporations. And in parallel, or maybe as a consequence of this, various governments around the world saw that and craved the ability to monitor and control all of their population, all the time. And so all of our different nations and societies have sort of unwittingly slid into this novel, risky, inhuman situation without anybody really thinking it through or intending it, or necessarily being okay with it. This is just how it worked out.
CR: Right, it’s clear to see how this has happened for information — that’s controlled by these huge internet giants like Facebook and Google. But what about transactions [and] the financial system? Historically, the way that people have been able to transact privately is pretty much just cash, because otherwise, if you’re going through the banking system, that’s not really private. What do you think, has that changed over time?
ZW: Things have changed dramatically during my lifetime in that way, both with cash and with the banking system — in part due to the Patriot Act, before that in part due to 9/11, and before that, to Richard Nixon’s war on drugs. But largely just due to the digitization of life. Computers, information technology, and smartphones have made everything digital, and that has accidentally had this side-effect of making everyone monitored and vulnerable to these few centralized organizations. But that wasn’t the intent and it’s not necessary, but that applies to finances as well. It’s distressing to me to hear that young people today think that the monitoring and control of people’s finances is normal, because it’s not. It’s brand new, that wasn’t the way the world was when I was born. And it’s not the way, as far as I know, any thriving democratic society has ever survived for long — with control of either thoughts and information and speech, or with transactions and economics and voluntary arrangements between people to cooperate on stuff. Having there be some centralized entity, like a mega-corporation or government, or, two or three of them that has even the possibility of exercising that degree of control over everyone else, is really unprecedented in human history. Its never been possible before information technology took over everything.
CR: Right. So the fact that information was digitized, including banking information, that has enabled power to be concentrated, and for that surveillance to happen by a few entities.
ZW: Right.
Zooko’s journey with cryptography
CR: So how did that impact your views and your involvement with crypto?
ZW: Well, before Bitcoin, I got really into cryptography for freedom, and specifically for me, it was because [of] two reasons. First of all, freedom is just moral and valuable and necessary for human dignity. But secondly, because freedom is necessary for the economy and national security, and having a stable and thriving society. So I always thought from the beginning, meaning when I discovered Phil Zimmerman’s program and manifesto, the Cypherpunks mailing list, the internet, and all this exciting stuff like the world wide web, and DigiCash, I thought this is the stuff that can enable people to cooperate across distances and across national borders around the world.
Human cooperation is one of those things that has a network effect, like having a thousand people in your community that you can share with or trade with or cooperate with is much more limiting than if you have a million people, or if you have a billion people — the more people you can share with and help each other out, the more everyone benefits. So I thought this whole internet thing is really going to unlock the potential for humanity to benefit one another, benefit themselves, and make everything better for everyone going forward. But it also needs economics. The internet just gave us the ability to communicate with each other freely, more or less, it really changed everything. People don’t realize how you couldn’t really chat or communicate with people from other countries before, but you also need the ability to share resources, to donate, to co-invest, to start a joint project together and have both sides have obligations, and all that. And that really unlocks the human ability to create more and more value for everyone.
Ever since then, people perceive some things I’ve worked on — DigiCash, I worked on PGP at one point, end-to-end encrypted file storage, and Zcash — they perceive it as privacy. And I always think to myself, I don’t think that’s exactly what it means to me. It’s okay if it means that to you, but when people say privacy to some people, it means secrecy — like choosing not to share or expose something about yourself, that’s privacy and that’s valid. But I’m also about choosing to share and expose yourself to people. So it’s more about consent or control over your own fate, and what you choose to share about yourself [and] your personhood, with who else you choose to share with — that’s all about consent and freedom, and being able to be your authentic self. The people who choose to share things with certain people are just as valid as the people who choose not to share. So I’m not so much about secrecy, more about consent.
CR: That makes a lot of sense. I think the reason why privacy is highlighted in relation to Zcash is because the default for the most well-known blockchains and cryptocurrencies is to not have that ability to consent to disclose or not disclose — it’s like everything is public and out there by default.
