top of page

Edward Snowden was instrumental in the development of the Zcash privacy coin.

Under a pseudonym, the NSA whistleblower and privacy advocate was one of six people who took part in the cryptocurrency's fabled 2016 "trusted setup" ceremony.

Edward Snowden, a former US defense contractor whose leaks sparked a global debate about internet surveillance, was involved in the development of the privacy-enhancing cryptocurrency zcash in a covert manner (ZEC).

The whistleblower was one of six people who took part in the "ceremony" that established zcash's so-called trusted setup. He was granted asylum in Russia and has lived there since 2013 after the US charged him with espionage.

His previously unknown role in the 2016 ceremony will be revealed in a video set to be released on Thursday by Zcash Media, a company that creates educational materials about the privacy coin.

In the video, Snowden says, "I saw it being worked on by a number of trusted academic cryptographers and I thought it was a very interesting project."

He claimed he used the alias "John Dobbertin" to conceal his involvement in the scheme.

Snowden agreed to make his participation public in a recent message to zcash co-creator Zooko Wilcox.

"I think you can tell people," wrote Snowden, who is scheduled to speak at Consensus 2022 in June, "as long as it is clear that I was never paid and had no stake, it was just a public interest thing."

The secure setup of Zcash

To grasp Snowden's role in the 2016 zcash "ceremony," it is necessary to first understand how the cryptocurrency's privacy works.

Transparent and shielded transactions are available in Zcash. Transparent transactions, like regular BTC transactions, are visible on the public blockchain. The shielded transactions, on the other hand, are sucked into "privacy pools," which can be thought of as black holes where everything is thrown together. These pools ensure that blockchain observers have no way of knowing where the coins came from or where they are going.

A secret cryptographic key was needed to set up the privacy parameters of the original "Sprout" pool created in 2016 and the "Sapling" pool created two years later. The key is basically a very large number. The procedure for generating this number is known as a "trusted setup," and the problem is that anyone who has access to the secret key could forge as many coins as they wanted.

Possession of the entire key could lead to "supply counterfeiting," but it would not violate any current or previous privacy, according to Nathan Wilcox, Zooko's brother and another ZEC co-founder.

While it is reassuring that ZEC's privacy is not jeopardized by the trusted setup, the ability to counterfeit coins would clearly be a major issue.

"You can't launch this global internet money cryptocurrency if somebody just knows the secret and then promises to throw it away," Nathan Wilcox explained.

As a result, the first group of researchers devised "The Ceremony," a multi-party computation. The secret key is not generated and held by just one person using this method. Instead, it is divided among a large number of people, with each contributing a shard, or piece, of this enormous sum. This ensures that no single person has a copy of the entire number.

"“If at least one person succeeds in throwing away their part of the data, the computation is secure," said Bitcoin developer Peter Todd, one of the six attendees at the initial ceremony.

Faraday cages and decoy plane tickets