Trezor support for Zcash shielded transactions

Description of Problem or Opportunity

Initially, Zcash design excluded the possibility of signing shielded transactions in hardware wallets, since computational and memory resources required for calculating a transaction authorising zk-proof were enormous. In 2018, the Sapling update facilitated this by separating the spending authority from proving authority. This opens a new opportunity for implementing shielded transactions in hardware wallets.

We consider Zcash to be an important player in the cryptocurrencies innovation field, therefore we would like to contribute to mass adoption of shielded transactions by enabling users to store their shielded funds securely on the Trezor hardware wallet.

Proposed Solution

Subject of this grant is Trezor full support for Zcash Orchard (ZIP-224) shielded transactions. This includes necessary additions to Trezor firmware, Trezor Suite app and Trezor Connect API, which facilitates further integration with third-party wallets.

Solution Format

New code added to Trezor firmware, Trezor Suite and Trezor Connect via GitHub Pull Requests.

Technical Approach

From the beginning of 2021, Zcash has been working on the Orchard update, which brings a new transaction format, address unification, and other features. Simultaneously, it will require a creation of a new privacy pool, where users will migrate their funds after the Orchard activation at the end of 2021. After this pool transfusion, Sapling will become obsolete, which pushes the Orchard into the center of our interest.

We will follow the design in ZIP305. The spending key never leaves the device, proof authorizing and full viewing are sent to the computer to delegate computationally demanding tasks such as zk-proof authorization and blockchain scanning.

We will make use of the open source Rust code from zcash/librustzcash and zcash/orchard repositories. Since we already use Rust in the Trezor firmware codebase, integration of this new code should be straightforward. All firmware source code and unit tests will be available under GPLv3 licence. The new Zcash code for Suite and the Connect API will be written in TypeScript and will be available under MIT licence.

Trezor Firmware

The Zcash component of the Trezor firmware will be extended to fully support Zcash Orchard shielded transactions. (Transparent addresses are already supported). The code will be designed for Trezor Model T. Support for Trezor One will be achieved (unless there are unforeseen blockers found) by SatoshiLabs porting Trezor Model T firmware to Trezor One and is not part of this grant. Unlike Zondax’s Zcash Ledger app, shielded addresses will be derived according to ZIP32 (Orchard version) to maintain compatibility with other ZIP32-based third party wallets.

Trezor Connect API

Connect API will enable third party Zcash wallets to perform all necessary operations such as getting a shielded address and signing a shielded transaction.

Trezor Suite

We will implement Zcash shielded transactions into the Trezor Suite, the official Trezor desktop wallet. This step requires implementation of blockchain scanning, transaction zk-proof authorisation and communication with a Zcash full node.

How big of a problem would it be to not solve this problem?

Trezor users can not use Zcash shielded transactions with Trezor and will use other supported privacy-focused cryptocurrency such as Monero.

Execution risks

Since the Orchard update is still in progress and the roadmap is not set in stone yet, the whole project could be delayed by waiting for certain Orchard components and documentation. Further, we may discover new bugs in the Orchard crate while working with it.

Unintended Consequences Downsides

Zcash network is evolving, this will require an extra effort maintaining the newly added code in the Trezor firmware.

Evaluation plan

At the end of this project a user can receive, store, spend and manage their shielded and transparent Zcash funds using the Trezor and the Suite. Third parties can integrate Trezor’s Zcash transactions into their wallets using the API.

For evaluated goals, see milestones.

Budget and Payout Timeline

We propose a rate of $10,000 USD per 1 month of work as a framework. There are 13 months of work which means $130,000 USD in total.

For payout timeline, see milestones.

Applicant background

SatoshiLabs: Inventors of Trezor, the first hardware wallet. Creators of many standards used across the whole cryptocurrency industry.

Tomas Krnak: Fascination with the concept of shielded transactions was one of the reasons why I decided to study cryptography. My enthusiasm has not faded. Four years and thousand pages about zk-proofs later, I’m finishing my master degree in cryptography at the Charles University and I am glad that I will have the opportunity to fully utilise my theoretical knowledge and coding skills to realise this project.

Tipping

Tips Received
???  
ZEC

Campaign

Started
4 months ago
Funding
$130,000 
Funded through  Zomg logo
1
M1
2
M2
3
M3
4
M4
5
M5

M1

Estimate: July 2021
Reward: $10,400
• Basic project structure • Pallas curve and other primitives implementation • Unit tests of these primitives

Payment Request

The team may request a payout for this milestone at any time.