CoinGecko Podcast - Bitcoin & Cryptocurrency Insights

Reuben Yap, Project Steward of Zcoin Talks About Blockchain Governance - Ep. 5

February 25, 2020 Bobby Ong Season 1 Episode 5
CoinGecko Podcast - Bitcoin & Cryptocurrency Insights
Reuben Yap, Project Steward of Zcoin Talks About Blockchain Governance - Ep. 5
Show Notes Transcript

In this episode, Bobby Ong, co-founder of CoinGecko is joined by Reuben Yap, Project Steward of Zcoin. Bobby Interviewed Reuben about Zcoin and its voting mechanism, the future of Lelantus, as well as some of his thoughts and plans for what lies ahead of Zcoin.

[00:00:02] Intro
[00:01:36] Background on Reuben Yap
[00:06:39] Background on Zcoin
[00:09:40] Operation of Zcoin Foundation
[00:12:16] Change in development reward
[00:21:15] How does Zcoin handle governance?
[00:29:24] How is Lelantus useful?
[00:38:09] Health of Zcoin’s masternodes ecosystem
[00:42:08] Plan to implement privacy for DeFi applications
[00:43:05] Zcoin’s 2020 plan
[00:47:46] Where to follow Zcoin

Quotes from the Episode:

“We have a block reward halving on September 2020 so to maintain that 13,000 Zcoin a month, funding would require a 12% block reward.” [00:13:56]

“Lelantus is set to go live definitely before September, but we are hoping for Q2 release.” [00:33:40]

“I believe that proof of work isn't really good security, especially for a smaller coin because [of] 51% attacks.” [00:40:29]


Zcoin -
CoinGecko -
Zcoin (XZC) on CoinGecko -

Social Media



Bobby Ong:   0:00
Welcome to the CoinGecko podcast. I'm your host Bobby Ong. Each week we will be interviewing someone from the blockchain industry to learn more about this fast moving crypto currency economy. If this is your first time listening, then thanks for coming. The CoinGecko podcast is produced each week to help you stay ahead of the curve. Show notes can be found at I highly encourage you to join our newsletter where we send out top news in the crypto industry every Monday to Friday. Come back often and feel free to add the podcast to your favorite RSS feed or iTunes. You can also follow us on Twitter and Telegram at CoinGecko.

Bobby Ong:   0:00
 Welcome to the CoinGecko Podcast. For today’s episode, we have the honour of welcoming Reuben Yap, Project Steward of Zcoin. Reuben Yap is the Project Steward of Zcoin and has played a pivotal role in shaping Zcoin's strategy and vision. He joined the Zcoin team in October 2016 and currently handles the overall strategy and operational aspects of the project along with being its spokesperson. Reuben has been a vocal advocate of online and financial privacy for over ten years, having founded a leading VPN company ( in 2007 and being the first merchant in Malaysia to accept cryptocurrencies in late 2012. Prior to joining Zcoin, he was a partner at a law firm, specializing in institutional frameworks.

Reuben Yap:   1:22
Hi, welcome. I mean, not welcome but I'm glad to be here.

Bobby Ong:   1:25
Yeah, it's very good to have you on the show. I’ve got a few questions for you. So for the first question, I'm just curious , I wanna know a little bit about your personal story. When do you first hear about Bitcoin and what inspired you to join the Zcoin team?

Reuben Yap:   1:40
You know, as the, I think back in 2007, you know, our Malaysian government was actually like censoring our internet and first it started with simple things like okay, banning pornography sites and then it moved to P2P and then he moved to political, uh, political censorship, right? So it's always a creep of that and in 2007 basically BolehVPN was founded as a way to encrypt a traffic to kind of combat this type of censorship. Now, in 2012, 2013, because after a few of operation, VPN business was actually considered high risks and, and it was seen as like something that could facilitate crime. Why would you want to hide your IP address unless you're doing something shady? Of course this is different now. I mean now you look at it, everyone says like, yeah, it's an essential part of protecting your online identity privacy. But back then when I was cut off from my credit card, accepting credit cards, PayPal was charging me immense fees. They are still charging immense fees like 3.4% and then 2 Ringgit on top of that. And when your ticket size is like 10 Ringgit, that's a lot of money. Now, I was told, Hey, you know, since you are privacy service, why aren't you taking a look at stuff like Bitcoin? You know, I don't want to, what's the point of subscribing to a VPN service when you have all my payment details and identity details. And I just decided, okay, why didn't I check this out? That was like late 2012 and you know, I just started accepting Bitcoin around then and of course I was unfortunately just converting all of them. And then right after that, you know I kinda went down the rabbit hole. I kind of went into mining, you know, all sorts of things, you know, made a little mining farm, a bet with the N.S1, S2, even assembled some of them myself. And I also got involved in a couple of projects like Dash, which was I think one of the first few privacy coins. It was Darkcoin and I was like you know, dabbling a bit in Arrow, but mainly in Dash. 

