Exploring Merkle tree proofs and compressing witnesses for stateless clients

In this special 50th episode, we invite our friend Zooko to the podcast to chat about his background and explore the history of Zerocoin and Zcash. We dig into the inner workings of Zcash, the trusted setup, the sapling upgrade, and what the future of the project might look like!

The Sapling upgrade promises to reduce the proving times of the zk-SNARKs from 37 seconds to 2.3 seconds by replacing the SHA256 hash function with an improved performance Pedersen hash function called Bowe-Hopwood Pedersen, introducing an updated eliptic curve (Groth16/BLS12-381), moving from Libsnark to Bellman, and using a new split circuit design.

We dig deep on this and into what the UTXO model actually is to help us better understand the changes being introduced with Sapling. Hope you enjoy coming on this journey with us!

Links:

• Zerocoin Paper
• Zerocash Paper
• Sapling details
• Radio Lab Episode on The Ceremony
• Balance vs UTXO data models
• Zcash Engineer Ariel explaining Zcash at the Zero Knowledge Summit
• ZEXE Paper
• Love notes on the blockchain
• Howard Wu on Zero Knowledge