As the first and only fair-launched end-to-end encrypted ledger with a strong cypherpunk social layer, Zcash is perhaps the only real solution to the surveillance risks facing Bitcoin.
People are just starting to wake up to the necessity and urgency of a private store of value. Some people still think of Bitcoin in this way, but due to its transparent architecture, Bitcoin cannot be that. It cannot protect the collective from AI and surveillance being abused at scale. Zcash, however, already does.
Recent events across the world have meaningfully updated my priors with respect to the likelihood of nationwide capital controls being enforced over the next decade.
This trend no longer seems limited to countries like China and Russia. Fiat currencies (including USD) are almost all destined to significantly depreciate from here relative to hard assets. The UK is already wrestling with the possibility of full-blown dystopia. Europe feels like it’s on a similar track. And America’s social fabric feels like it’s barely hanging on by a thread.
AI in combination with the existing surveillance apparatus will soon make it trivial for those in power to know about all your unencrypted onchain holdings across all ecosystems. And trivial to see where and when you send them out.
I think it’s naive to think that such powers won’t be used to target Bitcoin and transparent crypto holders (even those that do not rely on off-ramps) in order to neuter both legitimate social protests and to prevent capital flight. The difficulty lies in trying to predict which countries will resort to this and which won’t. Unfortunately, the complexity of the system means it’s simply not possible to predict precisely where the chips will fall here with a high degree of confidence.
How does Zcash help? If you hold at least some of your funds in the Zcash shielded pool, even the most powerful AI can’t see or deduce what you have. Once those funds have sat in the shielded pool for long enough, you can move them around without traceability (provided you use a mixnet like @nym for routing).
Zcash turns 9 next month and has stayed true to its original vision since the beginning. Amidst the seemingly ever-increasing pressure to chase the next meta, I think it’s worth remembering that sometimes it can take a decade for the market to even begin to realize the value of a unique company.
I think the same can be said for protocols. And in the current historical moment we are living through, I believe Zcash has a good chance of being one of them.
It feels like Zcash is at a social tipping point.
Apart from the fundamentals improving drastically over the last year (from a UX, organizational, and shielded pool adoption front), it feels like there’s finally a meaningful vibe shift underway (fuelled by a new crop of younger holders like @Mert_ and @arjunkhemani).
My simple left curve thesis here is that the importance of privacy is up only over the next decade and Zcash is the most lindy privacy protocol, with a social layer that’s as cypherpunk as it gets, and a very simple narrative (surveillance dystopia insurance) which i feel is just starting to resonate culturally.
The UX flow from shielded ZEC (Zcash’s native currency) to private USDC payments on @payy_link via @zashi_app is very smooth today and will only improve – I honestly think this will become my main crypto use case over the next months.
I also think ZEC probably gets more mindshare and flows as more OGs become jaded with the nonstop ponzi scheme metas, VC dumps, and quickening institutional takeover of this space.
At time of writing, ZEC is still down ≈22.5% from it’s dec 9 high, while the Orchard pool privacy set has increased by 4x since then (it now contains almost 20% of all ZEC in existence).
(ZEC is also still ≈72% down from it’s last cycle high of ≈$320 – a time when the fundamentals and regulatory climate were significantly worse and ZEC inflation was 3x higher than it is today).
The founder’s belief and persistence is unshakeable (@zooko). The ECC (one of the three main contributing organizations) feels like it has the right leader in @jswihart, and the presence of @shieldedlabs (an independently funded organization based out of Switzerland) ensures there isn’t a single point of failure (from a contributor / jurisdictional / funding point-of-view).
Macro trends
AI powered surveillance, chilling effects, the weaponization of the rule of law, nationwide capital controls, and the confiscation of assets for political reasons are all trends that I unfortunately expect to get meaningfully worse during the next decade.
if your assets can be frozen because you once met someone who had lunch with the brother-in-law of a banker connected to Putin, why take the risk of holding dollars (or Euros since the U.S. bullied Europe into following suit)
Notably, this problem extends past the currencies in question. It also applies to the real-world assets (real-estate, gold, shares… etc) and cryptocurrencies that are held within those countries or jurisdictionally dependent on them.