Reuben Yap:   0:00
So that was kind of like my first foray into the currencies and privacy coins in general. But you know, when 2016 came around, you know, I think there was already a huge boom, and Dash or rather Darkcoin had kind of shifted away from being a privacy coin and more about in the merchant adoption, being digital cash and that's fine. And then it became really focused around the master node element and I was like saying, okay, you know, when I found about about Zcoin they were using a protocol called Zerocoin and it seemed really cool because you know, unlike previous privacy mechanisms which were just mixing and kind of hiding your transactions in the crowd, this was a new cryptographic protocol that could allow people to destroy their coins and then redeem them in the future for brand new ones with no transaction history. I found that really, really exciting. I was still a lawyer, then, so I just kind of like joined just to figure out how, like you know, coin project works and you know, be in the inside of a project. I never knew that that will be where I am today, but that's kind of how I got into Zcoin.

Bobby Ong:   4:59
You used to be known as the COO of Zcoin but now you go with the title of Project Steward. Why the change in title?

Reuben Yap:   5:05
Well, first of all, actually I was in Zcoin as a community manager, right? I was just managing the Telegram chats and things like that. But what happened was I started assuming more and more roles. No one wanted to grant interviews to a community manager. So, uh, you know, it was decided with the PR team then and also with Poramin, our founders, you know, okay maybe we need to give you a better sounding title, and that was a COO, but at the same time it was really weird because we didn't really have a company, we didn't have really have a corporate structure and we, worst of all, we didn't have a CEO,. There was no CEO and yet there was a COO. So it seems rather awkward. And as a privacy coin, you know, decentralization is practically important. And we were trying to think, okay, what is the better way to express my role in the project? Right? Because, uh, I'm not like lead maintainer or lead project lead because I don't know how to code. But at the same time, you know, I'm leading the strategy, I'm leading almost all the aspects coding. So, uh, projects steward kind of like fit into where we see ourselves, which is kind of like, you know, helping this privacy project off its legs, you know. Jump started, looking after it to the point where it becomes a more decentralized project, more like kind of more like on the lines of Bitcoin and stuff like that, where it's not dependent on a single team. So I feel like steward which is like looking after the project was a much better title to highlight my role.

Bobby Ong:   6:36
And how big is the Zcoin team now?

Reuben Yap:   6:40
We have around like 15 people. Uh, I think most of them are full time because we have a lot of outside contributors, I think like, maybe like 10 or 15 outside contributors as well. Uh, so, so relatively lean team, but we've also achieved a lot. Don't have an office, so we're all distributed all around the world. So I think it's pretty cool that you know, this, uh, in this day and age we can work on private magic internet money from all around the world without a legal structure. Yeah.

Bobby Ong:   7:11
Let's dive a bit into Zcoin. So can you explain to us in your simplest, most nontechnical manner, what is the Zcoin and how is it different from dozens of other privacy coins out there?

Reuben Yap:   7:24
Right. So obviously Zcoin is a privacy coin and what that means is that we put on the blockchain, you know, everything is permanently recorded. The links and who you transact with, the amounts, everything is fully recorded permanently for everybody to see, not just like selected people. And that's an issue with blockchain in general. Zcoin tackles this type of problems by you know, as previously mentioned, allowing people to destroy their coins and you know, basically breaking the links of the transactions because when you redeem them, they appear as brand new, almost like freshly mined coins. So that means there's no previous transaction history. The source is totally hidden and we achieved this using something called zero-knowledge-proof and in particular a zero-knowledge-proof called one-of-many proofs. So it is not a [inaudible] or things like that. How we are different than other privacy coins is like, for example like Monero, Grin, you know, they are all about hiding in the crowd building like decoy transactions around it or grouping together everyone who wants to transact with together so that you kind of hiding the link or rather like hiding it in the crowd of people. While with our approach is more about like completely destroying the link. You're not just hiding the link because you're destroying the coins and then making them reappears, like teleportation. Now Zcash also has like a similar type of, like sort of structure as well, except that the cryptography that he used is a rather controversial. It's quite experimental and it's also incredibly complex, which sounds fine, but the problem is that it kind of leads to like security through obscurity because so few people in this world really understand it. So they're really dependent on the ECC and Zcash foundation to continue pushing the technology forward. And we think that' a problem if you want to be a decentralized project. We have the utmost respect of what Monero, what Grin or Beam and even Zcash is doing, but we feel that we want to cut the balance between very high anonymity while at the same time keeping the technology and the cryptographic primitive, simple and easy to understand without taking any sort of risks. So yeah, that's kind of Zcoin in a nutshell.

Bobby Ong:   9:38
And you're employed by the Zcoin foundation. Is this a company or is it nonprofit foundation? Where is it located and how does the foundation fund its operation?