Satoshi’s vision for privacy
ZW: That’s the apparition, that’s the weird thing, which is totally different from cash. It’s totally different from the banking system, and is totally different from credit cards. That whole radical transparency that came out of Bitcoin and got copied into Ethereum is historically unprecedented. It’s radical, risky, and weird, and probably totally unacceptable to almost all normal users for almost all normal usages. And the only reason it’s there is because Satoshi couldn’t figure out how to include the privacy that he wanted to include in the first version of Bitcoin. Do you know about that story, how that worked out?
CR: No.
ZW: I’m the author of the first blog post ever written about Bitcoin. And when Satoshi put up the Bitcoin.org homepage, like 2009… or [when]ever, when he was launching it, he linked to my blog on the homepage. I don’t have any secret information about Satoshi’s identity and I don’t want to because you should respect other people’s consent about things like that — like we were talking about — but it’s clear that Satoshi came from the same community I did, the same ethos of political goals with technological meanings. I exchanged a couple messages with Satoshi on the Bitcointalk forum, and a lot of the other people who were involved in Bitcoin from the very earliest days — we all used to hang out together on the same IRC channels (IRC was the chat room for coder activists back then), and I contributed some security auditing to Bitcoin in the early days and stuff.
So my point was me, Satoshi, Hal Finney, and all of the other contributors who were much more important than me for the early development of Bitcoin considered freedom to be the point. Like, why do all this? Why is it better? Why should it exist? [The] answer [was] freedom, and privacy was a necessary part of freedom. It was freedom from central banks, so you had the non-discretionary monetary policy and it was freedom from any actors out there who want to monitor and control everyone else’s financial activity — so [Bitcoin] needed privacy. That was the ethos and the discussion among all the developers, but we just failed, we just couldn’t figure out how to do it. And I couldn’t either, not that I was that involved, Bitcoin was a revelation to me. And once I saw it and I posted that blog post in like 2009, that was the first time I started really taking it seriously [and] trying to contribute to it.
From that point forward, nobody could figure out how to make Bitcoin private. And in 2010, Satoshi and some other folks had a conversation about this on the Bitcointalk forum, where somebody suggested we could add encryption into Bitcoin, if only we had zero-knowledge proofs. And they looked into that and Satoshi said something, and I really like the way he phrased it — I really admire Satoshi in so many ways. And one of them was he phrased it in terms of user experience for norms, that’s how we talked about it. He said ‘yeah, if we could figure out how to use zero-knowledge proofs, we could make a much more usable, easier version of Bitcoin’. But they couldn’t, the zero-knowledge proofs in 2010 weren’t scientifically mature enough. So they looked at it, they studied it, and they said ‘no, it won’t work’. And then, about four months after that, Satoshi disappeared from the internet forever.
Then, about three years after that, a bunch of other scientists came up with a breakthrough in zero-knowledge proofs which made them efficient enough that we could use it in Bitcoin. So then those scientists proposed it at… I think it was the 2013 San Jose Bitcoin conference. They said ‘look, hey everybody, there’s these new zero-knowledge proofs’, and we figured out how you can combine encryption and Bitcoin together using zero-knowledge proofs.
It’s like blockchain is this thing, [and] encryption is this thing that Phil Zimmerman and a bunch of other people had developed decades earlier, and had successfully made it part of humanity’s legacy of known science and known tools to have encryption. And that was the first crypto wars in the 1990s, to prevent different arms of the U.S. government from banning it, or making it a military secret, or whatever. And then Satoshi discovered blockchain in like 2008, 2009, and that was the first time we had decentralized shared state in computer science. But then, Satoshi tried to combine the two and couldn’t — why? Because we didn’t have zero-knowledge proofs yet. So the third thing is zero-knowledge proofs. With your knowledge proofs, you can combine encryption and blockchain…
So the scientists proposed that, they saw how they could combine blockchain, the appended-only property, the immutability property of blockchain, into the encryption property of cryptography. And they proposed it at the 2013 San Jose Bitcoin conference, as an upgrade to Bitcoin. They said ‘look, here’s a change we can make to the Bitcoin protocol that would enable this’. And the Bitcoin core developers who were present — I forget which ones, there were lots of the Bitcoin core devs from the 2013 era who were at that conference — they had a slot on stage to give a talk.
At the beginning, they said ‘okay, we’re going to give our talk, but first we gotta talk about this new proposal, we hear the buzz that everyone is talking about, this new idea to add this zero-knowledge proof based encryption into Bitcoin. And we just want to be clear. We are definitely not going to do that anytime soon, it’s way too new and inefficient and risky, and Bitcoin is way too important to be experimenting on. People should try that out in an altcoin first, and then if it proves out, we could consider adding it into Bitcoin in the future’. So that was the end of the upgrade that Satoshi had dreamed about like three years earlier, before he disappeared.
So then, those scientists contacted me. I already knew about their work, I’d read their science papers. And I thought based on my knowledge of cryptography, information security, computer science, and software engineering, I thought this is the first thing that could actually work. This is the first-ever design that could combine global open decentralization with end-to-end encryption, even more so with effective privacy. Because I was familiar already with things like Monero, mixers, the whole idea of making a different Bitcoin address every time you do anything, and I knew that none of those would ever work. So when I saw this new science proposal, I was really excited. I was like ‘yes, that’s the first thing that could ever actually work’. And then, much to my delight, the scientist behind it called me and said ‘we’ve invented this cool thing and we want it to become an industrial-strength, widely used tool’. And they said ‘we’re beginning to realize that this won’t happen as a side effect of our grad students’ PhD thesis’.
But the next part of the story is that I said ‘no’. I said ‘well, Bitcoin already has a head start, and I imagine that Bitcoin could be the mainstream thing that everyone uses for all their business activities, savings, and transactions’… This is the story of how I realized that it’s not about privacy, but we’ll get to that… So, I told them ‘no’ when they called, I said ‘well, I could spend more or less the rest of my life trying to make that work, but if it was only used by the tiny subset of people who are especially libertarian, or they’re currently being hacked, or something so they really need privacy, then it wouldn’t really help society that much if Bitcoin remained the mainstream economic tool’. And then I slept on it. The next morning, I was thinking ‘wait, you can’t use something that exposes all of your private data for your business investments, or your business operations, or your payroll, or your personal savings, or your retail purchases, or your loans, or anything — so actually, Bitcoin cannot be the mainstream thing’. So that’s when I called him back the next day and said I was willing to set aside everything else I was doing with my life and commit to making Zcash.
CR: Wow, amazing.
ZW: That’s why I don’t think it’s about privacy, I think that it’s just what you need to have a normal, old-fashioned economic system that everyone can participate in safely, like they expect.
Zcash and the dominance of blockchains without private transactions
CR: Yeah, I think that’s absolutely right, and it should be obvious. But still, Bitcoin and Ethereum are the most popular cryptocurrencies, and they don’t offer those safeguards, or that ability to consent. So why do you think that’s the case? I get the head start, and that’s a huge advantage to Bitcoin. But in this decade, the blockchains that do offer that option of having or not having privacy could have taken off and surpassed it — why do you think that hasn’t happened?
ZW: That’s a good point about the head start, and the head start was largely originally on technology grounds because Satoshi and the other Bitcoiners were trying to add privacy, but we didn’t have the necessary technology yet… The zero-knowledge proof breakthrough that we needed came out in 2013, and then we worked as fast as possible to launch Zcash as soon as possible in order to make sure it was available to everyone before it got banned — that worked and it’s still not banned.
So, there’s the head start in technology, there’s the head start on all those other network effects — liquidity, branding, the network effect of developers on Ethereum. And also another reason why I think it hasn’t changed yet is most people not really understanding the consequences of it yet. But I think that’s been changing.
If you think back, what was it three or four years ago maybe — before Cambridge Analytica, before sort of a bunch of hacks — there was a widespread complacency or disinterest in these issues. And I feel like that’s really changing now. There’s now dissatisfaction and concern, but a sort of widespread nihilism that there’s nothing that can be done, like we’re all doomed. But I think that’ll change too, because we’re totally not doomed. Like, there are working alternatives that support human rights, human dignity, and a more vigorous and resilient economy. So I think people are going to become more and more aware of it going forward.
CR: Is Zcash able to support all the computation that Ethereum supports?
