Arkham Said It Tracked 53% of Zcash Transactions. The Reality Is More Complicated

The firm pointed to the US government's seizure of ZEC from AlphaBay founder Alexandre Cazes eight years earlier as an example of how such tracking works in practice .

How Arkham reached the 53% figure

Arkham did not claim to have cracked Zcash's zero-knowledge proofs or broken the privacy of the shielded pool. The firm's approach relied on identifying activity that was visible or linkable through Zcash's transparent side and related transaction patterns .

Three main techniques drove the results:

1. Entity clustering and behavioral attribution: Linking addresses or transaction flows that move in coordinated patterns to the same actor .
2. Exchange and known-entity mapping: Associating visible on-chain activity with known users, institutions, or services where those links are publicly available .
3. Transparent address analysis: Zcash's privacy is opt-in. Users can transact through transparent wallets as well as shielded mechanisms. Transparent activity is analyzed similarly to any other public blockchain .

The core insight: a meaningful share of Zcash activity was happening outside the shielded pool, where data is already public . Shielded-to-shielded transactions, which represent roughly 50% of all Zcash transactions, remained untraceable .

Zooko Wilcox's response: shielded pools remain unbroken

Zcash founder Zooko Wilcox responded to Arkham's announcement with a measured correction . His key points:

• Arkham did not deanonymize any ZEC held at rest in the shielded pool. Wilcox said this would be impossible because "the information just isn't there" .
• The tracking applied to transparent wallets and users who had opted into public traceability. In Wilcox's words: "When you use Zcash, you choose for yourself whether one of your wallets will be displayed on their dashboard or not" .

Wilcox's response drew a clear line between two very different claims: breaking Zcash's cryptography (which didn't happen) and analyzing activity that users voluntarily made visible (which did).

The debate over framing

The controversy wasn't just about the numbers — it was about how Arkham presented them. Critics argued that Arkham used the word "deanonymize" in a misleading way . By including both shielded and transparent transactions in its 53% claim without disaggregating the two groups, Arkham made it sound like it had pierced privacy protections when it had not .

Mert Mumtaz of Helius Labs called Arkham's claims "misleading for attention," emphasizing that labeling shielded transactions is impossible . In response, Arkham dismissed critics as "keyboard privacy warriors" who were "nitpicking technical terminology concerning the tiny amounts they're hiding exclusively in shielded pools" .

Despite the heated language, the technical facts were never in dispute from either side: shielded-to-shielded transactions remain cryptographically protected, and transparent transactions are traceable .

The real vulnerability: behavior, not protocol

The Arkham-Zcash incident illustrates a gap that matters well beyond one cryptocurrency. A protocol can offer strong privacy guarantees, but if users don't actually use those features, much of the network remains traceable in practice .

Zcash's shielded pool uses zk-SNARK proofs to verify transactions without exposing sender, receiver, or amount, and no evidence suggests Arkham pierced this layer . But because Zcash defaults to transparent addresses and leaves shielded usage as a user choice, a large portion of historical activity sits in easily analyzable territory .

The broader lesson is that strong privacy at the protocol layer is necessary but not sufficient. Real-world privacy depends on adoption, default settings, and user behavior — and in Zcash's case, those defaults left enough surface area for Arkham to attribute over half of all transactions .