Reuben Yap:   9:47
Right. Oh, that's a good question. We do have an entity in Singapore, which is like the Zcoin foundation, but it actually, it's almost has nothing in it. It doesn't have a bank account, it doesn't have really much of anything in it. The only thing that we use it for is basically to sign agreements, like exchange listings or to get the software signing certificates. And that's kind of how we use it currently. Now, the actual like you know, whether I'm employed or not currently we receive a development reward, which is like 6% of the block reward goes towards development wallet and that is distributed, you know basically among all the people that are currently engaged with the Zcoin project. Now, this is ending in September 2020 so this is quite soon. There are some talks as to how to continue this funding, whether we should go completely decentralized or should we extend it for another one or two years. Seems to be right now, the current ideas to extend it for another one or two years and maybe have a certain portion of it reserved for like grants and CCS items, which I guess we can talk a bit later but now, we don't want to be too reliant on the development reward because although it's good to have like a core team that's fully funded all the time and in a way it's also good because you know that we have no ulterior motives because we don't receive all the money up front. We are funded directly from the blockchain. Our interest are aligned with the success of the project. And unlike, let's say, even Bitcoin, you know, it's like all this companies, they're funded by outsiders and you have the kind of thing, okay, what's the incentive there to fund that? Here it's really clear what the incentive is. So there's alignment of interests and I think the problem with this kind of, uh, like in the dev reward funding is that it's a real form of centralization that we are seeking to mitigate through alternative funding mechanisms such as the Zcoin crowdfunding system, which we basically took the idea from Monero CCS, which is a community crowd funding system. So the idea of the CCS is besides you know, centrally funded things that we decide, the community can also like weigh in on ideas and fund initiatives that they feel that are important for the Zcoin ecosystem. And I do think funding is one big part of greater discussion about governance and decentralized project.

Bobby Ong:   12:13
Yeah, most definitely. So at the moment, the foundation gets 6% of all coinbase rewards in today's development reward fund right? I read that there is some sort of a change to this developer reward. And maybe can you share a little bit about it?

Reuben Yap:   12:31
Sure. So right now there's nothing that has been decided. So currently 6% of the block reward kind of translates to about 13,000 Zcoin a month. And of course, you know, uh, during the really, like the bottom of the bear, it isn't a lot of money to fund a team of 15 people that includes like cryptographers, you know, high level programmers, it's not a lot of money to go by and did a quick comparison. We're probably spending like five or six times less than than many, many other projects, which even have lower market caps than ourselves. Now we are like, you know, kind of caking like community sentiment. We're having like regular community meetings to discuss this. We have an ongoing forum discussion on it available. So you know, discussing it on our community channels and Telegram. And right now it seems that people are comfortable with us and rather than shaking the boat and kind of like introducing kind of untested on chain governance systems, to perhaps extending for another one or two years, which means that we don't get like too long for mandate. At the same time, we have enough time to execute the vision of the project. And currently that seems to be about, for the development reward, that is kind of looking at anything between 10 to 15% of the block reward. And that's actually, although it sounds like a higher percentage is actually less than what we're getting now because we have a block reward halving on September 2020 so to maintain that 13,000 Zcoin a month funding would require a 12% block reward. So anything between 10 to 12% would be the same, similar type of funding and anything more is a bonus. 

Reuben Yap:   0:00
But yeah, that's kind of how it's trending towards to and hopefully in the next two years, you know, maybe the CCS picks up a lot and we can completely rely on that. Or we introduce some other decentralized governance type of system, and it is, it's very difficult to do this without kind of devolving into what we call a plutocracy, you know, basically only the big whales say what happens. Uh, and we also have issues because in privacy coins you don't want to reveal identity. So how do you, determine like, they are all sock puppets. So whether this votes is like one person or this was like a hundred people. So I think it's a very challenging thing to think about and hopefully in the next one or two years we have a better idea and can see how other projects governance systems are working out.

Bobby Ong:   15:04
So what do you think about the Dash reward? Recently the Zcash foundation made a change going forward in the November 2020, like the developer rewards will be distributed to electric coin company, Zcash foundation and a portion of which will be distributed to third party developers, individual developers who want to work on the Zcash foundation. Do you think, I thought it was a pretty interesting idea because there is no one single party where all the funds will be channeled to. It help with the centralization. What are your thoughts about that? And also additionally what are your thoughts about Bitcoin Cash and 12.5% mining tax. I think that's kind of a fact at this point in time but want to hear your thoughts about how these coins are looking to fund this operation and development?

Reuben Yap:   15:47
Yeah, actually for what Zcash is, I mean like you had to remember Zcash is VC funded. Uh, and it's not as much as like a community coins such as like Dogecoin or even Monero for that matter. And I do feel that what they have done is trying to, like although it's centralized, but they have kind of spread out the power among the ECC, the Zcash foundation and the community. Right. And actually like in the early years or even in the first four years, the electric coin company has almost too much power because they had all the engineers, they had all the scientists and everything's there. So the problem is that if that's the case, you know, how can you remove them? 

Reuben Yap:   0:00
You can't remove them because there's no one else that can possibly work on it. And that's why if you take a look at what the Zcash foundation is trying to do is they started hiring their own cryptographers, their own separate like client development team, I think it's called Zebra or something like that. So I think that's really a move in the right direction. And to also like have a very big proportion towards grants and stuff like that. I think it's a really interesting idea. Of course de-centralization purists would say, well you know it's still centralized and I still think that because of the nature of Zcash technology which is so complex, it is very hard to achieve like full decentralization. Right. And actually if you think about it I don't even know maybe of a single project where you can say yes, completely decentralized and Bitcoin has been cited, Ethereum has been cited. 

