Skip to content

Zcash Evaluation

Evaluation of Zcash’s proving system and potential integration with SIP Protocol.

Zcash pioneered shielded transactions using zero-knowledge proofs. SIP evaluates integration points while maintaining its application-layer approach.

PoolProtocolStatus
SproutBCTV14Deprecated
SaplingGroth16Active
OrchardHalo 2Latest
PropertyZcashSIP
Amount privacyYesYes (Pedersen)
Sender privacyYesYes (Stealth)
Recipient privacyYesYes (Stealth)
On-chain shieldingYesNo (app layer)
Trusted setupYes (Sapling) / No (Orchard)No (Noir)

Use Zcash shielded pool as swap destination:

Ethereum → SIP → NEAR Intents → Zcash (shielded)

Pros:

  • Leverage Zcash’s proven privacy
  • Full on-chain shielding

Cons:

  • Requires Zcash RPC access
  • Limited to ZEC as output

SIP includes Zcash RPC client for shielded operations:

import { ZcashRPCClient } from '@sip-protocol/sdk'
const client = new ZcashRPCClient({
host: '127.0.0.1',
port: 8232,
username: process.env.ZCASH_RPC_USER,
password: process.env.ZCASH_RPC_PASS
})
// Create HD account
const { account } = await client.createAccount()
// Get unified address
const { address } = await client.getAddressForAccount(
account,
['sapling', 'orchard']
)
// Send shielded transaction (returns an operation ID for tracking)
const operationId = await client.sendShielded({
fromAddress: address,
recipients: [{ address: recipientZAddress, amount: 1.5, memo: 'Private transfer' }]
})
const operation = await client.waitForOperation(operationId)
console.log('Transaction ID:', operation.result?.txid)

Verify Zcash proofs within SIP:

// Not implemented - future consideration
const isValid = await verifyZcashProof(proof, publicInputs)

Orchard uses Halo 2 for trustless proofs:

FeatureBenefit
No trusted setupEliminates ceremony risk
Recursive proofsProof aggregation
IPA commitmentsSmaller proof size
AspectNote
ComplexitySteep learning curve
PerformanceSlower than Groth16
EcosystemLess tooling than SNARKs

SIP chose application-layer privacy over protocol integration:

  1. No blockchain changes - Works with existing chains
  2. Flexibility - Not tied to single privacy technology
  3. Speed - Faster iteration than protocol changes
  4. Multi-chain - Privacy across all supported chains
ApproachProtocol LevelApplication Level
Privacy strengthStrongerGood
ImplementationHarderEasier
Blockchain changesRequiredNone
FlexibilityLowerHigher
// Create account (modern HD approach)
const { account } = await client.createAccount()
// Get address for account
const { address } = await client.getAddressForAccount(
account,
['sapling'], // Receiver types
0 // Diversifier index
)
DeprecatedReplacement
generateShieldedAddress()createAccount() + getAddressForAccount()
z_getnewaddressAccount-based approach
// Get balance for an account (per-pool breakdown)
const balance = await client.getAccountBalance(account)
// List unspent shielded notes (incoming/received funds)
const notes = await client.listUnspent()
// Send shielded (returns an operation ID; resolve to a txid via waitForOperation)
const operationId = await client.sendShielded({
fromAddress: sender,
recipients: [{ address: recipient, amount: 10, memo: 'Optional memo' }]
})
const { result } = await client.waitForOperation(operationId)
console.log('txid:', result?.txid)

Zcash Unified Addresses (ZIP-316) combine multiple receiver types:

u1...
├── Orchard receiver (if available)
├── Sapling receiver
└── Transparent receiver (optional)
// Generate unified address
const { address } = await client.getAddressForAccount(
account,
['orchard', 'sapling', 'p2pkh'] // Include all receiver types
)
MetricZcash SaplingZcash OrchardSIP (Noir)
Proof gen~40s~2s~3s
Proof size~1KB~5KB~200B
Verify~10ms~10ms~10ms
Trusted setupYesNoNo
  1. Zcash as privacy pool - Route through shielded pool
  2. Proof interop - Verify Zcash proofs in SIP
  3. Viewing key compat - Share viewing keys across systems
  1. Direct Zcash protocol modification
  2. Sprout pool support (deprecated)
  3. Mining/consensus integration