zcash zec technology sapling

Sapling Will See The Zcash ZEC Vision Come Alive

ยท 19 Oct 2018 in Analysis

If you have been following ZCash over the past few weeks, you will no doubt have heard of the upcoming Sapling upgrade.

This has been touted as one of most substantial upgrades to the ZCash protocol since its inception. It is slated to increase adoption of the ZCash shielded transactions and hence make the entire ecosystem that much more private.

But how can one update do so much?

In this short post, we will take a closer look at how Sapling will improve the ZCash protocol and ultimately, enhance overall network privacy.

The Privacy Conundrum

You would be forgiven for thinking that ZCash (ZEC) is an entirely private cryptocurrency.

While it is true that Zcash has the functionality to send completely private and untraceable transactions, these are not ubiquitous. In fact, only about 13% of all transactions on the Zcash blockchain are private.

Why is this?

Well, it purely comes down to the fact that these are not mandatory. User’s choose to make use of their “z-address” in order to shield their transactions. Currently, users are rather choosing to send transactions through their transparent t-address.

Difference Between z-address (shielded) and t-address (unshielded). Image source: ZCash.

This does not only impact on their own privacy but it can also have negative impacts on the privacy of those users who choose to the shielded option. This is because these users are now a small subset of the Zcash population and immediately are viewed with suspicion.

Why would users opt out of the shielded address you may ask?

Sending shielded ZCash transactions with the z-address is quite computationally involved. This means that not only does it make the transactions more expensive but it makes them slower and hence more frustrating to use.

This complexity is based on the construction of what are called “zero knowledge proofs” which are used in the ZCash zk-SNARK protocol. zk-SNARKs are essential when it comes to sending a transaction that is 100% private.

So, in essence, if the Zcash developers wanted to increase the efficiency of their private transactions, they needed to refine these zk-SNARKs and make them less computationally burdensome.

That is exactly what the developers have embarked on.

Enter Sapling

Sapling has been in the pipes for over 2 years now and is finally ready to hit the network.

The primary change that is being brought on my Sapling is the introduction of new shielded addresses. These will be called “Sapling z-address” and they will start with “zs”. These will be slightly shorter in length than the current address type (zc).

However, the main benefits behind this address are not how they look but how they work.

Post Sapling, there will be changes in the way that the zk-SNARKs will be constructed and the zero-knowledge proofs are carried out. They will be magnitudes more efficient to construct and they will take mere seconds to complete.

For example, below is an image from the ZCash blog. On the left is the current statistics for shielded addresses. On the right are the projected stats post Sapling.

Comparison of Transaction computation, Sprout vs. Sapling. Image source: Zcash Blog.

Clearly, with these improvements in efficiency, it makes more sense to use the private transaction as an individual user. However, that is just scratching the surface. There are a number of other implications that come with this transaction efficiency.

Mobile Wallets, Exchanges, and Merchants

Reducing the computational complexity of a shielded transaction means a lot more than a merely a faster transaction for you. It also increases the number of devices that you can use to send transactions. For the first time, it could be possible to send fully shielded transactions from a mobile device.

It also reduces the cost of the transaction. This is greatly beneficial to large users of these addresses including those offered by exchanges. They will have more incentive to offer fully private transactions as these are now cheaper than they used to be.

Of course, the exchanges are just the tip of the iceberg.

You also have the chance that a large number of cryptocurreny merchants will now start accepting ZCash shielded transactions. This could be a more cost-effective option for them than using Monero and their ring signature technology.

Sapling Shielded Transaction on the Testnet. Image source: Zcash Blog.

This could further spur adoption on the user side. If you happen to see a merchant saying that they accept a private transaction to their z-address then you are more likely to use ZEC the next time you want to make a private transaction.

So, in essence, adoption of ZEC and private transactions is being driven from many angles and is being positively reinforced.

Secure Shielded Address Storage

There is another important update that is coming with Sapling and that is the manner in which ZCash private keys are handled. Essentially, Sapling will allow for the spending key to be kept in a secure and separate environment from where the actual “proving” is taking place.

In other words, you can keep your private spending key on a separate device, use it to generate your proving key which will then be sent to another device to do the proving. This is something you cannot do currently as the spending key has to be on the same device that is doing the proving.

This opens up a whole host of storage options with shielded transaction compatibility.

For example, it will eventually be possible to store your ZEC on a hardware wallet and then send it out as a shielded transaction in a completely safe and secure manner.

Similarly, exchanges can store their spending key in cold storage while doing proving of the transactions in a completely separate environment. For example, they can keep the spending key in cold storage and transfer the proving key to cloud computing environment which “outsources” the computationally heavy proving.

So, all in all, Sapling will not only make sending private transactions cheaper and faster, but it will also make it safer.


Given that this is a change in protocol, it will go live as a fork of the ZCash chain. This will occur at block 419,200.

This is an important time for the ZCash community. It is the largest update to date and there is a great deal that seems to be riding on it. Developers have spent over two years refining their math and honing the protocol.

If all goes according to plan, sapling could have massive implications not just for ZCash but for the entire privacy coin landscape. It could drive the shielded transaction percentage upwards and even bring over previously skeptical users from other privacy coins.

Sapling is expected to go live on about the 28th of October. Mark your calendars. And if you’re interested in learning more about Zcash, you can read our ZCash ZEC Price Prediction 2018 article here.


Nic is an ex Investment Banker and founder of the Coin Bureau. He has worked on numerous online businesses and is passionate about cryptocurrencies and decentralised technology. You will either find him a behind a collection of screens while trading Bitcoin, or in the basement maintaining his mining rigs.

The Bear Market Report
Our Bear Market guide not only helps you survive this crypto winter, but also guides you through the foundation you'll need to thrive in the next bull run.