Reuben Yap:   0:00
But I don't think people know like it is not as de-centralized as people think it is. So I do think that the Zcash, the, the way that they come about it is quite realistic and I do think they are genuinely trying to bridge power. I don't think it's a complete solution and the it's still strikes off as very heavy centralization towards the ECC and the foundation. I think for the moment, you know, for the next two or four years perhaps that's the best that they can achieve right now. As for the Bitcoin Cash type of thing, you know, I think it was like, if I understand it correctly, it's like pools that are enforcing this like 12.5% block rewards that goes towards them. It's not like, yeah, they were kind of often any blocks that do not form that. I do think that the idea of it is not wrong in the saying that yes, a part of the block reward should be used to fund development. 

Reuben Yap:   0:00
I know that a lot of people don't think that this is a, like a form of centralization, but I do you think that having a part of the block reward was actually preferable? We talked about the alignment of interests. Now if you take a look Monero, right? I mean those who know like what's happening within the Monero CCS. Yes. They don't have any block reward. No, no kind of like centralized funding mechanism, but it is very, very dependent on early Monero whales,early contributors. They've made a lot of money from the past bull run. And they are continuing you know, ten thousand, eleven thousand dollars isn't a lot of money and it makes sense for me to contribute to protect my investment in this currency. Whether that's actually sustainable in the longterm is a separate question altogether and take a look at Bitcoin and Blockstream is funded by [inaudible]. Blockstream, I don't think it's making a lot of money and seems to be embarking on stuff like Liquid sidechain. I mean there's a bit of a idea of like, well, whose interests are they actually working for? Now the problem with Bitcoin Cash proposal, is not exactly because of the block reward but it's because it is the miner's almost unilaterally deciding that, I mean, I guess Bitcoin Cash could be seen as like a miner created coin. 

Reuben Yap:   0:00
I mean, some people say that, uh, and having setting a precedent that mining pools can collude with each other and introduced almost like brews of themselves. Okay. Well if that's the case, then why don't you just go through like a proof-of-stake or like fix, validator model, right. Don't really have like very strong opinions of that. I do think it's an interesting experiment and I think it's worthwhile, like looking at it, but I do think it places too much emphasis on the mining pools and it's such a kind of dangerous precedent as to the direction of Bitcoin cash mining and stuff like that. Let's say EOS, where you know, the validators have so much say and here you are having the mining's pools with huge proportion of say. So, especially if the ASICs dominated coin. That seems to be very against the whole community ethos. Yeah. Those are my thoughts on that.

Bobby Ong:   16:47
Yeah. I mean I think, I think I echo your sentiments. I think the Bitcoin Cash community did big mess up. The mining pool I would say, the four guys, they basically go out and say that, look, we're going to implement 12.5% tax, you are either in it or you're out of it because we're going to [inaudible]. Not a very nice thing to say there. So I think they had a big communication issue. It wasn't a proposal [inaudible]. This is the thing that we will do, you are either with us or you are out, which I think is not a very nice thing for them to do. So I'm glad that Roger put up a plan so let's see how things go but, I mean, you brought up a very good point just now. So say there's a new proposal, like you brought up a plan that like, Zcoin plan to increase the dev reward double it to 13% from September 2020 onwards. And then this is, you guys plan to extend this for one or two years. So how do you go around handling governance? How do you put out this proposal? Is there a voting mechanism for the community to vote on certain issues? Yeah, just how you go on doing it?

Reuben Yap:   16:47
That's a really good question. I don't think there's a, this is really like, you know, a complete answer on that. And the reason being is that when you have like a poll, it really, I mean, as, as crappy as it sounds, not all votes are equal, right? Because it's like I can create a salt pepper account or I don't even gold any Zcoin whatsoever, or I'm just like a rival person just wanting to you know, or I'm paid to vote. So that's why all this like you know, really simplified polls are something that we have been trying to avoid. Just like, you know, yes, no. And then it's like create a lot of foreign accounts. I never seen this account see anything before and then the next thing he has an equal voice than someone that's been involved the community since the very beginning. Right? So what we have been actually trying to do is over period of time is to create the culture of collective decision making. So what that mean is that, you know, we are always engaging the community and seeing like, what do you think of this? And having like many, many avenues for them to express their opinions. And by creating that culture it becomes then very unacceptable if let's say, it's really clear that the community wants to do one thing and then the core team says, no, we're not going to do this. We're going to ignore all of that. Because we've already created that culture, it becomes like a, Holy crap, you don't give a crap about us and therefore you know you're not acting, you're not like a steward anymore. You're basically a dictator and hopefully, you know, if we have created the culture sufficiently enough, it would actually hold us accountable because then this is the community can resolve. Let's do a community takeover of the coin. I don't think that's a really like a perfect answer for this. This is something that we're still figuring out, but I really kind of want to avoid like the Dash model. I think maybe the, perhaps the best governance model would be something like Decred, but even then any, anyone that claims to have solved governance is flawed, right.

Bobby Ong:   20:22
What do you think about on-chain voting? Like [inaudible] on-chain voting for the I political party?