These trends are all tailwinds for a fully encrypted store of value like ZEC.
Privacy comes from funds at rest, not from value in flight.
There’s simply no way to get strong privacy in the digital realm just at the moment of spend.
The reason why this is the case is subtle but important.
It’s very hard to avoid information leakage when you’re shielding with a predetermined intention to spend.
So you need to assume that your behaviour under such scenarios will leak some information that a powerful AI could link back to you in some way you haven’t considered.
This is because the information leaked by where you held your funds, plus the information leaked by where your funds ended up, adds up to enough to dox you, even if the spending tech leaks no additional information.
Put another way humans are pattern-emitting creatures and AIs are pattern-seeing creatures. and it’s hard to intentionally change which patterns of information your actions emit.
So the only effective way to ensure you have strong privacy is to make sure you only spend from longer term funds that have been shielded for a certain amount of time (preferably weeks).
There are, notably, two important consequences from this insight:
One of Zcash’s core advantages is that targeted censorship is effectively impossible if you use it the right way.
Thanks to base layer e2e encryption, the targeted censorship attack vectors against a shielded ZEC user are quite different to those against a bitcoin/ethereum/solana user.
Modulo app control, the attack surface that is important to hit a ZEC holder with targeted censorship is largely about network-level tracing (which requires a mixnet like @nym to properly defend against).
As long as you’re using a good mixnet Zcash’s encryption renders the full nodes, miners, and stakers mostly irrelevant to that sort of attack.
Mass censorship of the shielded pool is unlikely because all mining proceeds are paid out through shielded transactions.
So if miners prohibit shielded transactions generally, they receive no revenue from the consensus protocol.
L2s
I think well-constructed L2s will find demand for composable private applications. But I don’t think they can replace or obsolete Zcash. As long as Ethereum base layer transactions aren’t e2e encrypted, some metadata leakage is unavoidable, even when using an encrypted L2 (especially at the L1-rollup boundary).
Even assuming the platonic ideal of a fully trustless encrypted rollup that doesn’t yet exist, there are gas linkages and timing leakages that occur through batching / data availability cadence.
You should expect that this sort of metadata leakage (coupled with other information) will be enough for a powerful actor to de-anonymize you at some point in the future.
You need base layer private DA, a private mempool, and uniform or shielded fees to get close to the ≈0 information leakage of ZEC shielded-shielded transfers, but even then you have more leakage if batch timing/size depends on real demand.
You also inherently add a social layer dependency on the L1. Is that social layer willing to die on the hill of e2e encryption, or can it be pressured to compromise on this in some way?
Privacy Pools
There’s a sense in which the association sets underlying the design means your privacy is dependent on what others choose to share – which i think is an inherently a very dangerous and fragile privacy assumption to make in a world where those in power are increasingly resorting to lawfare to shape coerce and shape citizen behavior.
To quote from the Privacy Pools whitepaper:
Another scenario arises in the context of investigations of a specific event… the other members may want to prove exclusion from that event to prove their innocence, and the perpetrator’s identity would be revealed
So there’s a strong sense in which the privacy model allows for targeted censorship via chilling effects (and we should expect these effects to become more common).
When Zooko first dug into the design and debated Vitalik on it he had primary objections:
There are, of course, branches of government that want to ban every form of money that they cannot monitor and control, but they do not have that authority (at least not in the US).
Among other government agencies, regulators, and actual law-makers, there are a substantial number of them who actually believe the opposite principle: that privacy that protects American citizens should actually be required by the law.
This is how things have played out in the past. For instance, part of the government (led by NSA and FBI) tried to ban encryption from the Internet, but eventually the government mandated encryption (e.g. HTTPS) in order to protect citizens and government.
What are the learnings to take from Zcash here?
At a minimum you need real decentralization of power and jurisdictional resilience. Which means contributors working either completely independently or for independent teams across different jurisdictions, and a balance of power between those teams – in Zcash’s case there are three main contributing teams: the Electic Coin Company (a wholly owned subsidiary of The Bootstrap Org., Inc., which is a 501©(3) nonprofit), The Zcash foundation (a U.S. 501©(3) public charity), and Shielded labs (Swiss-based, donation-funded org) + contributors like Sean Bowe (@ebfull) that work completely solo.