ZW: Great question. No, but let me, let me spin a possible hypothesis for you and see what you think. Zcash started life as a clone of the Bitcoin design. So the same old Proof-of-work mining, almost everything the same. And we just added the protection optionally for users who wanted protection of their assets. It only supports the ZEC token, there are no other tokens on Zcash other than the ZEC token. And it doesn’t support any smart contracts or dApps, but there are some virtues to that — [it’s] simpler, and fewer things can go wrong.
I have this hypothesis that I’d be interested in your feedback on, Camila. And I open my phone and I want to Snapchat my friends, I have no information or concern about what cloud services the backend is using — AWS, a Facebook data center, or both? I don’t care, I don’t care which data center it uses. My hypothesis is that’s going to be true of web3 apps. You’re going to open your phone, you’re going to be like ‘oh, I want to chat with my friends’, and maybe you send and share NFTs with them, or play games, pay them back for dinner, or whatever — you are not going to know and not going to care which blockchain or blockchains are behind that. You’re going to care about what apps your friends are on so that you can text them or interact with them or your business partners.
If you need to engage in a contract or pay some bills or whatever, you really care which tool you can use to get the money or the contract to the right counterparties — you’re going to care about the user experience, what it lets you do, and how normal and easy it is to do it. And I think you’re going to care about the asset. Even though you don’t care about the blockchain, whether it’s on Ethereum, Zcash, Bitcoin, Avalanche, or Solana, you’ve never heard of those, you don’t care, and you don’t want to care anymore than you care about AWS-US-East-1 versus Google Cloud Center 2, or whatever… But you really care about the difference between ETH, BTC, and ZEC — those are your financial investments, and may also signal your affiliation, or how you feel, like you’re part of a group with your friends, or a political movement, or at least your financial investment for your long-term, or whatever.
So that’s my… hypothesis. I want to know what you think? Once we have actual usable mainstream apps, then people are not going to know or care what blockchain [they] use. But they’re going to care about who uses it, how usable it is, and what assets they have in it.
CR: So, is your theory or vision that when this happens and people want to either message each other in an encrypted way or send each other transactions that are private, then they’ll choose Zcash or ZEC?
ZW: Yeah, there’s at least a really good probability of that because ZEC currently works for that. Like, I sent you an encrypted ZEC transaction before we started this call, if you check your ZEC wallet, you’ll see like about a thousandth or a hundredth of a ZEC in there, along with an encrypted note [where] both the money and the note are visible only on your phone and my phone, and no other person or device anywhere in the world has any knowledge… The rest of the world has zero knowledge about that transaction.
CR: So that means that somebody could go to the Zcash explorer and look at that transaction and not see what’s in it?
ZW: Yeah, you should definitely do this. Look at that transaction on your phone. Are you doing it right now?
CR: Okay, I have my Zcash wallet, and then what? I’ve never used this before. Do I go to history? Oh, messages. Oh, okay. I see that.
ZW: Alright, you got a transaction. If you touch it, does it show you the amount and the note?
CR: Okay, the note says ‘thank you for including me in your podcast, Zooko.’
ZW: That’s right, that’s the one I sent. Now, you can probably get the TX ID?… So cut and paste the transaction ID. Open a block Explorer — I would recommend Blockchair.com…
CR: Okay, I’ve just copied the transaction ID. Okay, it’s taking a little bit to connect to Blockchair.com…. Okay, there we go, it loaded up. Pasted.
ZW: Okay, so now you can see everything that the public can see… on the blockchain… — the Zcash miners, all the block explorers, Chain analysis, and everyone else in the world. But what’s interesting is what they can’t see. So if you scroll down, it’ll say…
CR: ‘Shielded’.
ZW: Yeah, it says ‘sender: shielded’, and that means there’s zero knowledge about which address, wallet, or person sent that transaction. Then it says ‘receiver: shielded’. There is zero knowledge on the blockchain about your wallet, your address, or anything else you’ve ever previously done, and there is zero knowledge about the amount you received.
CR: Well, it does say transferred ‘from: shieldedpool’ and it says the amount, it says 0.001 ZEC.
ZW: Well, that’s the fee that I paid to the miners.
