Binance recently hosted a Zcoin AMA on their Telegram on the 6th March 2019. We had an awesome response from the AMA and there were many excellent questions. For those of you who missed it, we enclose the transcript.
The text is unedited, just formatted for clarity and easy reading.
Questions from Binance Host Darc
Darc: Today we have with us the awesome Zcoin team and their Co-Founder Reuben Yap. Are you here Reuben? ?
Reuben: Yes! Thanks for having me! i’m the COO not really co-founder 😉
Darc: ?Would you like to intro yourself to the chat?
Reuben: Sure ! So i’m the COO of Zcoin, I have been with the team since October 2016 so it’s been a while. I was a lawyer for ten years before this doing a lot of institutional framework work for the state government. i’ve been involved with cryptocurrencies since about 2013 and was the first merchant in malaysia to accept Bitcoin 😀 So that’s about it i guess 😀
Darc: OG ?Thank you sir! Lets get started with a few questions 🙂 Could you give a brief overview of what Zcoin is?
Reuben: Sure! Zcoin is a privacy coin and we’ve been around since 2016. We’re the first coin to use zero knowledge proofs in a privacy system having pioneered the use of the Zerocoin protocol (not to be confused with the Zerocash protocol which is used by Zcash). All other coins using Zerocoin either use our code or have drawn inspiration from our implementation.
To provide privacy, we allow users to destroy their coins, and then at any time after, to redeem brand new coins with no previous transaction history (they appear as freshly mined coins) by producing a zero knowledge proof. The proof proves that the user burned the coin without having to show which exact coin he burnt.
We are also the first coin to go live with Dandelion, that changes the way transactions propagate that make it hard for people to tie an IP address to an transaction without requiring them to use TOR or a VPN.
Also, in November 2018, Zcoin’s blockchain was used to hold Thailand’s Democrat Party’s primary elections to elect its party leader. It was the world’s first large scale political election on the blockchain with over 127,000 votes cast. So that’s pretty cool 😉
Darc: Nice! Could you tell us what does being a privacy coin mean?
Reuben: We feel that one of the primary purposes of cryptocurrency is as a means of economic and financial freedom that represents an alternative and a balance of power with governments and large organizations. Being able to transact freely requires privacy and censorship resistance. Without these, cryptocurrencies can be controlled.
On the blockchain, all transactions are public and permanently stored unless you have privacy features. For example Bitcoin is merely pseudonymous. You can see all transaction flows and the history of every coin. And we still need to deal with entities that know our identity, for example merchants and exchanges. What we don’t want is a situation where if I regularly pay a merchant or deposit money to an exchange, suddenly the merchant or exchange knows a whole lot more about my spending history or even how much I hold.
Privacy is not so much about hiding things, but more about having the ability to choose what you want to share with the world, rather than being forced to do so.
With the move towards cashless societies with centralized digital currencies, governments and organizations now can have full view of our financial histories, and we have to ask ourselves, have we always been able to trust governments? Can we be sure that such information isn’t leaked out? We’ve already seen so many cases of data leakages from even the biggest organizations.
The only people we should trust with our data is ourselves and that people should be free to use digital currencies just like cash, without fear of surveillance or worry about where it’s been and this is why we need privacy on the blockchain.
Darc: How is your coin different to let’s say to other leading privacy coins like Monero, Zcash or Mimblewimble based coins?
Reuben: This question can take a couple of hours to answer but I’ll try to make it as simple as possible! First of all we have a lot of respect for all these privacy coins and the work that they do and we all different approaches to the same issue.
The way Monero works is that when making a transaction, I take other ‘decoy’ inputs. I’m going to use a very crude approach here as I think it’s a humour and easy to understand example.
An easy analogy is if I want to fart in the room, if I’m the only person in the room, then everyone knows that I’m the one farting.
However, if I grab other people to be in the room with me and fart, now there’s plausible deniability and it’s unclear to a third party who farted.
Mimblewimble is similar except that they’re grabbing everyone who wants to fart and they all fart at the same time so that it’s unclear whose fart belongs to who.
These systems can be classified as ‘decoy based’ systems where you are building noise around your real transaction. Your transaction link is still there, just obfuscated by noise or other people’s transactions. There’s an excellent talk on this by Ian Miers from Zcash called “Satoshi has no Clothes” that talks about the problems with decoy based systems as with repeated transactions, privacy can fall apart quite easily as there emerge patterns and common taint trails that will ‘remove the noise’ and reveal the true transaction.
