Zerocash is a new protocol that provides a privacy-preserving version of Bitcoin (or a similar currency).

Zerocash fixes an inherent weakness of Bitcoin: every user's payment history is recorded in public view on the block chain, and is thus readily available to anyone. While there are techniques to obfuscate this information, they are problematic and ineffective. Instead, in Zerocash, users may pay one another directly, via payment transactions that reveal neither the origin, destination, or amount of the payment. This is a marked improvement compared to Bitcoin (and similar decentralized digital currencies), where every payment's information is made public for the whole world to see.

Zerocash improves on an earlier protocol, Zerocoin, developed by some of the same authors, both in functionality (Zerocoin only hides a payment's origin, but not its destination or amount) and in efficiency (Zerocash transactions are less than 1KB and take less than 6ms to verify).

How does Zerocash work?

Zerocash extends the protocol and software underlying Bitcoin by adding new, privacy-preserving payments. In doing so it forms a new protocol that, while using some of the same technology and software as Bitcoin, is distinct from it. This new protocol has both anonymous coins, dubbed zerocoins, and non-anonymous ones, which, for purposes of disambiguation, we call basecoins. In contrast to Bitcoin's transactions, payment transactions using the Zerocash protocol do not contain any public information about the payment's origin, destination, or amount; instead, the correctness of the transaction is demonstrated via the use of a zero-knowledge proof. Users can convert from basecoins to zerocoins, send zerocoins to other users, and split or merge zerocoins they own in any way that preserves the total value. Users may also convert zerocoins back into basecoins, though in principle this is not necessary: all transactions can be made in terms of zerocoins.

More information

For more information about Zerocash, see: