New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Advanced Zcash Blockchain Analysis #34

feddan35 opened this Issue May 18, 2018 · 5 comments


None yet
3 participants

feddan35 commented May 18, 2018

CryptoLUX Research Group, University of Luxembourg application for Zcash foundation grants.

Our proposal is to continue the empirical analysis of the Zcash blockchain. As we have described in our previous results (link), the t-to-z and z-to-t transactions in Zcash are linkable in a quite large proportion, mostly caused by the requirement for block rewards to be first converted to a z-address. This alone leads to at least 80% of shielded transaction linkability. Considering the previous results, we still have areas, that seem valuable to investigate in detail. These are the following:

  • Investigate optimal transaction fee prediction.

  • Extend previous analysis and heuristics for other Zcash based currencies.

  • Investigate payment structures both in public and hidden transactions as well.

  • Further miner analysis, fine tuning the miner deanonymization, remove any false positives, try to find the marginal miners/pools as well as improve coverage of the history of Zcash (currently 92% in earlier months).

  • Study further the interaction of exchanges with the blockchain.

  • Investigate the possible false positive rates for the existing heuristics, analyze the remaining 2,000 hard unlinked transactions per 10,000 blocks.

  • Analyze recommended best practices (schielded ecosystem) and make new recommendations.

  • We are also open to ideas and proposals from the community on what else would be of interest to explore.

The team would consist of PI Alex Biryukov and PhD Student Daniel Feher. The work would take 4-6 months.

@tromer tromer added the security label May 25, 2018


This comment has been minimized.


tromer commented May 25, 2018

Any thoughts on how this analysis will be affected by the upcoming Sapling upgrade? The upgrade will:

  1. Make it much easier to conduct shielded transactions (in terms of resource use and communication patterns), so we'll expect to see many more of them
  2. Have an explicit "turnstyle" where the only way to change old-style Sprout notes into new-style Sapling notes is by intermediate unshielding (revealing values, though if done prudently, not using any persistent t-address)
  3. Maybe other things?...

The Sapling spec is online and a gentler blog post will be published soon.


This comment has been minimized.

feddan35 commented Jun 1, 2018

The Sapling update will probably increase the anonymity set, making it more challenging to link transaction. On the other hand, the "turnstyle" from Sprout to Sapling can be harmful for the anonymity of the users, which they should be warned about, and we already have a few ideas on how to use this information.

@tromer tromer added the invited-full label Jun 1, 2018


This comment has been minimized.


tromer commented Jun 1, 2018

The Zcash Foundation Grant Review committee has reviewed your pre-proposal, including the above discussion, to evaluate its potential and competitiveness relative to other proposals. Every pre-proposal was evaluated by at least 3 (and typically more than 4) committee members .

The committee's opinion is that your pre-proposal is a promising candidate funding in this round, and the committee therefore invites you to submit a full proposal.
Please submit a full proposal by June 15th, following the detailed structure described in the Call for Proposals. We encourage you to submit a draft as early as possible, to allow for community feedback.


This comment has been minimized.

feddan35 commented Jun 15, 2018

Our official proposal is attached below.


This comment has been minimized.


sonyamann commented Nov 6, 2018

I'm thrilled to inform you that the Grant Review Committee and the Zcash Foundation Board of Directors have approved your proposal, pending a final compliance review. Congratulations, and thank you for the excellent submission!

Next steps: Please email from an email address that will be a suitable point of contact going forward. We plan to proceed with disbursements following a final confirmation that your grant is within the strictures of our 501(c)(3) status, and that our payment to you will comply with the relevant United States regulations.

We also wish to remind you of the requirement for monthly progress updates to the Foundation’s general mailing list, as noted in the call for proposals.

Before the end of this week, the Zcash Foundation plans to publish a blog post announcing grant winners to the public at large, including a lightly edited version of the Grant Review Committee’s comments on your project. The verbatim original text of the comments can be found below.

Congratulations again!

Grant Review Committee comments:

Proposed by the Cryptolux Team at the University of Luxembourg, who were also awarded a Zcash grant in the fourth quarter of 2017. The team proposes a research grant to continue their empirical analyses of the Zcash blockchain. The team proposes leveraging several techniques known for deanonymizing and linking transaction information together with some novel approaches that the committee recognizes to be valuable. These approaches include studying Zcash-specific ideas like note conversion from Sprout to Sapling as well as more general ideas that may provide more broad results.

The committee recognises that the proposed approach by the Cryptolux Team is likely to produce an interesting and valuable analysis, we recognize the strong background of the proposing team, and we recognize their capability of accomplishing their goals. Funding of the full amount is recommended.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment