Zooko Wilcox on Digital Privacy, Future of Zcash

When privacy preserving protocol, Z cash forked off from Bitcoin in 2016, it was the first large scale commercial use of zero knowledge proofs. Since then, the team developing Z cash has continued to innovate, pushing the boundaries of computer science and cryptography to improve privacy. Joining us now with more is Zuko Wilcox founder and CEO of the company leading Zi Cash Development, the electric coin company. Zuko. Welcome to the show. Thanks for joining us. So in May, the much anticipated nu five upgrade went live on Z cash. Tell us how it improved privacy and other features of Z cash. Uh Hi there. Thanks for having me. The main thing that the EU five upgrade did in May was eliminate trusted setup. Uh trusted setup is this thing. It's complicated. It's a technical um but Z Cash pioneered the use of zero knowledge proofs at all for anything back in 2016 and back then, you couldn't do zero knowledge proofs efficiently without this thing called trusted setup. But trusted setup is a vulnerability. And uh this year, we finally figured out how to deploy an upgrade to zero knowledge proofs that eliminate that vulnerability. Um So that's, that's what's important to me. That's we, we've eliminated vulnerability, which uh the rest of the industry will hopefully catch up and also make trust to set up a thing of the past in the coming years. So Zuko, can you explain the trust is set up for the kids at home who are, who, who might be uh just uh tuning in and learning about this? Well, it's pretty darn complicated but it's like this to do zero knowledge proofs which no one could ever do at all before we started in 2016. Uh in practical terms, um You've got to generate like a giant random number, like effectively like a public key. And then you've got to prevent anyone from knowing the accompanying private key. OK? You've got to like generate a public key and then destroy the accompanying private key because if anyone has that private key, they can use it to hack and rob everyone else. OK. So it's like, it's like a huge, huge vulnerability baked down into this one cryptographic item. And in 2016, when we launched, we pioneered um probably the probably history's best information security process or, or ceremony ever to generate the public key without allowing the private key to ever come into existence. Um That was the subject of a really good radio lab episode if you're into the podcast. Um And we were successful at that, we successfully uh performed a trusted set up operation in 2016. And then we did again with a Z cash upgrade in 2018. And the whole rest of the industry after they saw that zero knowledge proofs like were practical and safe based on Z cash. Um has started using zero knowledge proofs for all kinds of other things, right? And they've uh largely stood on the shoulders of the Z cash engineers. And so nowadays, the same kind of trusted setup process in which people get together and they do this ceremony or process to generate the public key in a way that is intended to prevent the private key from being recovered or learned or stolen by anyone. That's, that's the current state of the art in the whole crypto industry. Um And it's, it's definitely not good enough, you know how um bridges got hacked a lot over the last year. Um And hundreds of millions of dollars got stolen. And that's because bridges are a place where everyone's eggs are all in one basket. And so hackers have the incentive to figure out how to hack that one location to extract all the money. Well, trusted setup is even worse than that. Uh There's, I, I think I hope I'm wrong. I hope people upgrade before this happens. But with the current state of the art, there is going to come a day when people wake up and not just one smart contract or one set of users, but like every smart contract on an entire Blockchain and every user of every smart contract on that Blockchain all got hacked simultaneously overnight because of the, the, the unique vulnerability of trusted setup which allows an attacker who successfully exploits it to take advantage of and exploit everyone who relies on that zero knowledge proof system. All right. Uh It hasn't happened yet. It didn't happen with Z cash. It hasn't happened with anyone else yet. Uh But the more users and the more money and the longer these things run and scale up then the more incentive there is for hackers to figure out how to do that, which is what happened with bridges this year. So, so, so anyway, that's the big is in 2022 Z cash made trusted, set up a thing of the past in terms of technology, Z cash users will no longer be affected in that horrible dystopian scenario. I just laid out and I want to urge my fellow builders in the industry to pay attention. It's time to upgrade past trusted setup. So, speaking of uh dystopia, uh Edward Snowden was one of the people who, who was involved in the, in the uh trusted set up in the key ceremony thing you had going uh so key and obviously he's, he's hanging out with Putin or whatever he's doing in Moscow. Uh Is he still, he recently got a passport in Russia? I uh totally don't know what you're talking about. And uh and we'd be surprised. I think you're making that what I was saying. Was that a joke? No, no, no. That, that's actually recent news about him hanging out with Putin. That sounds like a joke. That part's a joke. That's a joke. Yes. Maybe that sound like the kind of thing that Ed Snowden would do. No, but he is there, he is there and he, and he is sworn to, he's sworn to Russia. So I, you know, I guess the question is, is he still involved in any way with, with cash? Uh I can answer that question. Uh No, Ed Snowden helped with the initial trust and set up because we needed part of the process to make sure that the secret key couldn't be recovered by any attacker was to get a number of different people and make it. So each of them had a part of the secret key and each of them promised to securely delete their part. And Ed Snowden was one of the six people that are recruited to do that. Uh Because I thought he would not likely get hacked and he would uh honestly delete his part. Um But as long as any one of them deleted, any one of the six participants deleted their part, then nobody would ever be able to exploit it and we, we subsequently have um unchain proof that no one ever did exploit it. Uh Z cash is upgraded past that secret key and there's never been an exploit that would that stolen or counterfeit anyone's money. But let me answer your question. No, that's all he did. He did that for free voluntarily, like as a public service to help make it so that, that thing wouldn't get exploited. And we never had, we never paid him, he never had any kind of relationship or anything else with us. So Z cash has also been the target of regulators and you know, government scrutiny in the United States. Recently the SEC took aim at it. Oh, well, ok. The C took aim at Z cash this year for its controversial funding model and pre mine alleging that the project may be a security. It's also under attack for its popular use to circumvent tornado cash sanctions by the US. So I wonder if you could uh is, is the right to use it under attack? Ok. Again, sorry to be picky. But I think you just said a bunch of stuff that's not true and at least not to my knowledge. Um The uh the only thing is not true and that the SEC has taken aim at Z cash for a pre mine which C cash didn't have. And the SEC has never said anything about that to my knowledge. Um If you know something, I don't, we can spill it. They're alleging that it may be secure and this is happening with many uh cryptocurrencies, right? So there's all these public statements from the SEC. Uh, some of which I guess are contradictory. Like, either Bitcoin is the only thing that's not a security or Bitcoin and either are the only things, it's not a security or there's five things that are not a security but everything else is security or whatever. Uh, the only thing that I know about, um, the SEC and Z cash is that there's this back and forth with gray Scale, which is an SEC regulated us company, um, when they're doing a bunch of filings because they have a product, a financial product that's based on Z cash. Um, and I think people may be over interpreting that. And I, I read the little like Delta that you guys discovered in Coindesk, uh, magazine about the back and forth. And, um, I want to point out that gray scale has nothing to do with my company that is one of the Z cash engineering companies or the other organizations and companies that support C cash in different ways. And if you look at the other sec regulated companies in the United States like coin base, Gemini Crackin Finance us, et cetera, uh, they're all continuing to support C cash and in many cases actually doubling down and supporting Z cash more and more. So honestly, I don't know much more. I, my company has never had any kind of contact from the sec enforcement division. There's no, uh, all I know is that thing that you guys published in coin desk about this back and forth between Graco and SEC. And based on uh like public statements, I would say it's not any more murky and confused than the SEC is about everything else either.