Zero knowledge proofs work differently and provide higher degrees of anonymity. The way Zerocoin works if we use the fart analogy is that now instead of your plausible deniability just being everyone in the room with you, now it’s with every person who has ever farted in the room.
Burning the coin and redeeming the coin doesn’t just ‘hide’ the transaction link, it destroys it.
Zcash’s privacy system is very impressive with huge anonymity and high performance. Its main issues derive that it uses extremely complex and relatively new cryptography such that only a handful of people can understand it.
This is a problem as if it’s difficult to understand it becomes hard to audit as illustrated by the recently disclosed Zcash bug that was live for 2 years which would have allowed people to make coin forgeries out of thin air if it was exploited. This was despite some of the brightest coders, researchers and numerous security audits working on it. The way Zcash is setup, they can’t even be sure whether this exploit was taken advantage of or not and they cannot be sure how many coins there are in existence. This is called lack of supply auditability.
Zcoin uses on the other hand easy to understand cryptography based on solid cryptographic building blocks that are used widely in the world. Meaning if the cryptography behind Zcoin breaks, the least of your problems would be Zcoin but even your online banking, commerce, and websites would have issues. Also the way we are setup, supply remains auditable so even if there is a flaw in our code (which has happened before), we can detect and rectify it.
With all privacy systems there are pros and cons and we see ourselves as offering a very well balanced offering. We provide strong anonymity that we believe lasts the test of time even with the advent of AI assisted blockchain analysis, and use well tested and understood cryptography.
If you want to dive deeper into the intricacies of this, you can read our comparison post here. https://zcoin.io/zcoins-privacy-technology-compares-competition/
Darc: “An easy analogy is if I want to fart in the room, if I’m the only person in the room, then everyone knows that I’m the one farting.” easily the mosy interesting start to an analogy we’ve had so far hahahaha!
Darc: In December 2018, you implemented MTP which aims to democratize mining. Why does Zcoin embrace PoW and ASIC-resistance?
Reuben: My job is to make privacy tech easy and fun to understand 😉
Darc:And stink apparently lol last question after this guys i promise ☺️
Reuben: Proof of Work is the most tested consensus mechanism. Getting proof of stake right is not easy as illustrated by Ethereum taking so long to move to proof of stake and the recently disclosed “Fake Stake” attacks that affected many high profile coins.
I personally like the idea of how PoW ties the cost of production of a coin to a real world value that you cannot fake.
However even if we can get a secure proof of stake implementation, PoW provides a good distribution mechanism. It allows people anywhere in the world to turn on their computer and have a chance to earn some coins provided that ASICs are not involved.
With Proof of Stake, there is no similar distribution effects as you are rewarded based on how much you hold, resulting in the rich getting richer. PoS coins rely on well developed exchanges and having a large proportion of their coins available on the market. In the short term, PoS coins should have better price action as it rewards HODLing but for a global currency, distribution and user base is key which is why for at least the initial stages of the coin, we think PoW is important.
MTP is an attempt to bring meaningful ASIC resistance. Unlike other ad-hoc schemes, MTP has undergone academic peer review and raises the cost of ASIC development and limits its effectiveness. We want people to be able to mine with easily available hardware so that we can have as wide a distribution as possible.
ASICs don’t really have the same effect and tends to be controlled by large manufacturers. Remember, ASICs are effectively money printing machines. Why would someone sell you their money printing machine at a low price when they can use it for themselves?
Darc: Last question from me then we can do the fun stuff 🙂 What are your goals that you hope to achieve in 2019?
Reuben: We have a few goals that we want to achieve.
Improve our privacy protocols (Sigma/Lelantus). We are set to launch Sigma testnet which will be a replacement to Zerocoin which reduces proof sizes from 25 kb to about 1.5 kb and also removes the need for a trusted setup.
You can also read about our next gen privacy protocol Lelantus (www.lelantus.io) which is also in deep development. All the cryptographic building blocks and libraries have been built and what remains is further peer review and integration to our wallet (which isn’t a simple task).
The second is: Improve user experience (new wallet UX). You can check out @catchingknives little runthrough here. https://www.youtube.com/watch?v=ox6eNgfnv_4 We hope to release this relatively soon.
The third is: Increase adoption in two prongs.