CR: Okay, so it says ‘transferred from pool’ that amount. And then it says transaction fee. And then it says ‘sender: shielded’ and ‘recipient: shielded’.
ZW: …Hold on, I’m looking up how much I sent you. The amount that I sent you is encrypted. The amount sent is end-to-end encrypted.
CR: Yeah, you’re right, it’s a different amount. So, you sent me 0.01 ZEC, a hundredth of a ZEC. Okay, so what Blockchair is showing is actually the fee?
ZW: The transaction fee that I paid to the miner. The amount that I’m paying to the miner is publicly visible, because the first miner that mines the block gets to collect that amount. So you can’t really end-to-end encrypt it because any minor can get it and see it, and also it doesn’t give away anything because every transaction pays the same amount to the miner — the mining fee is not private information.
Now the fact that I sent you one one-hundredth of a ZEC is private information, and nobody, [even] Blockchair doesn’t know that — only you, me, and in the future, all your podcast listeners know how much ZEC I sent you, but that is consensual on our part, we chose to disclose that. And that’s fine, that’s valid, we don’t have to be super secretive in order to be valid, that’s why consent is more important than privacy.
And there’s one more thing that’s in there that nobody can see, and that’s the message. The encrypted memo is encrypted from my device to your device, and neither Blockchair nor any Chainalysis company or anybody else can access that other than your device and my device, and anyone that we consensually choose to share it with.
CR: Right. That’s obviously different from transacting on Ethereum where those memos are also public.
ZW: Yeah, very different… Do you know about encrypted love notes in the blockchain
CR: On Zcash?
ZW: There are at least five — I’ve lost count of how many couples have told me or shown me… Two of them exchanged encrypted love notes through the Zcash blockchain as part of their wedding ceremony — two different couples… But they showed me selfies of having their wedding ceremony and sharing encrypted love notes on the Zcash blockchain as part of their wedding ceremony. A third one, they exchanged encrypted love notes [through] the Zcash blockchain when they were first dating, and then like four years later they got married.
So this is actually a thing, there’s a trend. You’re combining the permanence of a blockchain with the privacy of just you, me, and who we consensually choose to include. I like to imagine it’s like you’re carving your initials into a tree trunk with a love heart, but anybody else who walks by, they just see the normal tree trunk, because it’s like a magical thing. But only when they look, two lovers, when they walk by, they see their initials in the tree trunk.
Using Zcash on centralized exchanges
CR: I like that analogy in the blockchain, that’s really romantic. Okay, I think it’s interesting to include what you were telling me before about sending ZEC to and from Coinbase. How does that work, using a centralized exchange with this technology?
ZW: Absolutely, thanks for bringing that up. I think that when people think about privacy, they get confused, and I do too. I’ve learned that if I try [to] think about it in a different way than the word privacy, it helps me not get confused. So a lot of people have chatted with me and they say the following thing, they say ‘oh, I care about privacy, I want to try using Zcash’. And I’m like, ‘great, go ahead, install a wallet, let me know how it goes’. And then they get back to me like a week later and they say ‘oh, I couldn’t, I couldn’t find a non-KYC exchange that would sell me Zcash, so I can’t get Zcash privately, so I gave up’ — I think that’s really wrong and confused…
How do I put this, I could say it using the word ‘privacy’. Let me try saying it using the word ‘privacy’, and then we see if I could say it better or differently without using the word ‘privacy’. Okay, the way to say it with the word ‘privacy; is you get privacy from having a Zcash wallet. Camila, when you installed Zwallet or whatever that one is on your phone, from that point forward, any Zcash you put into that phone, you get privacy around that. And it doesn’t matter if the Zcash came from Coinbase, you go ahead and log into your Coinbase account and buy some Zcash and withdraw to your phone sometime, and tell me if I’m right. So that’s one way to think about it.
If you say it without the word privacy, then I guess… you would either say one of two things. I don’t want people, including Coinbase, to know what I do with my money. Or you could even say ‘I don’t want Coinbase or the U.S. government that they report to… to know that I bought Zcash. But now that you’ve chosen one, don’t use the word privacy… you’ve got to pick one — you’re going to think more clearly because the word ‘privacy’ could mean either.
