Mt. Gox was one of the earliest and largest Bitcoin exchanges, processing hundreds of millions of dollars worth of Bitcoin trades every day - right up until it closed back in 2014. Mt Gox announced that they had been hacked, and that 850,000 bitcoins had been stolen. But because all Bitcoin transactions are recorded in the public blockchain, researchers were able to track all of the coins as they moved around the network, and eventually even to figure out who was likely behind the hack. If you’re interested, WizSec has a great writeup about all the work they did.
The Mt. Gox hack coin flow. Image by WizSec Security.
The incident illustrates how Bitcoin is anonymous, because no one know who owns a Bitcoin address, but not private, because everyone can see every transaction on the blockchain. Zcoin is a cryptocurrency exploring the use of Zero Knowledge proofs to create a cryptocurrency that is both anonymous and truly private.
The Zerocoin Protocol
The Zerocoin Protocol is an example of a zero knowledge proof, which is a way of proving that you have some information without revealing what that information is. For instance, let’s say you’re asked to prove that you have a password to a computer by a friend. Your friend stands out of site while you type in the password, and then comes back after the computer is unlocked. You’ve just proven that you know the password without revealing what the password is.
Zcoin uses the Zerocoin Protocol when you send a private transaction by minting a new coin that’s not tied to any previous transactions, thus breaking the chain and removing the possibility of using blockchain analysis to figure out who owns the coins.
In the image above, blockchain (a) represents the Bitcoin blockchain, where every transaction is linked to the one before. Blockchain (b) demonstrates the Zerocoin Protocl mint and spend process used by Zcoin. The Zcoin wallet uses a zero knowledge proof to show that it is entitled to mint a certain number of new coins (while burning the old Zcoins in the process). The new coins appear on the blockchain on a new address with no previous history attached to them. The new Zcoins can then be sent and spent without any loss of privacy.
Like Bitcoin, Zcoin works on a blockchain that is secured by miners. In turn, miners who successfully generate a new block (roughly every 10 minutes) are rewarded with new Zcoins. Currently, ever new block generates 50 Zcoins.
Baked into Zcoin is something called the “Founder’s Reward”, which is a portion of the newly minted Zcoins that go directly to the founders in order to fund future development. This was originally 20% of the newly mined Zcash, but was recently reduced in order to incentivize the creation of Znodes.
Znodes are nodes on the Zcoin network that are incentized to run a full copy of the blockchain and to process Zerocoin transactions. Because of the way Zcoin works, before this change miners were actually incentized to ignore Zerocoin spend transactions because they were computationally difficult and didn’t generate any extra transaction fees.
Anyone running a Znode will be entitled to a share of 30% of newly mined Zcoins (15 every block), but running a Znode will require staking 1,000 Zcoins, which is worth over $100,000.
The use of the Zerocoin protocol requires a trusted setup phase, where you need someone to generate some initial parameters that are used to bootstrap the network, and then to destroy those parameters. If the parameters aren’t destroyed, that person could generate new coins out of thin air.
Zcoin used parameters generated way back in 1991 during the RSA Factoring Challenge. Because the creators of Zcoin didn’t generate the parameters themselves, there’s likely no way that they could use those parameters to gernate new Zcoins. However, just because it’s not likely, doesn’t mean it’s not possible.
To remove this potential issue, the Zcoin team is working on the Sigma Protocol which would remove the need for a trusted setup. It will also reduce the size of the Zerocoin proofs that are stored on the blockchain from 25kb to about 1kb, which will help keep the blockchain small in the future.
If you want to build a cryptocurrency that is truly private, you need to make sure it’s decentralized. Bitcoin miners have long been involved in a computational arms race as they moved from CPU-based mining to GPUs and then on to ASICs. Because ASIC miners are far more effective than CPUs or even GPUs, if you don’t have an ASIC you’re basically out luck. And since ASICs are expensive, miners who could afford them now mine the majority of Bitcoin blocks.
Zcoin is working on a Merkle-Tree Proof of Woork (MTP), which is an algorithm that should be resistant to GPU and ASIC mining, which means mining would be possible for users with just a CPU.
Zcoin compared to Zcash
Zcoin shares a lot in common with Zcash, another cryptocurrency using zero knowledge proofs to improve privacy. The names are even similar and it can be easy to get them confused with each other. Here’s a quick run-down of how they differ:
Zcoin’s trusted setup requires less trust. Zcash went through an elaborate trusted setup ceremony where 6 individuals generated part of the final “master key”. As long as at least one of those participants is honest and truly destroyed their portion, Zcash can be trusted. However, since Zcoin didn’t generate their own “master key”, instead relying on one generated a long time ago out of their control, the Zcoin setup is more secure.
Zcash is more private. Both Zcoin and Zcash hide the sender and recipient of a transaction, but only Zcash also hides the amount sent.
Zcash cryptography is more advanced. The Zerocash protocol uses newer zk-SNARKs cryptography, but whether or not zk-SNARKs are a good idea or not is yet to be determined. More research is necessary, which may mean that Zcash is riskier.
Zcash transactions take longer. Because of the advanced cryptography involved, generating a private transaction for Zcash can take up to a minute on a normal computer, and use between 2 and 3 GB of RAM.
Zcoin is one of the most advanced cryptocurrencies available and is being developed by a strong team. It’s not as well known as Zcash or as popular as Monero, but its strong foundations give it a lot of room to grow.
How to Buy Zcoin
Unfortunately, Zcoin isn’t as easy to purchase as Bitcoin. You can’t buy Zcoin with a credit card, so you’ll have to use one of the cryptocurrency exchanges to buy Zcoin using Bitcoin.
Buy Bitcoin at Coinbase
To start, if you haven’t already, head over to Coinbase and sign up. Coinbase will let you use a credit card to buy bitcoin, which is what you’ll be using to purchase Zcash.
Sell Bitcoin for Zcoin at Binance
After you’ve purchased Bitcoin, you’ll need to sign up for a cryptocurrency exchange - we recommend Binance. It’s fairly easy to use, has good up-time, and is responsive to customer issues. After you’ve signed up, you’ll send the Bitcoin from Coinbase to Binance. Head to the Binance deposit page, find BTC in the list, and click on the Deposit button to get your deposit address. Put that address into the field on Coinbase that lets you send Bitcoin.
After your deposit arrives on Binance, you’ll be able to head to the Binance Zcoin/BTC market where you can Buy XZC (the Zcoin currency symbol) using the Bitcoin you deposited.