Zerocash is a protocol that provides a decentralized crypto-currency in which, as in Bitcoin, users collaborate to maintain the currency by broadcasting and verifying payment transactions. Zerocash, however, differs from Bitcoin in how these payment transactions are assembled and then verified.
Zerocash extends Bitcoin's protocol by adding new types of transactions that provide a separate privacy-preserving currency, in which transactions reveal neither the payment's origin, destination, or amount. Zerocash creates a separate anonymous currency, existing alongside a (non-anonymous) base currency, which refers to as Basecoin. Each user can convert (non-anonymous) basecoins into (anonymous) Zerocash coins, which is called zerocoins. Users can then send zerocoins to other users, and split or merge zerocoins they own in any way that preserves the total value. Users can also convert zerocoins back into basecoins, though in principle this is not necessary: all payments can be directly made in terms of zerocoins.
The key part of the protocol is that a user who has commited some amount of their coins to the public Zerocash ledger can prove that they know enough information about some coin in the ledger, without revealing which coin it is, and without revealing their own identity. The proof is then verified by the miners in a similar way regular Bitcoin transactions are verified. The scheme is known as zero-knowledge proof: the kind of proof where an agent proves that they know some secret without revealing any of its contents. It allows Zerocash transactions to be executed without revealing neither the source, nor the address, nor the value of the transaction.
Part of the protocol was already instantiated in the prior Zerocoin project. However, it had great limits as to the anonymity provided, as well as implementational disadvantages that made Zerocoin unacceptable to the Bitcoin community. One of the main drawbacks was the size of the information on the coins that are commited to the ledger. Because, much like in Bitcoin protocol, all of this information must be kept public, even small sizes can bee too costly in the long run.
Zerocash has an elegant way to overcome this obstacle: it feeds each of the mint commitments to a cryptographic hash function; each hash-value then becomes a node in a tree-like data structure known as a Merkle tree; each node is concatenated with others in such a way that the information is efficiently kept with the retained ability to retrieve it when needed – for example, when a user wishes to prove that they know a certain part of all this information as in the case of pour transactions.
Zerocash is a promising development in the field of crypto-currencies. It is developed by some of the brightest crypto-engineers, using state of art cryptography. Even though an actual implementation in Bitcoin is yet to be seen, care given to both mathematical and implementational aspects of the protocol suggests that users will soon be able to try out Zerocash for themselves.