First and foremost, we’d like to thank the ZCash team for disclosing technical concerns regarding zk-SNARKs transactions from the previous Sprout version PHGR13 proving circuit with the Horizen team.
The ZCash team’s approach to responsibly identify, disclose, and provide technical consultation with other projects is a prime example of industry-wide collaboration and a model for every blockchain project.
On November 13, 2018, the ZCash team approached Horizen regarding a technical concern associated with zk-SNARKs shielded transactions. After careful evaluation of the technical concern and Sapling release, the Horizen team implemented a subset of Sapling features (Groth16) that directly affected the concerned codebase and released the fix with ZEN 2.0.16 release.
- zk-SNARKs sprout circuit: Groth16 that replaces the previous Type 2 transaction with Type 3
- Introduction of a “Type 3” shielded transaction type. New transactions use a zero-knowledge proving system based on the Groth16 paper. Previous Type 2 shielded transactions used instead as proving system the PHGR13 pinocchio protocol.
On behalf of the Horizen Community, we’d like to thank ZCash for displaying exemplary collaboration!
For additional information on technical concerns regarding Type 2 zk-SNARKs transaction, please read ZCash’s blog.
Is my ZEN in shielded addresses safe?
- Yes, ZEN 2.0.16 allows for the use of previously generated Sprout note commitments. The only difference is that new note commitments are required to use the updated Groth16 proving circuit.
Why didn’t Horizen implement full Sapling?
- The Horizen blockchain has sufficiently deviated from the ZCash code base and so wanted a more rigorously evaluated and tested implementation of full Sapling. Horizen plans on implementing Sapling in the following release.
How do we know that the integrity of Horizen supply remains intact?
- There are no indications of successful exploit or coin supply in excess of the expected amount based on the number of blocks that have been mined.