What are zk-SNARKs? Zero Knowledge Proofs Simplified
zk-SNARKs & Zero Knowledge Proofs are game changers when it comes to privacy, but how do they work?
“Personally, I think zk-SNARKs are a hugely important, absolutely game-changing technology…They are the single most under-hyped thing in cryptography right now” – Vitalik Buterin
“I’m with Vitalik. Zero-knowledge proofs may be the future of private trade.” – Edward Snowden
The issue of privacy is central to the idea of cryptocurrencies, and improving privacy is an ongoing task. Vitalik Buterin is looking at zk-SNARKs implementation as part of the Ethereum roadmap and Zcash is already using it as an integral part of its privacy solution.
While you might have heard about zk-SNARKs, you may wonder the jargon really means, and in this post, we will try to explain it in simple terms.
zk-SNARK stands for ‘Zero-Knowledge Succinct Non-Interactive Argument of Knowledge’ and works to prove certain conditions without revealing the information which needs to be kept confidential. Let’s break this down so it’s easier to understand.
Zero-knowledge = Maintains confidentiality and privacy
Succinct = Proofs can be typically verified in a matter of milliseconds
Non-Interactive = A proof constructions where a single message can be sent from the prover to the verifier without the need to constantly send messages back and forth
Argument of Knowledge = A prover can convince the verifier that a certain piece of information exists and that they can access and know what is, without ever revealing the information in its entirety.
Image courtesy of: Zcash blog
Zero knowledge proofs, in very simple terms, allow for a transaction to occur between two parties where each party is able to verify to each other that they can access a specific set of information that exists, without ever revealing what that information is.
In other words, it allows Tom (the prover) to prove to Sam (the verifier) that a statement is true, without ever revealing the information in its entirety. Tom can convince Sam that the information exists, and more importantly, that he can access this information, without ever revealing what it actually is. Let’s take a look at an example to illustrate:
Alibaba’s Cave – The infamous Zero Knowledge Proof story
This is a well-known example that was published in a paper titled, “How to Explain Zero-Knowledge Protocols to Your Children”.
In this example, we’ll call the two people Paul (P) and Vick (V), where Paul is the prover and Vick is the verifier. Paul and Vick both approach a mystic cave that has a magical secret door at the back. The mystic cave is circular, with an entrance at the front and a magical locked door blocking side A from side B. Paul tells Vick that he knows the secret password to open the magical door at the back of the cave, but he doesn’t want to tell Vick or anyone else what the secret word actually is. Vick does not believe Paul and asks him to prove it. The mystic cave has only two paths, A on the left and B on the right. Paul can take either path, A or B, whichever he likes but Vick is not allowed to see which path Paul will take, so Vick waits outside the cave.
After a few minutes, Vick enters the cave and shouts to Paul. Vick can ask Paul to come out of the cave from either path A or B, chosen at random, as he doesn’t know which path Paul took in the first place. Paul knows the secret word to the magical door at the back of the cave and can emerge from either side no matter what Vick chooses. In the images below, Paul took path A, and then Victor came to entrance and shouted to Paul to appear from path B. Paul shouts, “No Problem”, and uses the secret word to open the magical door and comes out from path B.
Image courtesy of : Scott Twombly (Youtube channel)
So, you may be think there is a 50/50 chance that Vick would just guess correctly and Paul doesn’t know the secret password. By random chance, Vick could choose a path and Paul could appear, making this entire cave story false.
That is why, in order test the validity this would be repeated numerous times, until Vick was convinced. Let’s say they did this exercise 15 times and all 15 times Paul came out from the correct path. Paul’s probability of actually entering path A or B, not knowing the secret, and coming out of the same random path that Victor chooses all 15 times, would be very rare or almost impossible.
Zero knowledge proofs are not mathematical proofs as there is a small probability of error, so these proofs are probabilistic in nature.
A zero knowledge proof must satisfy three main properties (with room for a tiny probability of error):
Completeness – The prover has a way to convince the verifier that any statement is true
Soundness – No cheating prover can convince a verifier about a false statement
Zero knowledge – If a prover can convince and verifier that a statement is true, the verifier still has no underlying information and learns nothing other than that the statement is true.
Zk-SNARKs essentially shield transactions and provide confidentiality and privacy, which is why Zcash has integrated the technology into its cryptocurrency. This is only one of many use cases for zk-SNARKs, but given its computational complexity and intensiveness, it’s not practical to use yet for many other applications, outside of functioning as a privacy focused medium of exchange or currency. In theory, you could use zk-SNARKs to verify any transaction or relation between two parties without ever disclosing or leaking information amongst the parties involved.
Ethereum’s adoption of Zk-SNARKs would be a game-changer to say the least, and given the challenging regulatory environment these days, more and more people could be moving towards privacy-centric digital currencies. However, governments can always take drastic measures to block network access, which is still a major issue when it comes to true decentralization. We can expect this battle to continue as people fight for more control over their finances and information, and governments seek oversight to prevent illegal activities.