Reuben Yap:   21:25
Well that's different because in that case we had identity, right? So there, we could say, yeah, you, you're a registered voter, we know your identity, we know who you are and therefore you entitled to vote. Right? But here, how do you do that? Right? How do you do that without revealing privacy?

Bobby Ong:   23:46
How about one token, one vote? If you have one token, you get one vote.

Reuben Yap:   23:50
Yes, and that's exactly the Dash model, right? But you have to realize where like Zcoin had the like, you know, founders reward, which was, which is currently 8% of the block reward.Right? Now they're holding a lot of Zcoin. I mean, even though our distribution is quite good, what it means that the problem with having any sort on-chain voting mechanisms where you, holders of coin because of voter apathy, right? Because if I'm going to hold one coin only while the other person's holding like 100,000 coins, it's very little incentive for me to vote. Oh, it makes me very incentivized for my vote to be bought. And what happens in like, for example, in Dash, you know it becomes the core team and a bunch of whales kind of dictating where the project should go, which I would like to kind of avoid. I mean, I don't know if that's possible in the long run, but I do feel that something , okay we had an actually a recent discussion in the forum that was really interesting and kind of illustrated the kind of informal governance in place. So there was a proposal from a few of the biggest whales of Zcoin. I can't reveal exactly who, but they really wanted to say that, look, you know, I'm the biggest holder, we are the biggest holders of Zcoin. I want the Znode collateral amount to be increased from 1000 Zcoin to possibly 3000 Zcoin or 5000 Zcoin. 

Reuben Yap:   0:00
Now. There was a very tricky situation for us to navigate because, well, first of all, you know, they are the biggest holders. You know, they you know, maybe collectively have about 10% of the supply which is quite a lot of coins right there. And they can definitely destroy us if they don't like the projects hurting their own investment. So, uh, what did we did was like, okay, look, you know, we, we as a core team cannot, should not weigh in too much for this, uh, like, you know, we should let the community decide and what happens that we have, uh, I think we opened a forum article, we push people to look at it to weigh in their ideas and the ideas that we did not want a simple poll. We really wanted people to elaborate, what is the reason that they are against this? So what happened then, it was very clear that the community was very against the idea of increasing the collateral for Znodes. And, uh, of course there were a few people that just seem to say, Oh yeah, I agree we should increase the collateral and there was hardly any explanation there, but it was very clear that the people who bothered to write a lot, to bother to explain their reasoning as to why it was, was saying that yeah, this is not a good idea right now. And because of that, despite like the whales having a lot of the coins, they eventually accepted the community decision, uh, to say that, okay, yeah, we should not change the Znode collateral. So I found that there was a really good first try as the to see how like decentralized governance, kind of like even formal decentralized governance works. And hopefully we can refine this process as we go along.  

Reuben Yap:   0:00
But as I said, it is not about a very like, you know, strict system of saying that yes, this is the way to vote. Um, you know, I think maybe more contentious decisions, this will maybe more tricky, but the idea about creating that culture of discussion and, and I think this is something that was really, I liked this particular term which was brought up by commissioner [inaudible]. One of the measures of showing how decentralized the project is, is the concept of information assymetry. And the idea is that, does the core team have information that the public does not have? And if we can bridge that gap and say that, you know, the public has all that information, the core team has also all that similar type of information then, you know, governance can work better because then, you know, everyone has the same sort of facts, kind of decide on. And that's kind of where we're heading. Uh, you know, I would definitely say we don't have, uh, a very core plan. I mean, we don't have a, we have a plan but we don't have like a core, concrete idea of how to achieve on chain governance because I feel that a lot of it turns out to be a shame. Yeah.

Bobby Ong:   27:59
All right. It's interesting because there are multiple ways of voting for issues like Dash is using tokens, Bitcoin's case is using hashing power as the vote. You can also use the master nodes, the Znode as a way to vote as well. [inaudible] forum discussion as a way to vote things. But don't you think like maybe it discriminates those who do not have a strong command of English, for example if you are living in China you don't have a strong command of English, you can't participate actively in community discussions.

Reuben Yap:   28:32
Yeah, so, so definitely this was something that we also actively wanted to try and bridge. I think you've raised a very good point because especially, you know, they were a lot of Chinese commentators and I made sure that all of those comments were translated, uh, so that people could see the reasoning behind it. And so if you take a look at the forum, there was a translation of the original post into Chinese and also they were like you know when some Chinese participants post a lengthy reply, there was also a translations of that. So yes, I still think that there is a bias towards English speaking. Well we try as best as we can to bridge that gap by making sure that everything's translated. We have all the same information across different languages. Yup.

Bobby Ong:   29:18
All right, cool. I think, I think that wraps up some good discussions on governance. I'm going to ask you next question on Lelantus. Lelantus is a project that you guys have been working on for the past couple of years I believe. Tell us a little bit about what is Lelantus, how is it useful and when will it be going live?