But if you have to pick one, now you get to think clearly that you can’t buy Zcash from Coinbase without Coinbase knowing that you bought Zcash from Coinbase. So, if this is the one you want, then yeah, you’ve got to find a different exchange, or meet someone face-to-face in the park, or whatever. But if it’s the other one that you want, like ‘I want to have money in my pocket, I’m going to buy something with it at some point, and I just want that to be between me and them’. Well, in that case, it’s fine to buy your Zcash from Coinbase. You buy your Z cash from Coinbase, you withdraw it into your wallet, you keep it there. And this is just like… hold[ing] cash in pocket.
CR: I mean, not so much anymore.
ZW: Okay. So, I’m an increasingly rare person. Young people today apparently never walk around with cash in their pockets. But when I was a kid, you walked around with cash in your pocket, and the security and the consent properties you get from Zcash are a lot like that. Like, I go to the bank, the bank teller or the ATM or whatever knows my identity. I withdraw $100 from the bank and I put it in my pocket. And now, at some point, I’m like ‘hey, I want an ice cream, hey, I wanna buy a used bike, whatever it is’. But that part has nothing to do with the bank, right? The bank has no knowledge, no control, no responsibility for whether I buy an ice cream or used bike, or what[ever]. And that’s the way Zcash works. You can go to Coinbase, Coinbase is basically a bank — it knows your KYC information, it has a scan of your driver’s license or whatever — you can withdraw a hundred dollars worth of Zcash into your phone, and from that point forward, Coinbase says zero knowledge or control over what you do with the Zcash in your phone.
CR: If somebody were to identify or link your identity with your Zcash address, they could do that. But I guess they wouldn’t be able to get a lot of information from that?
ZW: Yeah, like we did earlier in that live demo that we did, remember how you scrolled through Blockchair and [it said] ‘from: shielded’ that’s because your address doesn’t appear on the blockchain. So that’s really different, and I’m glad you did it because when people actually walk through it, then they realize ‘oh, wait, I’ve always assumed that addresses appear on the blockchain’. Like, all Bitcoin addresses appear on the Bitcoin blockchain, all Ethereum addresses appear on the Ethereum blockchain, but Zcash shielded addresses just never get posted.
Like, I know an address of yours because you texted it to me so that I could send you that test transaction. But even knowing that address, if I go look through the block Explorer, I can’t tell how many transactions. which transactions, with whom or how much, or what encrypted love notes you’re exchanging with someone else on the Zcash blockchain. Even though I know your address, I can’t learn anything about you.
The U.S. Treasury Department’s sanctions targeting Tornado Cash
CR: Interesting. Okay, that’s totally different from Ethereum and Bitcoin. What do you think about criticism that these types of technologies — [like] Tornado Cash, [which] is trying to make something like this work on Ethereum, and that’s why it’s been sanctioned because criminals, or hackers, or this group that’s linked to North Korea was using tornado cash for some illicit activity — there’s this criticism that privacy-enabling technology is being used by criminals, and therefore that technology should be shut down, or that technology is evil, or shouldn’t be out there?
ZW: Well, I disagree with that idea. I think freedom and consent are normal and are good for society, and that it’s part of the American way and American values. And that’s why nobody’s trying to immigrate to North Korea and they are trying to immigrate to America. Why? Because our values are better, including this one.
But I also would push back on the general idea… the OFAC sanctions against Tornado Cash weren’t targeting privacy. They were targeting the horrible regime of North Korea and the hackers there who have stolen billions of dollars from innocent people. I think it’s weird and interesting that they added a smart contract to a list that has formerly only held people and the property of those people, when a smart contract is not a person or the property of a person, but it’s more like a protocol. We’ll see how that plays out.
Not to cast aspersions, but I honestly wonder if they realized what they were doing. I saw the tweet, the deleted tweet, where the Secretary of State said that Tornado Cash was a North Korean government operation, which he deleted. There’s a lot of unanswered questions about what’s going on, but I would definitely say there’s an overgeneralization that a lot of crypto people have understandably jumped to, which is really broad generalization — like, the government hates privacy and is taking steps to destroy it, and that’s a huge leap for a lot of reasons.
