Zero-knowledge proofs technology will protect the privacy of digital assets on JP Morgan's Quorum blockchain, as the developers of the Zcash cryptocurrency announce a partnership with the banking giant.

Zcash uses zero-knowledge proofs (specifically, zk-SNARKs) to prove the integrity of cryptocurrency transactions, without revealing any information about the sender, recipient or the assets that are being transferred.

The Zerocoin Electric Coin Company (ZECC), which created Zcash, will extend Quorum's existing privacy protections, which already offer private smart contracts by changing the Ethereum codebase. The zero-knowledge security layer (ZSL) will make it possible to use shielded transactions to protect users' privacy.

Quorum is the first distributed ledger platform that will feature ZSL, but it can also be integrated with any consensus mechanism; instead of proof of work, an enterprise ledger could use round-robin, proof of stake, or new consensus mechanisms like Tendermint. It could also be integrated into a MySQL database, where a schema plugin requires valid proofs for table inserts but the database administrator cannot see account balances.

Jack Gavigan, COO, Zerocoin Electric Coin Company, said in an email: "What we're doing for Quorum is implementing ZSL within a smart contract (which we're referring to as a 'z-contract'). Issuers will be able to create z-contracts and issue z-tokens (representing tokenised securities, currency, etc.), which can be transacted with the same type of privacy and confidentiality that Zcash's shielded transactions benefit from."

JP Morgan's Quorum has showcased a smart contract privacy solution that allows pairs or groups of participants to create and interact with private contracts, using an encrypted peer-to-peer layer called Constellation. The missing piece was the ability to make payments in a similarly private way, without either watering down the decentralised nature of the ledger or including some kind of trusted third party in the process.

"That's where ZSL comes in," said Gavigan. "The trade's business logic is embodied within a private contract, while obligations that arise as a result of that business logic (e.g. "Alice owes Bob $1m") can be settled using shielded transactions on the main Quorum ledger. We use a simplified variant of payment disclosure to allow private contracts to react to shielded transactions (so when Alice pays Bob the $1m, the private contract's business logic can flag that obligation as having been satisfied).

"The end result is that the business logic (i.e. the trade details or the derivative contract) is private, and the settlement is private (all third party observers will know is that a USD payment was made at a particular time; they can't identify the sender or the recipient, or see how much was being paid). It's turned out to be a very complementary approach," he said.

Gavigan said the process of adding ZSL to Quorum has benefited from the experience of having already done it for Zcash. He also pointed out that the team had already done a fair amount of research and experimentation around adding zk-SNARKs to Ethereum-based ledgers (e.g. Baby ZoE).

Enhanced privacy is a great thing, but how these solutions scale is often cited as a drawback. "ZSL faces the same efficiency and scalability limitations that Zcash does - generating the zero-knowledge proofs is still computationally intensive (although, given existing settlement cycles are measured in days, reducing that to a matter of minutes is already a huge win!)" said Gavigan.

"There are scalability limitations in terms of the number of transactions a z-contract can support but we're talking about millions of transactions, and it's relatively straightforward to simply create a new z-contract when the old one is approaching its limit.

"Our and JPM's approach to this is exploratory and experimental. Instead of rejecting ZSL because it doesn't scale infinitely, the idea is to try it out and see what those limitations mean in practise. It seems likely that it will be unsuitable for high-frequency trading use cases, but quite useful for something like syndicated loans or interest rate swaps. In the longer term, we have an ongoing research effort that's looking at different ways of making zk-SNARKs more efficient, and both Zcash and Quorum will benefit from the results of that research."

There have been several approaches to preserving privacy using distributed ledgers such as homomorphic encryption, ring signatures, just not sharing data very much. Last year the Zcash team co-authored a report for R3, which compared and contrasted the different approaches.

"Simply not sharing data much can mean that you avoid many of the benefits of a shared ledger - e.g. fungibility of digital assets, having a single 'golden' source of truth, full decentralisation, etc. The trick is to be able to retain those benefits in a way that also enables privacy and confidentiality," said Gavigan.

"I think it's fair to say that any approach involves compromises, and the best approach is going to depend on your use case. But I think it's also important to look to the future in terms of what's theoretically possible and what limitations are imposed by different approaches. In our estimation, zero-knowledge proofs offer a lot of potential and flexibility."

JP Morgan is a founding member of the Enterprise Ethereum Alliance (EEA), and ZECC has just announced that it has also joined EEA.