I’m a big fan of Zcash. That’s because I’m a big fan of privacy, and understand that privacy on the internet determines the balance of power between the people and the state. I’m the kinda dude who has read all of the published Snowden docs--in painstaking, technical detail--and when I worked as a journalist, tried to convince the people with access to the Snowden dump to get me more to read and report on (unsuccesfully, as it turned out).

So I like Zcash a lot, and am generally supportive of the technology, the people and its ecosystem. It’s true that they are recipients of a great deal of FUD from other ecosystems, in particular Monero but also from some diehard Bitcoin maximalists.

It’s easy to dismiss criticism as bad faith, but here I want to offer a huge takeaway, not just for Zcash security, but security in general:

Optional security is bad security.

Giving users the choice between good security and bad security is a bad idea.

And when it comes to Zcash, optional privacy is also a bad idea.

Let me tell you why. It’s because footguns.

Retarded credential waving: I did my masters thesis at Berkeley in cybersecurity UI/UX. On how to design systems that make it easy for users to do the secure thing, and difficult or impossible for users to do the insecure thing.

Because users are idiots, and by that I mean we are ALL idiots at some times.

You design systems to be used when people are stressed, in a hurry, tired, drunk, high, under duress--or worse.

You don’t design systems for highly-rational PhDs who understand cryptography and are sipping green tea in Cambridge with their pinkey extended while marveling at the beauty and wonder of zero-knowledge proofs.

In short, you design battle-tested user interfaces for the five-year old in all of us.

Good security design should remove the need to think about what the secure choice is. They should be offered only one choice—the secure option.

Because if you make good security optional, a non-trivial percentage of people are going to accidentally hurt themselves.

If you build footguns, some people are going to blow their toes off.

So while I understand the reasons why Zcash continues to ship transparent t-addresses, the argument that “privacy is all about user choice” is a terrible argument.

If I want to store value on a transparent blockchain, I’ll use Bitcoin.

If I want to store value on a private blockchain, I’ll use Zcash.

I don’t want to see people hurt--because that hurts the overall narrative of financial privacy, above and beyond those specific individuals.

There is room for good-faith criticism. This is that.

Discuss.