The first being through nationwide adoption of Zcoin in Thailand. There’s an existing universal QR code system called Promptpay that’s designed to take all sorts of payments from credit cards, bank transfers, Alipay etc etc and we have found a way for people to spend Zcoin directly through anyone who accepts Promptpay. Promptpay has several million active users. As our founder Poramin heads one of 3 exchanges with a license to operate an exchange in Thailand, we are in a great position to do this.
The other is through greater use of our blockchain via smart contract capabilities through Exodus/Themis. We have some businesses in Thailand who wish to hold their STOs on our chain, build stable coins or gold backed tokens. We don’t aim to be a smart contract platform and are more suitable for smart tokens where our slower block times are acceptable. We think having greater visibility and usage of Zcoin will improve the awareness and stature of our project.
Darc: Thank you so much for answering my questions ❤️
Questions from the Community
Note: Many of these answers were hastily typed to answer as many as possible.
Grinding Poet @grindingpoet
“Hello @reubster, I believe that the privacy feature is as important as decentralization is for cryptocurrencies. I would like to ask you what measures are/will be taken in case of exploitation of a Single-Point-Of-Failure as it is not the case with Bitcoin, but you guys have faces that the government can enact upon. How would you tackle this situation if it ever occurs as no government would want to allow private chain transactions coz they all want to control it all.”
“Good question. During the first four years development will be rather centralized but we plan to move towards a community funded model after this. We set the general direction and tone and off it goes. Also open source means anyone can take over the project here. We aim to have good developer documentation but the main thing is the adoption. If there is adoption, people can still anonymous contribute to the code and move it.”
“@reubster Sir, As you explained xzc is quite tight regarding privacy. But the negative side of privacy is money laundering.
Do you have any safeguards to prevent money laundering? Or if a person has laundered his money through XZC and That country government wants info about that.
Is it possible to provide that information. TLDR: How do you plan to prevent money laundering and how do you plan to answer queries of government of a particular citizen”
“I believe the answer to this is that if you allow privacy coins on regulated exchanges, this means that when you purchase or sell ZCoins in large amounts you will need to do AML KYC. If you ban it however, then it goes to DEXes, unregulated OTC or p2p exchanges. We want spending histories and balances of people to be private but if u’re going to be dealing with exchanges, this deals with the AML/KYC element.
Also the biggest money laundering is done using good old fiat money 😉 not so much crypto. Easier to do it via traditional methods honestly.”
Andrei Opris @AndreiOpris22
“Do you believe that ZCoin sees some advantage from having code that is based on Bitcoin’s core code? Such as it makes it easier for the project to implement changes that Bitcon makes + the anonymity factor that can be considered a certainly big deal, especially in countries such as China, where privacy is difficult to come by.”
“Yes I do believe that this is the case as we can then focus on building the privacy layers and inherit improvements from Bitcoin. It also allows easy integration to places where Bitcoin is already accepted since it’s very similiar.”
“Question. You have the best Privacy centric Coin but why is the majority still using other less advantage tokens/coins? what seems to be the reason for this?”
“I honestly think it’s lack of exposure and a lot of people dismiss us as a Zcash fork. We also had a very rough start with our co-founder running away with all our seed funds and a horrible bug that allowed coins to be created out of thin air. We had to really rebuild the coin to where it is today and I think we’re starting to see traction. I also think the lack of a US presence also hurts us.”
Kelvin KriptoA @Kelvin_KriptoA
“Question About the Binance Charity Program that being supported by Zcoin:
For the Lunch for Children Program in Uganda, Is the program funded with only $XZC or both $XZC & $BNB?”
“Funded in PAX”
Gagandeep Singh @gagan2193
“can we see zcoin team working with spies (fbi,mi6 etc etc)soon?”
Ꮶʀɨs ? ⚡️ @krisbdream
“What’s your view on the privacy coin market right now? IMHO, it’s a crowded market, with lots of coins not really innovating. Thoughts?”
“Exactly, I think there’s a lot of lack of knowledge on privacy tech.
People slap on TOR to their coin and go bam, my coin is the best and people still buy it.
I think unless people understand that, and realize that only a handful of coins are seriously developing innovative solutions rather than rebranding an existing tech, then this will continue but we are starting to see some change in this.”
“Whats the assurance that this project will succeed? partnerships, practical implementations, business, etc”
“We aren’t a smart contract platform so partnerships are not so important. Merchant adoption and integrations and places to use it are important. However check out our work with the Thai Democrat Party elections.”
Gaganjot Singh @GaganjotSingh91
Is company planning for mobile mining?”
“No, in most cases it’s not true mining.”
“Are you planning to bring up a hidden service tor v3 for your website?”
