Implementing RAP Stealth Addressing on Zcoin

Jan 2, 2020

We at Arcadia have been active and developing in the blockchain space for a few years and have had the pleasure of working with a wide array of different blockchain projects from decentralized video-sharing platforms to in-game cryptocurrencies. However, none of the projects we have been involved with have been quite like Zcoin, Zcoin is a privacy-centric cryptocurrency using a privacy protocol without a trusted setup, called Sigma. They are notable for having some of the most dedicated and brightest minds in the crypto and privacy space.

Arcadia has recently completed working with Zcoin on integrating BIP47 into their QT Desktop Wallet. The implementation process was a difficult one with a lot of ups and downs, however at the end of the day, it was definitely worthwhile.

BIP47 or as it’s coined on Zcoin, Reciever Address Privacy, is a form of transaction obfuscation, created for the purpose of preventing address reuse and address correlation between parties with a shared transaction party.

RAP allows for a recipient to have a static address while retaining privacy through a notification based handshake process that allows users to share a “secret” point that allows for the generation of addresses that are only known by both parties.

Image from Justus Ranvier’s BIP-0047

Some of the key players in the industry who have implemented BIP47 into their wallets include Samourai Wallet, Billion, and RuneWallet (acq. CashCrypto).

Our initial flow for the project began with a simple break down of the user interface, with our UI/UX Specialist building out initial user flow mockups using Samourai Wallet and Billions as points of reference.

Initial Payment Code Page Concept

Initially, we heavily reviewed and researched Daniel Krawisz’s BIP47 Implementation which he built using Justus Ranvier’s initial specification with heavy reliance on his own custom library for BIP44 and other functionality. After extensive review and viewing of our options, it was decided that despite Daniel and Justus’s fantastic work the non-production ready C++ library code would not be used for the implementation of BIP47 upon Zcoin’s reference implementation due to logistics, maintenance, and code health concerns.

Mockup for Initial Notification Concept

Instead, we reviewed and used the extensive work done in Javascript for our implementation of BIP47, with the decision being made to use notification transactions for the initial notification of the process versus the WebRTC implementation of Billions and the SPV methods on other wallets, for the preservation of anonymity (in relation to Zcoin’s existing privacy functionality) and avoidance of any accidental points of centralization.

Unfortunately, we did run into a few issues and delays due to our unfamiliarity with modifications made to certain aspects of the code in relation to Zerocoin and Sigma. Thankfully with some help and clarification from Tadhg Riordan from the Zcoin team we were able to work around most of our issues. After that, it was just a matter of integrating Sigma and having some bug-testing.

Sigma integration was surprisingly uneventful and easier than expected once the normal transaction functionality was added to the system.

It was fantastic working with the Zcoin Team, and we look forward to our future work with them including our open ZCS proposals for integrating BTCPayserver for XZC, and implementing Coin Control onto the Zcoin Rich Client.

We’d like to extend a special thank you to Reuben Yap, Tadhg Riordan, Peter Shugalev and the rest of the Zcoin team. We look forward to writing another one of these retrospective articles soon!

Arcadia is a proud contributor to the Zcoin community. Arcadia is a blockchain software development company based out of Dallas, Texas, focused on privacy-preserving technology, network scaling, and novel consensus algorithms.