I think you probably also need very good government and institutional relations to ensure that you are communicating all of this clearly. Which is also something Zcash excels at.
Why ZEC over XMR?
There are five principle reasons here:
The importance of the social layer
While the above points primarily address the technological advantages, it feels like almost everyone who understands the technology is overindexing on the technology vs the values and resilience of the social layer that uphold it.
You can’t fork or vampire attack the strength of the values of a core social layer that’s gone through hell and back.
If those values are upholding a technical property of the system (e.g 21M, e2e encryption) that humanity finds — or will find — useful, then the underlying token will probably be valuable long term.
I think this is ultimately the only long term moat in a quickly changing and highly competitive open source and borderless world (what we call crypto).
I don’t think you can find the same sort of long term asymmetry here by focusing on revenue multiples unless you’re ultimately relying on regulatory/jurisdictional arbitrage (the recent CEX vs perp DEX wars offer some early evidence of this).
While the Bitcoin social layer can be trusted to uphold the 21M cap at all costs. It simply does not have the same muscle when it comes to privacy. Out of all the projects in existence, Zcash has the only social layer today that I feel has what it takes to uphold the technical property of e2e encryption under significant external pressure.
Memetic potential
ZEC is one of the few genuinely useful coins that has effectively unlimited memetic potential.
From Satoshi linking to Zooko’s blog to Snowden participating in the first ceremony under the pseudonym John Dobbertin. The lore is simply insane.
The protocol’s name is inextricably tied to the value and importance of privacy in crypto. When people think privacy, they think Zcash.
As I’ve alluded to above, I think digital SOV’s are primarily a memetic challenge.
With the caveat that the technical properties underlying them need to enable something that humanity finds useful or necessary over an extended period of time.
You also need a social layer that’s willing to defend the key property of the SOV at all costs. In Bitcoin’s case that’s the 21M hard cap. In Zcash’s case that’s e2e encryption.
For what it’s worth, the memetic importance is something that Satoshi intuitively grasped. It’s a mistake to think of utility and memetics as orthogonal here, they are very much complementary.
In sum
People love to FUD the long term ZEC price graph, but what they miss is that ZEC launched with no premine or ICO.
So the circulating supply at the moment of launch was effectively 0%.
Early rewards were deliberately tiny due to a slow-start mining design – they ramped up linearly to 12.5 ZEC by block 20,000 (i.e. ~34 days in).
Some people paid a great deal for those initial ZEC in part for historical/provenance reasons, and in part because they were extremely excited. if supply is very low, and demand is relatively higher, then you have a price squeeze.
If you look closely at the market cap graph instead (price x circulating supply), you’ll see that each cycle so far has led to a higher peak market cap than the previous one (≈ $2.5bn in 2017/18 and ≈$3.5bn in 2021/2022).
Zcash’s market cap at time of writing is ≈$0.9bn (in other words ≈4x less than it’s previous cycle high).
The inflation schedule (mirrored after Bitcoin) has also acted as a real head wind so far. But those winds have now calmed and the weather is only going to get better from here. In Frank Braun’s words:
Zcash is about two halving cycles behind Bitcoin. While inflation in Bitcoin became very low (sub 1%) after 4 halvings, inflation in Zcash just became manageable after the second halving, which pushed it down from an annual inflation of ~12.5% to ~4.2% and that occurred less than a year ago in November 2024. This might serve as a catalyst for Zcash in the current bull market, given that the effects of halvings usually lag behind by a year to 18 months. The next halving will make the inflation rate good, comparable to gold and the target inflation rate of most central banks, namely ~2%.And after the fourth halving the inflation rate will be a very good sub ~1%.Bitcoin had the first mover advantage which allowed it a very slow price discovery in its first years after genesis. Zcash was launched in a market that was already quite speculative, but with the same coin issue schedule and no premine, which meant that the initial price was very high (due to very limited circulating supply in the beginning) and then was hit with 4 years of very high inflation, which lead to constant sell pressure, and makes the price chart look terrible if one doesn’t take these factors into account. But from a today’s perspective that’s another argument for this asymmetric bet.
