The Power of Zero-Knowledge

The Power of Zero-Knowledge

All you need to know about ZKProofs...

Zero-knowledge proofs (zk-proofs) have emerged as a groundbreaking concept in the field of cryptography and secure computing. Zk-proofs have the potential to fix several real-world problems that exist today, but not so many people are familiar with this technology, and scalability requires users to know completely what they're using so they can figure out how to use it in everyday situations.

So let's start with the very basics.

What are Zero-Knowledge proofs?

In simple terms, a zero-knowledge proof is a method of proving the validity of a statement without revealing the statement in the first place.

The term 'zero-knowledge' is self-explanatory in its definition. Zero-knowledge because almost no knowledge is revealed when proving the accuracy of the statement.

It is an interaction between a prover and a verifier where the prover has to prove the truth of a statement without revealing the underlying data or how they came to verify the statement as true.

Zero-knowledge proofs sometimes called zero-knowledge protocols are a powerful tool that can be used to enhance privacy and security, improve scalability and interoperability, and also provide a secure means of identity validation.

Origins of Zero-knowledge

The term 'zero-knowledge' was first cited in a research paper in 1985, and since then this has been used to define the interaction of zero-knowledge protocols used in real-world applications.

Earlier versions of zero-knowledge proofs required back-and-forth communication between the prover and verifier until the verifier was certain that the prover does indeed know the hidden data. This method is commonly known as an interactive zero-knowledge proof.

Types of Zero-Knowledge Proofs

There are two most famous types of zero-knowledge proofs, namely;

  1. ZK-SNARKs: Short for Zero-Knowledge Succinct Non-Interactive Argument of Knowledge. ZK-SNARKs are an example of non-interactive proofs because the verifier and prover only communicate once.

    The zero-knowledge proofing system of ZK-SNARKs is quite small and with its constant time verification, it is known to be fast and cheap.

  2. ZK-STARKs: Like ZK-SNARKs, ZK-STARKs is an abbreviation and it's short for Zero-Knowledge Scalable Transparent Argument of Knowledge.

    ZK-STARKs are much more scalable as the time spent on computations is quasilinear to the complexity of the underlying computation and transparent than ZK-SNARKs, as it relies on publicly verifiable randomness.

    Although both ZK-STARKs and ZK-SNARKs prove the validity of off-chain transactions without revealing underlying data, ZK-SNARKs is hailed as an improvement on ZK-STARKs despite it being more expensive to verify transactions on the Ethereum network due to its larger proof size.

Real World Use Cases ZK Proofs

Zero-knowledge proofs can be used in multiple ways to protect a user's vital information and prevent misuse of personal information and an identity jack from a malicious identity. Such ways include;

  1. Unidentifiable payments: Because of zero-knowledge proofs, anonymous payments can now truly be anonymous.

    Despite the attempt made by cryptocurrencies to anonymize payments, people and organizations have found a way to track payments made in crypto back to the individual who made such payments. How? Let's use Etherscan as an example. Etherscan keeps a record of each address created, how much that address holds and the interactions that address makes on the blockchain. If a user has his address posted anywhere on the internet, especially on social media, for donations, or payments address for work done etc, its more than easy to access that person's financial history using the block explorer 'Etherscan', thereby taking away the true meaning of anonymity, since that address can now be tracked.

    But because zero-knowledge proofs exist today, services like Tornado Cash allow users to conduct fully private transactions on the Ethereum network by utilizing zero-knowledge proofs to obscure transaction details and provide financial privacy.

  2. Verifiable Computation: Zero-knowledge is being used to confirm the correctness of computations done on off-chain scaling solutions such as ZK-rollups and Validiums that rely on the Ethereum network.

    Verifiable computing allows us to outsource computation to another entity while maintaining verifiable results. The entity submits the result along with proof verifying that the program was executed correctly.

    The benefit here is that Ethereum doesn’t have to do any execution and only needs to apply results from outsourced computation to its state. This reduces network congestion and also improves transaction speeds.

  3. Authentication: To use online services for most things today .i.e when registering a new social media account, a new online bank account, a new gmail account etc, an individual is expected to authenticate their identity before they can be successfully verified. This mostly involves the submission of very personal and private data, that can someday be used against that individual.

    Zero-knowledge proofs offer a streamlined authentication process for platforms and users. By generating a ZK-proof using public inputs (such as data confirming the user's platform membership) and private inputs (such as the user's details), the user can conveniently present the proof to authenticate their identity when accessing the service. This not only enhances the user experience but also relieves organizations from the burden of storing extensive user information. In essence, zero-knowledge proofs simplify authentication while reducing the storage requirements for user data.

  4. Identity Protection: As stated above, to register or use most online services today, a user's personal data is required. This subjects the user to an identity jack, where a malicious entity can gain access to that information and use it against the user through fraudulent impersonation.

    But with zero-knowledge proof, a user can verify his identity without having to disclose their private data to some phishing site for access. This combats the growing wave of identity jacks that have been occurring since the very beginning of registrations.

Just for fun (An investigative scenario)

To simulate a relatable example where the consequences of uploading sensitive data pertaining to an individual's identity have come back to bite the individual, let's analyze the Hollywood success 'Ready Player One' of 2018, directed by Steven Spielberg.

If you haven't seen the movie, spoilers ahead.

In this movie, the protagonist, famously known as Parzival (his gamer tag) unfortunately reveals his real-world name 'Wade' to Artemis (her gamer tag). Artemis immediately calls him out on his error before he could say his full name, highlighting the importance of never disclosing your real name in the game. But at this moment it was already too late, as a hired assassin had already taken notes of his first name.

Using his first name alone, he was able to hack into the game's online store and crosscheck the list of individuals who had made a purchase bearing the name Wade. This then provided him with Parzivals full name 'Wade Watts' but also his address, as they had delivered his purchase to his doorstep.

The assassins proceeded to blow up his home, killing his aunt and her lover who were present. Unfortunately for his assassins, and fortunately for Wade he wasn't home, but he still lost his mother's sister due to his carelessness.

But we can't blame Wade for disclosing his identity to Artemis, he trusted her and never knew an assassin had been sent to monitor and kill him. He trusted the game, and felt safe, never thinking about how his real-world identity could be the end of him. In the end, this movie reminds us about the dangers of having private details on sites and places that it can be easily taken.

How would ZK-proof have prevented this?

With zero-knowledge proof, Wade could have easily verified his identity during registration, without having to reveal any further private information for storage on a centralized server.

His name, and address, the date of purchase, and the location in which his purchased product was delivered would be concealed and protected from malicious attackers by using a smart contract powered by zero-knowledge protocols, therefore saving his aunt's life.

Conclusion

In summary, zero-knowledge proofs (zk-proofs) provide a powerful tool for authentication and identity verification. They allow users to prove their identity or membership in a platform without revealing any sensitive information, thereby enhancing privacy and security. Zk-proofs simplify the authentication process, making it more convenient for users and reducing the need for organizations to store large amounts of personal data. By enabling efficient and secure authentication, zk-proofs contribute to a better user experience and promote data privacy in various applications and systems.

  1. Zk-proofs according to Chainlink.

  2. Validity proofs explained.

  3. ZK-SNARKs.

  4. ZK-STARKs.

  5. ZK-STARKs vs ZK-SNARKS.


If you liked this and found it informative, leave a like, or a comment, or reach out to me on any of my socials for hiring, or maybe a good blockchain discussion by clicking on this link.