“Yes good suggestion.”
Daryl Lau @Daryllautk
“1) What does a day in the life of Zcoins COO look like?
2) What are your thoughts on Malaysia declaring all Cryptocurrencies as securities and does the securities classification apply to Zcoin in anyway?”
“Exercise in the morning, have breakfast with friends, then work work work work. Sometimes i teach Aikido at night. Spend time with the wife. Then i work a bit more and catch up with the community, watch some netflix then sleep.
As for 2) it depends on usage. If it’s just payment, then it’s not a security.”
Tiong Woo See @stw0225
“Reuben, Lamborghini and Ferrari, which one? ?”
“Neither i like utilitarian efficient cars. I drive a Honda Civic Hybrid and am very happy with it :D”
Ꮶʀɨs ? ⚡️ @krisbdream
“How is Zcoin focused on fair distribution, decentralized coin supply, and protecting investors through good governance?”
“Check the forums 😀 forum.zcoin.io there’s an ongoing discussion on that”
DJ Chahal @djchahal
“What is the origin of the name ZCoin? What does the Z stand for?”
“Zero. Not a very good marketing. Someone told his gf that he was buying ‘Zero’ coin. She said “that doesn’t sound like a good investment”.
Kelvin KriptoA @Kelvin_KriptoA
“At what stage of development is your new privacy protocol, Lelantus now ?”
“All cryptographic libraries are built and we’re optimizing that code. Then comes the long process of integration. We post weekly ish updates on our blog.”
Grinding Poet @grindingpoet
“@reubster Have you considered Sharding as a possible scaling solution (on-chain)? Don’t you feel that a privacy feature integrated in a public chain could survive or get adopted? Like the immutable bitcoin ledger and combination of zcoin’s privacy feature?”
“Aren’t ruling it out but not a development focus. Perhaps but large coins have other priorities as well and there’s a lot of trade offs when implementing privacy coins like performance and scaling.
This is why most large cap coins are looking at ‘mixing’ solutions which only partially solve the privacy problem and it remains to be seen how it stands up to advanced blockchain analysis.”
Ꮶʀɨs ? ⚡️ @krisbdream
“What do privacy coins look like in 5 years? Everyone’s got bulletproofs, and all the coins do pretty much the same thing, or will there continue to be innovation to differentiate privacy projects? What kinds of innovations, in what areas?”
“That’s not true. for e.g. mimblewimble is quite different. Lelantus is different. Bullet proofs is only one component and usually used as a ‘range proof’. It’s like only talking about the ‘tire’ of a car when it only part of the privacy protocol.
I think we’ll see a lot more promising privacy protocols coming up. Improvement in Lelantus, zkSTARKs, ways to keep the blockchain small using zk proofs, quantum resistant schemes. There’s actually a quantum resistant version of One out of many Proofs (the basis of our Sigma).
The difference is that we will continue innovating on Zcoin and not start a new ‘fork’ or project.”
“How do you see your competitors, do you think you have the best technology and why?”
“I feel that we have the best well rounded privacy solution out there.”
“Which plans does zcoin have to be avaible for more exchanges?”
“of course though Binance is an important partner ;)”
Dam the man @Telunatic
“Based of you hard work in the background, do you see zcoin in top 10?”
“Sure hope so ! But hard to predict 😀 Sometimes it’s not just about merit.”
“As your coin focuses on privacy shouldn’t you guys be anonymous like Satoshi”
“Well i think also being at the forefront also means we’re accountable to people and have real world identities.
But i don’t think it’s a problem. Fluffypony is public for Monero and he’s doing okay.”
Gagandeep Singh @gagan2193
“who is satoshi in zcoin team???”
“Poramin Insom :D”
Z Nation @ZeeNation
“How Zcoin will ensurw that no founder run away with money in future??”
“We have a Zcoin foundation for this now.”
“How your ethics looks like?”
“Highly ethical? :D”
Dan the man @Telunatic
“What is the biggest vision in near future for Zcoin?”
“Nationwide adoption in Thailand for ZCoin ;)”
XZC Yap @Valist
“Can you link the awesome community updates you’ve put out for people to learn more?”
“Check out our youtube channel https://www.youtube.com/c/zcoin”
Kelvin KriptoA @Kelvin_KriptoA
“I read that Lelantus protocol was created by cryptographer, Aram Jivanyan. Am I correct?
How/Why did he come up with the name, Lelantus ?”
“Titan God of the unseen”