For one thing, different kinds of privacy are required by the government. Like, if you run a business, you’re not allowed to disclose your customer’s private financial data under the wrong circumstances or to the wrong people. For another thing, the fourth amendment, and maybe other amendments to the bill of rights, enshrine freedom from unreasonable search and seizure as a fundamental right of all American citizens. For another thing, there are all these regulators who have different responsibilities — not all of them are counter-terrorism regulators all the time. There’s also consumer protection, investor protection, child protection, health information protection, market efficiency, systemic stability, and a bunch of other goals and mandates that different regulators have. And a lot of those regulators have approved and supported the deployment of Zcash, specifically, more than a lot of other things.
If you look into it, Zcash has been mentioned positively by a lot of U.S. federal regulators in different ways, and ZEC has been added and supported by a lot of regulated entities. The big regulated U.S. exchanges all support Zcash, [also] Grayscale. Anchorage got the first nationwide banking license for a crypto company, and the letter from the banking regulator mentioned Zcash is one of the… coins that Anchorage supported, and so on and so forth… People are really overgeneralizing or sort of confirming what they always suspected or what they thought was an interesting story in the first place, and then because of this Tornado Cash news, they’re like ‘aha, this is exactly what’s happening’, but it’s a lot different in detail.
CR: Right, so the government isn’t targeting privacy specifically, it’s targeting North Korea.
ZW: With regard to that particular OFAC action, yeah.
CR: Right, but the way it’s doing it is sanctioning this protocol. So I think what’s scary is the, the level of control that’s becoming apparent that the government has over what everyone thought was kind of censorship-resistant. So, for example, if Zcash was being used by North Korea, or Russia. or any other kind of state that’s seen as antagonist to the United States’ interests, then there’s nothing to stop the U.S. Treasury Department from placing sanctions on Zcash. I think that’s what is so disturbing right about this.
ZW: Well, I certainly hope that doesn’t happen because nobody wants thieves and madmen with nukes to be empowered and to be part of their world, part of their society, community, or ecosystem. I think we really don’t know. Again, with the Tornado Cash stuff, we just don’t know the facts yet. We don’t know if there’s going to be any charges, if there’s going to be any other arrest. If the guy they arrested, [if] they’re just going to let him go, if they’re going to charge him with something, if they are going to charge him with something with what in the Netherlands?
We also don’t know what’s going to happen with the OFAC sanctions of the Tornado Cash protocol. Like, this has never been done before, how’s it going to work? Is it, there’s a lot of legal and practical questions. And I think it’s kind of cute how the crypto community — there are a bunch of hackers who like computer science, and there are a bunch of like activists or idealists who like to build a better society in a new way, and they’re kind of like the crypto — [it’s] reaction cycle is so much shorter than the government’s reaction cycle. Like, within 24 hours, 48 hours, 72 hours, there’s something new they’re doing, but it’s going to take weeks before we even figure out what was the intention of OFAC, much less what’s going to happen with that sanction action that they took.
CR: So to you, it’s hard to say because there’s so many questions. But are you… concern[ed] that the U.S. government can come after privacy-enabling technologies? To you, that’s not so much a concern because that’s kind of a respected right in the U.S., and really, the reason that they did it is probably something unrelated to privacy and freedom of transacting, etc.?
ZW: I’m struggling to avoid climbing out on the branch of hypotheticals. The facts are that OFAC is a tool of United States foreign policy intended to influence the behavior of these death spots and drug lords or whatever around the world. And the fact is that the Office of the Comptroller of the Currency, the SEC, the New York Department of Financial Services, the CFTC, and 99 other organizations have different mandates and different behavior historically. In particular, with regard to Zcash, if you look into it, Zcash is supported on more or less every highly-regulated U.S. company. And the other fact is that the United States has the fourth amendment, which enshrines the right of the people to be free from unreasonable search and seizure of their papers and effects. And the first amendment and the fifth amendment is a right to due process. So those are all facts.
Maybe, after we find out what the hell is going on with Tornado Cash and Alexey, then we could analyze and draw conclusions like what does this mean, or what does it mean for the future? But right now, it’s pure speculation, we don’t even know what is happening, or what the various parties involved intended, or what they did, or what they were alleged to have done.
