Zcash Arborist Call Summary #97
Research and Development Updates - 20/03/2025
The Zcash Arborist Calls are bi-weekly protocol development meetings focused on tracking upcoming protocol deployment logistics, consensus node implementation issues, and protocol research.
Key points: ShieldedLabs Crosslink Hybrid PoW/PoS, Network Sustainability Mechanism, ElectricCoinCo new crate releases.
This summary focuses on the last call that took place on 03/20/2025
During this meeting ZcashFoundation devs were on their way to attend the zcash dev summit in Sofia.
We began with updates on ShieldedLabs Crosslink Deployment:
The First Milestone in the roadmap is complete!
Shielded Labs have modified Zebra, Zaino & the Zcash dev tool to work together. They have also started designing new RPC interfaces related to finality.
The result is a demo that uses a light client to do something akin to regtest mode operation.
It instructs the Zebra node change arbitrarily its concept of finality.
ShieldedLabs are also working on Network Sustainability Mechanism PRs against Zebra - creating the new transaction format, and ZIP 233.
https://t.co/74qAAakYQA
They are split into two PRs with one making the transaction format change.
The next goal is Milestone 2, Disconnected BFT.
It adds an RPC pathway from clients to Zebra.
The aim is to integrate Malachite SDK, a Rust implementation of Tendermint.
It will not modify any of the proof of work consensus, blocks or transactions.
The BFT component will be able to communicate with other BFT components of nodes in a network to arrive at consensus on the order of the proof of work blocks (read-only).
This will achieve ‘‘mainnet shadowing mode’’.
ShieldedLabs noting it will allow anyone interested to run the milestone 2 prototype and connect it to Zcash mainnet!
Target date is June 1st
Over the past few weeks Str4d has been integratin Zaino with Zallet.
@ElectricCoinCo now working on Zallet using Zaino as a library.
They have discovered next pieces needed to move forward. Str4d is in the process of making issues in the Zaino repo.
ECC is also making new crate releases available for zcash keys, zcash client backend & zcash client sqlite as well as the ECC mobile SDKs.
These add transparent gap limit handling to the next release of zashi_app.
The way Bitcoin - derived wallets handle address rotation means that for transparent addresses in recovery you need to run a process of searching for addresses that might hold funds.
Team also added functionality to zcash client sqlite to fix a bug with potential corruption of note commitment trees.
Other work has been focused toward ZIP specification on future community governance models.
Since the last update further progress has not been possible as PR’s need to be merged.
PR 9300 updates zebra dependencies to use the latest librustzcash, allowing for rebase of the librustzcash PR to the main branch.
https://github.com/ZcashFoundation/zebra/pull/9300
Reviewing ZIP 233 implementation is on hold until after PR 9256 is merged.
It introduces NU7 constraints in a way that aligns with the ZSA work.
Into Open Discussion:
Zcash Community Grants is reviewing a recent proposal to add support for FROST & an integration with Keystone to Zenith, a Full Node wallet for Zebra.
They are hoping to hear from development teams whether they are using or plan to use Zenith + if the work will provide meaningful value to the ecosystem.
Pitmutt10 shared further detail on planned FROST integration to Zenith:
It will be possible to perform the FROST multisig ceremony; intermediary steps for key generation and signatures, without a server - using a decentralized peer to peer and end-to-end encrypted system.
All communication will be routed through Tor using the @cwtch_im protocol. Its already been ported it to Haskell. Their plan is to embed a cwtch nodes into Zenith Wallets.
Feedback from ZcashFoundation team was requested.
Our next topic was improvement of the ZIP process.
The NSM ZIPs created by Shielded Labs took significantly longer than expected, the aim now is to avoid similar issues for the upcoming Crosslink ZIPs
To help improve the efficiency of the process Shielded Labs' 3 recently hired engineers will attend ZIP meetings with the goal of eventually becoming ZIP editors.
Main question raised was there responsibility for ensuring assessment of security and privacy issues in ZIPs.
Shielded Labs did not do a security & privacy consideration section in the 3 NSM ZIPs but they were shared with ZIP editors allowing for review of security concerns.
For some of the current ZIPs, there haven`t been requests for public feedback o an assessment of potential security and privacy risks
One example: ZIP 231 breaks the wallet threat model doc created by @DefuseSec
https://zcash.readthedocs.io/en/latest/rtd_pages/wallet_threat_model.html
Potential solution is for transparent analysis + public discussion focused on the benefits/risks of proposed upgrades.
@Nate_ZEC adding security and privacy analysis should happen early in the implementation process to avoid teams spending resources + effort that may be rejected.
Other ideas are for ZIP abstracts to serve as an executive summary + better distinguish security & privacy rationale from other rationale.
Next steps towards improving ZIP process are for interested parties to propose changes to ZIP - allowing for more concrete discussion.