Reuben Yap:   29:34
Oh, okay. Right. Yeah. So Lelantus is actually a replacement to Sigma. And basically like, currently with our current privacy protocol, you kind of have to burn and redeem in fixed denomination. So if I burn 10 I have to redeem 10. There is no ability for me to do a partial redemption. And the problem with that is that, that means you're forcing people to burn in fixed denominations. And if I'm like breaking down an amount, like 536 point something something coins, I have to break down in fixed nomination. And that introduces a pattern. So even if I redeem my, let's say like you know, 500 nominations, three 10 denominations, even though the math is correct, but because I can see the correlation between the patterns of burning and redemption, it is a real privacy risk. It is also kind of inefficient because instead of having like one proof to represent them, like one burn, I have to have like so many denominations just to represent that one transaction. Lelantus kind of does away with all of this by saying that we can burn any arbitrary amount and we can redeem any arbitrary amount even though it's a smaller amount than the amount that you burned. 

Reuben Yap:   0:00
So this is Lelantus version one which allows you to, let's say I burn 535.6 coins. That means I can just burn it with one proof, I mean with one mint and then I can redeem 0.23 coins, you know, uh, basically two proofs, which is one wishes, the 0.23 and then the other one is the change. I don't have to like redeem like the whole entire amount. I don't have to meet multiple denominated proofs. So now when I'm looking at it on the analysis, it actually becomes very difficult to see. Okay, how do I know that this spend originated from which burn. All I know is that this spend must have come from a burn that was larger than the amount that I redeemed. So this is version one. So that is a really huge improvement and it has this kind of same building blocks as Sigma. 

Reuben Yap:   0:00
So no trusted set up, very simple cryptographic primitives and pretty good performance up to maybe like a anonymity set of hundred thousand or so. So it was pretty competitive. Now, we are actually working, we have actually a Lelantus version 2 which actually allows people to not just redeem the tokens that they burned, but to pass the right to redeem the tokens to someone else. So last time, like currently Lelantus version one or Sigma version one, I burn coins, I redeem coins. Now instead of having to redeem them, I can say, okay Bobby, I'm going to pass you my right to redeem to you. And that becomes like almost like Zcash, Z-to-Z transaction. Because I'm not revealing an amount, I'm not revealing the source and it's almost like drastically increases the privacy because now with any redemption I cannot just say is one of those people who burned. 

Reuben Yap:   0:00
It could be someone who received it in the intermediary, you know, passing of that redemption right to someone else. Ah, so that's Lelantus version 2. We have something else that we actually have not been released. I think this podcast probably the first time we are announcing anything like this. It's something that we just call Aura and Aura is almost like an improvement of Lelantus even further. It's almost like allowing proofs of a proof, which I don't want to go too much into until we have a full paper on that. But I guess in a nutshell, Lelantus, you know, removes the need for fix denomination, allows direct anonymous transfers, does so without trusted set up, does so without very complex circuits. And it is not just, it is our creation, but other coins such as Monero have express interest and Beam has actually already confirmed that they'll be using Lelantus as part of their scheme to actually improve the drawbacks of Mimble-wimble privacy, which has shown to be kind of lacking. So yeah.

Bobby Ong:   33:37
When is Lelantus going live for Zcoin?

Reuben Yap:   33:39
Lelantus is set to go live definitely before September, but we are hoping for Q2 release. There are certain things that we are doing right now, the kind of like we will probably be going live with Lelantus version one, but we are coding it in such a way that we can add Lelantus version 2 without too much, kind of almost like backward compatibility. So yeah.

Bobby Ong:   34:01
You mentioned earlier just know about trusted set up. What is a trusted set up and why is it important?

Reuben Yap:   34:08
Right. So trusted set up. That sounds like a good thing cause you trust it. But in the decentralization you don't want the trust because if you, if you have to trust them, you don't need a blockchain. Right. I mean if, if you are okay with trusting somebody. So a trusted the set up in basically is when you first created this cryptographic system, you have to generate certain initial parameter initial and like you know, maybe like a very, very, very, very long number. Or like a set of almost like random things. And after that you have to destroy it. If someone manages to retain that inflammation in any form whatsoever, that person that has the effective backdoor into the system, which means he can create coins out of thin air. So basically when you say trusted set up, you kind of have to trust that the initial parameters were destroyed. It's almost like The Lord of the Rings where you have the kind of belief that yeah, you have all this sub-rings but there's this one ring to rule them all. So you kind of have to destroy the one ring. Right. And trust that it was done correctly. Uh, so Zcash, I think it was one of the first cryptocurrencies to implement a trusted set up within the cryptographic system for privacy. And what it allowed them to do is to have immense performance, immense type of like very good performance and anonymity characteristics. But at the cost of trusted set up. And if you take a look at the history of Zcash, there was actually a bug in Zcash that was live for two years, that actually if someone had exploited it, could create the coins of thin air. And what was interesting was that certain aspects of that trusted set up because when they found out about it, they wanted to hide that there was a problem, so they actually take down certain things so that people cannot even verify that the trusted set up whether it was carried out correctly or not. If you want to look at the criticisms of that, it can just take a look at Peter Todd's Zcash criticisms of that. So trusted set up is yeah, basically you have to trust that certain parameters were destroy at the beginning, whereas there's a backdoor into the system.