CR: Yeah, that’s fair enough. I think we’ll just have to be patient, which is not a very common virtue in crypto… Well, if you have five minutes, I’d love to hear what’s coming next for Zcash… If not, we can wrap up, I know we’re kind of over time.
What’s next for The Electric Coin Company
ZW: Yeah, I have five minutes for that, I just have to watch the clock… so Zcash is a decentralized open-source project, and my company, the Electric Coin Company, we’re the ones who originally built it back in the day, in that story that I told you. Once I decided to commit my life to building this technology for the world, then I recruited like The Avengers, the superhero team of… cryptographers, security experts, and software engineers. and we built and launched that thing. And that gave rise to the zero-knowledge proof industry. Like Zcash was the reason why zero-knowledge proofs became an industrial strength, proven tool, and other people started building on top of it.
Nowadays, the Zcash community has elected to fund a bunch of other organizations outside of my company, the Electric Coin Company. The Zcash community has this consensual thing called the dev fund that they came up with a couple of years ago, where they decided to allocate issuance out of the Zcash issuance schedule to fund Zcash support orgs, and they allocated two-thirds of that to other organizations outside of the Electric Coin Company, and one-third of it to the Electric Coin Company. So there’s a lot of other people that you should invite onto your podcast and find out what their plans are for the future of Zcash.
But what the Electric Coin Company is working on is three things. First, shifting Zcash from Proof of Work to Proof of Stake because we thought that would be a good idea. We always thought it would be a good idea. Actually, we talked about it in like 2017 or something with Vitalik. And Vitalik said something, you can find this tweet if you want, Vitalic tweet[ed] something like ‘move Zcash to Proof of Stake’, and I tweeted something like ‘I’m waiting to see Ethereum do it first and see what blows up’.
CR: <Laugh> Well, you’re about to see.
ZW: Exactly, so we think the time has come. And it’s a lot of work. You know, we met the Ethereum folks before the first launch. They hired us to do security audits of Ethereum before the first mainnet. Ever since we’ve known them, they’ve been working on Proof of Stake, and it’s always been like two years out the whole time, so we know that it’s a lot of work to make that jump — way more work than just launching a brand new thing on Proof of Stake. But that’s our priority.
The second priority comes along with it and that’s interop. And that goes like interop between not just between blockchains, but between products and services. Like, if you open a wallet and you look at it, is it all in that one wallet? Or do you need to open two different apps and cut and paste between them to get what you want to get done, or whatever. So that’s that story that I was telling you earlier, where in the future people aren’t going to know or care what blockchain it’s on, they’re just going to care about what it can get done with which assets and with which counterparties. So that’s our second strategy at the Electric Coin Company, interop.
And then the third one is building our own wallet just to push forward the state of the art of usability. I’m totally dissatisfied with how confusing, error-prone, risky, and inconvenient all the crypto apps are, well, almost all. So the Electric Coin Company is building our own user interface front-end so that we can integrate it with the back-end and find out how usable you can make this, how intuitive, how fast, how reliable. So that’s the third thing we’re doing.
CR: Very cool,… we’ll be following along on The Defiant. And then finally, to wrap up, I want to ask you, how are you defiant?
ZW: I am defiant. I have this imagination, which I get mostly from fiction. Like, have you ever read 1984?
CR: Yes.
ZW: Everyone pause this podcast and go read 1984, and then come back. 1984 by George Orwell. So, I have this really deep-seated sentiment, which is I’m just never going to love ‘big brother’. Maybe the tyrants and the criminals of the world can outplay me, maybe they can have me assassinated or something, but I’m just never going [to] submit. That’s why I’m defiant.
CR: I love it. I think a lot of The Defiant audience members are thinking on the same lines as you are, and that’s why we have crypto, luckily.
ZW: Yeah, thanks to Satoshi and Phil Zimmerman.
CR: Thanks Satoshi! <laugh>. And thanks, Zooko, it’s been a pleasure, really. Thank you so much for taking the time to chat about such important topics, I really appreciate it… We’ll be following all of your work going forward.