Best estimates for Signal’s MAU put it at around 2-3% of Whatsapp’s MAU but Signal’s (estimated) compound annual growth rate is much higher (20–36% vs Whatsapp’s 8.4%).
This shows there is an important set of users that value full encryption of their messages with minimal metadata leakage (and that this set is growing fast).
Extrapolating these growth rates under a reasonable range of assumptions leads to signal attaining somewhere between 5-8% of Whatsapp’s size in 10 years time.
Interestingly, this sort of relative market share and growth rate vs market leader seems to hold across most services where privacy is a concern (e.g best estimates show that Brave has a ≈2% market share of the browser market vs Chrome’s ≈69.2% but a much higher user growth rate – 35%+ vs low single digits).
I think we’ll see a similar trend start to play out for e2e encrypted value over the coming decade as surveillance + ai keep ramping up and capital controls and targeted censorship of crypto holders become more likely (the growth rate of ZEC’s shielded pool over the last 12 months offers some evidence that this trend has already started).
If you agree with this, then it’s reasonable to expect that the TAM for a fully encrypted SOV will eventually reach ≈5% of the TAM of the more transparent market leader (in this case Bitcoin).
If you believe one BTC could one day be worth $1M, then that leaves you with a price estimate of $50k per ZEC (5% of $1M).
As a sanity check, $50k per ZEC would give ZEC a trillion dollar market cap, which is ≈1/10th of the value of all undeclared/hidden offshore wealth today. This does not, per se, sound implausible, especially if you expect more of this wealth to become digital in nature over time.
Looking out two or three decades there are possible futures – for which no reliable probability can be assigned – in which 1 ZEC ends up being more valuable than 1 BTC.
For instance, if we end up living in a world where there are more people who feel compelled to use something like Signal instead of something like Whatsapp then that’s probably the sort of world in which something like ZEC is potentially more valuable than something like BTC.
Wherever you land on this though, I think it’s hard to argue that it isn’t a smart hedge at this stage to put ≈1% of your BTC/ETH/SOL stack into shielded ZEC.
If Zcash fails losing that 1% won’t change your life. But if it succeeds that 1% could end up being more valuable than the entirety of your crypto holdings (not to mention an insurance policy against the rest being confiscated).
This essay is focused on making the case for a small allocation to ZEC and therefore focuses on the possible financial gain to be had if Zcash succeeds. But if Zcash does for the internet what the Bill of Rights did for America, the prospect of unprecedented economic and collective freedom is far more exciting than any possible financial gain.
At no point have governments been more effectively intrusive, thanks to technology… Today’s governments have far more reach, and this is proving to be unstoppable. A limited government conservative today is dreaming of what a centralizer was hoping only a few decades ago.
Both encrypted messages (Signal) and encrypted assets (Zcash) are necessary to slow down the trend here. In the best case they’ll help reverse it.
To paraphrase @snowden: a lot of people today are confused about privacy; they think of privacy as an individual right: but privacy is a collective right that derives from the individual right.
One of the common attacks against privacy, which comes straight out of the Nazi playbook, is to build a web of laws, administrative hurdles, and everyday routines that make self-disclosure the default.
When you turn this sort of disclosure into a condition for ordinary life, you are able to separate the collective into groups, and to analyze and assess those groups individually: Do they have a religion that we don’t approve of? Do they have a race that we don’t approve of? Do they have associations that we don’t approve of? Do they have assets that we think should be confiscated?
From there, you have the foundations that enable you (or a future more malicious power) to act against those groups, separately from the collective.
The only way this can happen though is if people are persuaded that max disclosure is a normal condition to participating in everyday life.
To hold ZEC is to take a stance against this extremely short-sighted and dangerous philosophy that is starting to take root across the world (a philosophy that was responsible for millions of deaths only a century ago without the scalability advantages that technology currently enables). It’s to believe in the possibility of a world in which disclosure is consensual. A world in which the individual exists on an equal level to the State rather than being subservient to it. A world in which these sorts of atrocities and power asymmetries are no longer possible.