Bobby Ong:   36:15
And is this trusted set up done by core developers or do this trusted set up on my computer to set up some private transactions, otherwise it will just be a public transaction?

Reuben Yap:   36:28
The trusted set up, I mean for, in Zcash was, the original ceremony was done by I think maybe six, six people or so. And most of them were somehow affiliated with Zcash and then I think there were one or two people, they were not. Like Peter Todd was also one of them. And the idea was that as long as one person did the ceremony correctly, theoretically the ceremony, they called it an MPC ceremony, multi-party computation ceremony, it's secure. That means as long as one person destroyed it, there's no backdoor. But because there were a lot of criticisms on that because there were other ways to like, yeah, even though you have this ceremony, there were actually other ways to kind of influence the ceremony. For example, if I corrupt one of the binaries that you use, I could have possibly inserted a backdoor so that even if your cryptography is correct, I can still reassemble it and there was actually a real risk and that was actually kind of mitigated in the second ceremony called the Sapling power of DAO ceremony on Zcash, where they also allow the public to do part of the ceremony themselves. I think it's a huge improvement. It does resolve a lot of the initial concerns of the initial Zcash ceremony. I think even TRON is doing it right now. I think AZTEC protocol was also had to do MPC ceremony. But at the end of the day is that you have to trust that the ceremony was carried out correctly, there was no backdoors so there's still an element of trust. There are ways to mitigate it, but it is just better than not to have to trust anything in the first place. Yeah.

Bobby Ong:   38:05
Ooo, good to hear those things. I learned some stuff today. Master nodes used to be quite popular in the cryptospace but out of style lately.Walk us through a little bit about the health of the Zcoin masternodes ecosystem. Like how many actively are running and is it increasing, decreasing? What's it like for the past one year or so?

Reuben Yap:   38:25
It actually has been increasing even throughout the bear period. I think we have one of the second or third most like nodes of all like full notes of any decentralized network. I think number one is Horizen or something like that. I think we have about like 5,000 to 6,000 nodes, full nodes currently. So it's been working well on that regard. Only recently when there was a huge spike in price, I think like Zcoin almost doubled in price in the past two months or something like that. And therefore, you know, I think it's only natural to see a slight drop of those numbers as people cash in their rewards. 

Reuben Yap:   0:00
Now Znodes was actually, you know, we had a vision of Znodes when we first started and this was because we were using the zero coin technology and then zero coin was quite computationally intensive and we wanted ways to kind of offload that computation to incentivized node model. When we moved to Sigma and then Lelantus that requirement kind of dropped down. We didn't really want to implement like you know the governance stuff that Dash has or like the instant transactions and the mixing, which we don't need because we have a at the privacy system. So the only thing that wasn't implemented that was useful to us was the instant transactions. So we also had some concerns with that because there was certain vulnerabilities with the previous Dash infrastructure. So we did not want to introduce problems with that. So I would have to say that, you know, Znodes for the first a couple of years did not really achieve, what we set it out to do and right now it's just like, you know, incentivize the infrastructure. 

Reuben Yap:   0:00
But what we plan to do with it is right now is that we feel that, Hey look, you know, uh, one of the things that Dash did was really revamped the whole infrastructure. They use something called deterministic master nodes and they also implement this on the called chainlog. And what that kind of allows is that,honestly I believe that proof of work isn't really good security, especially for a smaller coin because you know 51% attacks, have been attack have been happening and it's not anything wrong with the product. Everyone knows the risks of 51% attacks. And therefore we think that, you know, proof of work as a security model. It is simple. Okay, it is not great. So with changelog it's kind of leverages on the master note kind of network to mean that yes it is still miners that are proposing the transactions that go in. It is still mining that distributes the new rewards and helps with distribution of the currency. I don't think there's any sort of way to, to get better distribution that their proof of work currently. While we have the master node act as a second layer to prevent the double spends happening by miners because you know, there's no good reason for miners to double spends. So I do feel that with chainlog in place, you know, you'll give a really good reason for the Znodes to continue earning their 30% of the block rewards. And on top of that we have other plans because especially now the whole concept of cross chain or, you know, the ability to create like from Bitcoin to move into like a Wrap Bitcoin version on Zcoin's layer doing privacy features and then go out. That has become an important topic and we have some ideas on leveraging the master node network to do this sort of things. But yeah, uh, that's kind of our view of master nodes in general for the moment.

Bobby Ong:   42:01
It's interesting that you brought up Wrap Bitcoin because the question is actually somewhat related. So I spoke to Beam recently and they mentioned that they plan to implement privacy for DeFi applications. Any similar plans for Zcoin?

Reuben Yap:   42:13
Yes. We actually do have a tokenization layer already that allows people to create their own tokens on Zcoin, which inherits all the privacy features like Sigma and Dandelion, all of that. So that's already, I think almost like maybe one month from launch. But one of the things that we are working on is the basically the bridging between other chains and because we have a masternode network, we feel that that's a good kind of way to leverage a masternode network to provide those bridges with other chains. So although we'll be launching our tokenization layer with full privacy features in maybe like one month or so. The bridging may take a bit longer and hopefully you can get something out this year, but it's something definitely that we want to be a part off.

