A technical clarification as a part of a discussion about retroactive grants on the Zcash community forum forces a more precise definition of what “shielded swaps” can and can’t mean on the cross-chain DEX infrastructure.
In a February 8 comment on the Maya Protocol Advanced Shielded ZEC Support Retroactive Grant thread, a Maya worker argued that even when the stack later supports full custody of Orchard funds, cross-chain swaps still can’t be fully private end-to-end under the present design. The reason is structural: the non-ZEC side of the trade is conducted over transparent chains, and the swap path still leaves metadata visible on MAYAChain.
This is a subtle but necessary difference. It separates “shielded ZEC support” from “fully private exchanges” and provides auditors with a concrete framework for evaluating privacy claims related to cross-chain liquidity.
Why cross-chain privacy has a cap
Zcash can hide the sender, recipient and amount while keeping transactions fully protected in its privacy pools. The Orchard Pool is laid out in ZIP 224 as a shielded protocol designed to have strong data protection properties. However, this strength doesn’t routinely transfer to all chains.
A cross-chain swap shouldn’t be a single transaction. It is a sequence of transactions and state transitions across multiple systems.
If just one leg is shielded, privacy becomes asymmetrical. The ZEC fork will be protected while in Zcash's shielded pool, but the opposite asset fork still runs on a transparent chain corresponding to Bitcoin or Ethereum. This settlement is inherently visible, including the amounts moved, timing, and destination addresses involved on the transparent chain.
Additionally, the cross-chain DEX must interpret user intent and coordinate routing. In MAYAChain-style architectures, this intent is often conveyed via transaction metadata corresponding to memos. The MAYAChain documentation explains that incoming transactions contain a memo field that communicates user intent and is verified to process swaps, and that this transaction event data is indexed for public queries through its APIs, including the Transaction Memo concept documents and the Midgard public API.
The result’s a practical blanket. A user can gain privacy for the ZEC portion of an exchange, but not for all the cross-chain motion.
What “shielded ZEC support” probably means in practice
The same forum thread discusses implementation tradeoffs and the incontrovertible fact that current flows can still be traced on the border.
A Maya team member describes today's Orchard support as a “traceable orchard,” noting that the flow still must go through a transparent vault boundary before the exchange machinery is complete. In other words, the system can accept shielded deposits and deliver shielded results, however the operational middle layer still involves transparent handling that may create correlation risks when amounts and timing match.
This shouldn’t be a trivial nuance. Many users interpret “shielded” as a guarantee of consistent unconnectivity. Cross-chain swaps are more like a privacy sandwich: shielded at the perimeters, transparent in the center.
This can still be useful. It can reduce ZEC address exposure and protect the ZEC branch from direct chart evaluation. Still, it shouldn't be marketed as an entire privacy cover for all the exchange.
Where swap metadata will be leaked
The clarification within the forum points to 2 places where observers can still learn something a few “shielded exchange”.
First, the non-ZEC chain. When a swap touches a transparent asset, transaction details corresponding to value, address endpoints, and timing are exposed on that asset's chain.
Second, the cross-chain DEX coordination layer. MAYAChain processes swaps by observing incoming transfers and reading intent fields. The documentation describes how Memos encode swap instructions and routing decisions. These memos exist specifically in order that the network can reply to them. They are subsequently not fundamentally private.
The exact fields visible may vary depending on the route and chain type, but the final category of data disclosed typically includes swap intent, inbound and outbound asset identifiers, transaction timing, and routing steps. This is consistent with why MAYAChain releases a memo specification and a public indexing API that parses transaction events for queries.
The Orchard Custody Restriction and Why FROST Occurs
The discussion also links privacy restrictions to custody architecture.
For full Orchard custody in a multi-validator environment, a threshold signature scheme have to be compatible with Zcash's protected issuance authorization. This is why the thread references FROST and other threshold cryptography approaches.
Zcash documents FROST-based multisignatures for spend authorization in ZIP 312 and describes how a threshold Schnorr construction can meet Zcash spend authorization requirements. The point shouldn’t be that FROST alone creates end-to-end cross-chain privacy. That shouldn’t be the case. The point is that this might change custody limits by making it easier to carry and spend protected funds in a distributed signature environment.
Even if this custody limit improves, the privacy cap described by the Maya worker will remain. There remains to be transparent settlement on the non-ZEC route and observable coordination metadata outside of Zcash.
Which changes the story for users and reviewers
The practical insight is that the shielded swap language needs to be evaluated based on the complete path, not the entry point.
A high confidence check typically checks three things.
- The actual flow on the border, including how funds move from the protected deposit to any transparent vault tier after which to the outbound branch.
- What is being implemented and what’s being sought within the grant application, including repositories and merged elements linked from the forum thread.
- Where metadata is disclosed, including the memos and event traces, which will be queried through MAYAChain's public indexing interfaces.
This makes this forum statement a novelty despite its area of interest nature. It's rare for a builder to publicly draw a transparent line on privacy claims, which helps the ecosystem avoid overpromising and helps users understand what they're really getting after they select a cross-chain, shielded route.
The post Maya Contributor: Cross-Chain Shielded ZEC Swaps Still Leaking Metadata Outside of Zcash appeared first on Crypto Adventure.
