How about Zcash? At least it’s available on exchanges in the USA, unlike Monero.
why is zcash allowed but not monero 
To me, Zcash seems like the Telegram of cryptocurrency. Very well funded, very well marketed, very dubious technical merits.
Lacking privacy by default is such a non-starter for any cryptocurrency that it’s honestly pretty confusing to me why more Monero alternatives haven’t really been attempted.
9 Likes
Off topic: Jonah, the comparison to telegram is misleading, Zcash uses a well tested implementation of zero knowledge proofs, and it’s widely accepted in the cryptography space that they work, they are also used by many well respected projects, are your criticisms based only on it being “not private by default”? Or are you implying zk proofs as used in Zcash have “very dubious technical merits”? The first option is debatable, the second is a little hard to believe and more fit for academic discussion.
1 Like
Certainly both. The vast majority of Zcash transactions being unshielded is highly problematic.
I do also believe the technical merits of Zcash are weaker than Monero’s, but I mainly have to defer to others who spend more time looking into cryptocurrency on this one. I would just encourage people to do their own research on this front and decide, I don’t really want to be the one debating this stance myself.
A few notable problems to me:
- The initial trusted setup, which AFAIK may have been solved going forward, so at least it is maybe not an ongoing backdoor (originally IIRC they thought they’d have to repeat the trusted setup in future upgrades), but the initial setup conditions are still (always?) in question IMO.
- Unclear whether the conditions for zero-knowledge proofs to be robust is actually met in practice, needs more testing/research especially since (again) so few transactions are shielded.
- The corporate structure and founder’s reward is crazier than even Ethereum’s, which is saying something.
Again all this technical stuff I’m going to leave to other crypto people to debate, just sharing where I’m at as a reference. The lack of privacy by default is the main problem with Zcash I’d personally push back against.
1 Like
I don’t really follow the cryptography and cryptocurrency spaces closely but this seems quite harsh unless you are aware of many problems that substantiate your estimation? I fully understand that it is not shielded by default which disqualifies it as a privacy-friendly cryptocurrency at this time. I am also under the impression that it is widely agreed on a technical level that shielded Zcash offers stronger privacy guarantees than Monero? To compare, it is unlikely anyone has ever called MProto 2.0 a stronger cryptographic protocol than the Signal protocol.
They seem very highly regarded in terms of the cryptographic expertise and engineering involved, and their research. Telegram on the other hand notably put off the cryptography community with their decisions and attitude.
I found an article from a well-known the only Monero influencer I know On Zcash | sethforprivacy.com on the topic, and it largely supports my uninformed assumptions. There seems to be plenty to criticise Zcash about, but this primarily seems to be on a directional/political level.
EDIT: Can see this has already been expanded on now in Bitcoin for Signal - Private Messaging Needs Private Money - #12 so the initial trusted setup, theoretical vs. practical guarantees and the structure and rewards. The first has at least been resolved, the second is not something I have come across before so fair enough.
1 Like
It is certainly not debatable that Zcash is not private by default, it is a fact that users need to intentionally opt in to private transactions.
1 Like
Still Offtopic: You are right but what I was trying to say is that it´s debatable why that would matter to a privacy concious user, the target audience for Zcash is probably someone who wouldn’t care tapping one button on the Zashi wallet (made by electronic coin) to instantly shield their money or getting them from a source like Gemini or decentralized exchanges that allow shielded withdrawals.
If you are privacy concious in any reasonable degree it’s debatable why would that matter to you given it’s very easy to use Zcash the “right way”.
I think I’m still siding with Monero generally, but I wanted to link an interesting thread on Zcash I found for further reading: https://x.com/arjunkhemani/status/1981379547451760967?s=46
1 Like
The GrapheneOS developers seem to think Zcash shielded transactions are more private than Monero
https://xcancel.com/GrapheneOS/status/1684851015995056128#m