Bobby Ong:   42:59
What are some of Zcoin's plans for 2020 and beyond? So you briefly mentioned some of them already but maybe you can just summarize maybe some of the top plans for 2020 and I think 2020 will be a very interesting year as you have your block reward coming up in September as well, so yeah maybe tell us what are the plans?

Reuben Yap:   43:14
I think the most important thing is to actually get Lelantus out and to actually start rolling out, moving towards the privacy on by default model. The way that we are approaching this is slightly different in that we will still probably keep the, we will have the ability to opt out into the transparent layer, but it's just on by default in all our official wallets. So that's something, a really big thing. Uh, we are very, very far into our deterministic master nodes implementation, which hopefully should get wrapped up in the next one or two months. Uh, we also very far into privacy on by default Sigma wallet, mobile wallet, which means that you can have private transactions on by default. That will be the first for us. And on top of that, I think we really pushing the further research into our privacy protocols. We're looking at things like mix nets instead of just using dandelion, which is great for most cases, but against like state level, NSA adversaries, Dandelion isn't so great. We were looking into integration of mix nets on that. Also as previously mentioned, integration with DeFi, cross chain stuff. But yeah, you know, these are some of the things that we have on the roadmap. And they also, there's a really important ongoing discussion as to whether we should change our current proof of work algorithm, Prog-Pow is being considered. Christie has been in touch with us and, and you know, I think just the end of this week on the 22nd we have a community meeting to actually also further discuss this, whether we should continue with MTP, modify MTP, or move to Prog-Pow or RandomX or something else. So these are all in 2020 yeah.

Bobby Ong:   45:01
Why do you need to move to a new proof-of-work algorithm?

Reuben Yap:   45:05
Well, currently MTP has kind of service purpose in the sense that it is one of the most profitable GPU coins to mine currently. Our point of view is that GPUs are the best way to distribute your coin because you know although the whole idea of one CPU, one vote with like CPU mining, which has been adopted by Monero, in practice especially we have ask other coins that have implemented Randommax. It actually turns out that CPU mining is a lot more centralized than GPU mining because people have access to large server funds, which are either or botnets, which are infected computers are mining on behalf of the botnet operator. So it is very clear that despite the whole idea of CPU being acquitable because of the existence of the botnet and either server firms or even like cloud computing which you can get for really cheap if you have a source of free credits or cheap credits. Then that’s why it’s kind of CPU isn’t too good. GPU mining, so MTP has kind of resisted ASICs development. I don’t think it’s because MTP is so amazing but because it’s such a complex algorithm. We are the only major coin implementing it and as a result, there is not much of an incentive to produce an ASIC for top 80 coins with that’s our market cap right? But as we grow bigger I do think that MTP is not as ASIC resistant as we think it is. One of the biggest issue is that the proof for MTP are 200KB in size, which means with every mining shares, every mining block even if it’s empty it actually occupies 200KB, which seems like a real waste of space and seems to be leading to centralization of mining pools because only a few mining pools host this type of bandwidth intensive type of thing. So we feel that MTP isn’t like what we thought it would be and we’re thinking of moving into a different kind of algorithm to keep that kind of GPU mining environment. I do think I have propped out a better design because it was actually designed by people with hardware experience, not just academics or cryptographers and that’s kind of the general idea of that. But there’s very intense debate going on within our community where some people are saying that Prog-PoW is compromised, Prog-PoW is bad, [inaudible]. So it’s not set in stone. There will be another test of our decentralized governance to see how it goes. 

Bobby Ong:   47:43
Lastly before we close off, how can people find out more info and follow Zcoin?

Reuben Yap:   47:49
Sure. I think the best way to find out about Zcoin is through but if you really want to get to know the team the community, we have a very active Telegram community which is also bridge to our Discord community and you can find all the links on our official website. We are also very active on Twitter, Facebook. But I do recommend dropping by especially on our chat groups and if you want to weigh in on any of the ongoing debates or the important stuff that is going on with the decision making in Zcoin, please drop by our forums at

Bobby Ong:   48:24
Thank you very much for the conversation that we have today.

Reuben Yap:   48:27
Thank you very much Bobby, always a pleasure to talk with you.All right, that wraps up the show. Thank you for listening to the CoinGecko podcast with Bobby. If you like our show and want to know more, check out or please leave us a review on iTunes. Do you have any feedback? Do drop us an email at Join us for more next week. See ya.

Disclaimer:   0:00
This podcast is provided as part of the overall information on cryptocurrency content on our website is for your general information only and does not howsoever constitute any endorsement, financial, or investment advice, nor any solicitation or offer of securities, other financial instruments. CoinGecko and the podcast presenter makes no warranties implied or express of any kind in relation to this podcast, including without limitation, the accuracy and updatedness of its content. All opinions and recommendations there in the podcast are based on the personal opinion of the presenter. Please conduct your own research and procure professional advice should you, at your own risk, decide to howsoever invest or trade in relation to the content contained in the podcast.