Today I would like to talk about how Zcash bends over backwards to support non-privacy on their supposed "privacy coin." One particular concrete example really stood out to me recently and I want to share it and discuss it with the wider "actual" privacy coin community.
They say a picture is worth a thousand words, and what I want to discuss is the above image from Zcash Github Issue #5693. Zcash community has a huge academic influence and they often make things seem very complex, even though they are relatively simple. Making simple things complex keeps academics with a job, because if things were explained in simple easy-to-understand language then many academics would be out of a job and have less job security. The same goes for Zcash developers and engineers.
The above image shows eight possible "privacy policies", where only one of them is "actual" privacy (what Zcash calls FullPrivacy), every other option is much less privacy or no privacy at all. Why does Zcash spend so much time on this other "junk" and not focus all their energy on FullPrivacy? That is an honest question, and there is no definitive answer, but I have some theories. And even the Lead Developer of Zcash Daira Hopwood has concerns about these policies:
I'm concerned about the practical feasibility of implementing a usable full-node wallet with this API. Short of exposing the full range of policies to users via a radio button and expecting users to understand all the nuances, I don't see how I would implement something that won't either be incredibly frustrating (and not localisable, since all the error messages are in English), or that just always passes AllowFullyTransparent. :-/
If the Lead Developer is concerned about implementing a usable full node wallet with all this complex garbage, what is the hope of an average user to use it correctly? Just about zero. And this doesn't even take into account that these new eight options of "privacy policies" need to be correctly used by exchanges and external GUI wallet developers as well. This is a huge example of nonsensical tomfoolery, which is unfortunately a common occurence if one looks at the history of Zcash development.
Firstly, I should point out that HUSH only supports FullPrivacy, we don't even think about the other seven options. This is actually the easiest thing to do from a developer perspective, because things are simple. We have only FullPrivacy, no other options. This is the least code to write, test, maintain and document.
It is now almost six years since Zcash launched with optional privacy. There is no possible reason, from a privacy or technical perspective, why they still need to support optional (or watered down) privacy. Why do they spend so much time, money and engineering resources to support all this other non-privacy junk? My theory is that they are like an academic that needs to make things complex to keep their job and protect their job security. The main reason Zcash exists is to make profit, not to provide privacy to it's users. With that lens, many actions of Zcash begin to make sense.
If Zcash really cared about the privacy of it's users, it would enforce FullPrivacy. This is what HUSH calls "z2z" since it means only allowing zaddrs to send to other zaddrs. The only reason Zcash has not disabled the use of transparent addresses (taddrs) is because it would almost certainly mean less profits for Zcash insiders. This is because many Zcash exchanges and wallets do not support zaddrs because of technical, regulatory or other reasons. Zcash is addicted to profits from non-privacy, and hence it cannot quit. There is seemingly no point in the future that Zcash is willing to enforce privacy. They are even willing to plan on changing from Proof-of-Work to Proof-of-Stake yet they have no plan to enforce privacy.
The simple truth is that Zcash is "privacy theater", they want you to think you have privacy when you use Zcash, but experts in the field of privacy coins all know that is a big joke. The overwhelming majority of funds and transactions on Zcash mainnet use transparent addresses which are completely trackable and are exactly the same as Bitcoin transactions. If you learn one thing from this writing, it's that Zcash has no actual privacy because it's privacy features are optional and very few people use them!.
This one Github issue above is just a single very clear example of Zcash privacy theater. The truth is actually that almost everything Zcash does, all the millions of dollars that are spent on paying developer salaries has no bearing on privacy at all. It's all a complex shell game to make them look busy and keep people confused. Look at all those thousands of lines of code and Github activity! Too bad almost all of it is completely useless for privacy, and often has negative consequences for privacy, which I will go into in a future memo.
-- Duke Leto