The second lecture in the Zero Knowledge Proofs course had Dan Boneh walk us through an overview of modern SNARK constructions. Below are some of my notes from Part 1 of the lecture, which includes what SNARKs are and example blockchain and non-blockchain applications.
SNARK: a succinct proof that a certain statement is true
Example statement: I know an m such that SHA256(m) = 0
Where m is a message
In SNARKs the proof is short and fast to verify. Additionally, the proof doesn’t reveal anything about m. Thus, with SNARKs, you can preserve the privacy of m.
There are numerous organizations dealing with SNARKs in one way or another. Below are a few of them along with what they do at a high level:
- Building SNARK solutions: Aztec, Espresso Systems, Matter Labs, Starkware
- Using SNARKs: Aleo, Polygon, RISC Zero, Scroll
- Building SNARK accelerators: Ingonyama, Supra National
So, what are some applications of SNARKs within the context of blockchain?
Blockchain Applications
SNARKs can provide scalability via proof-based rollups (zkRollups), where an off-chain service processes a batch of transactions (Tx) and a Layer 1 (L1) chain verifies a succinct proof that the Tx were processed correctly.
SNARKs can bridge blockchains via proof of consensus (zkBridge), where it enables the transfer of assets from one chain to another, backed by the reliability of succinct proofs. For instance, Chain A can lockup assets to be transferred and provide a proof that its consensus protocol acknowledges the assets lockup for transfer. Chain B can then verify the SNARK and materialize the assets.
zkSNARKs can enable private transactions on a public blockchain, where the proof guarantees that a private Tx is valid.
zkSNARKs can also enable zero-knowledge compliance, where (for instance) a proof can guarantee that a private transaction is compliant with relevant banking laws, and/or that an exchange (or other body) is solvent without revealing the underlying financials.
Non-Blockchain Applications
SNARKs can be used to fight disinformation, where the proof guarantees the content provenance. An example of this is the Coalition for Content Provenance and Authenticity (C2PA) — an international joint development foundation project aiming to develop and drive adoption of a global technical standard for guaranteeing content provenance.
A sample scenario of where SNARKs and C2PA come into use is to fight against “fake news”. We have all seen those news articles and online posts that use totally unrelated images and videos and claim ownership of them. In this scenario, SNARKs can prove that “no, that isn’t a picture of that person fighting aliens in Mars; it’s a picture of my neighbor playing with his children in their backyard — here’s the digital evidence with the relevant information (e.g., timestamp, location, etc.)”.
You might then say — “But what about post-processing? A lot of news organization perform image downsizing and modifications to meet their publication needs. How would you maintain evidence of authenticity then?”
Good question. Here’s how an implementation of this could work in a news organization example.
- The computer has the processed photos and a list of operations (Ops) performed on the original
- The photo-editing software generates a zkSNARK and attaches it to the photos
The zkSNARK will prove that it knows the original image (Orig) and a signature (Sig) of the image such that:
- The Sig is a valid C2PA signature on Orig
- The photo is the result of applying Ops to Orig
- The photo metadata is equal to the Orig metadata
The result will be photos that have a timestamp, location data, and a zkSNARK that prove the authenticity of the modified photos.
All this metadata will be visible to the users, so that they can confirm the legitimacy of the photos. Think an Info button that you can hover over and shows you the data.
Performance
One of the magical things about zkSNARKs in these scenarios is how efficient it is to generate, hold, and verify the proofs.
The proof size can be under 1KB, and it can take the verifier (e.g., browser) less than 10ms to verify.
In terms of proof generation, for images that are around 6000x4000px, it would only take a few minutes or even seconds per image given sufficient hardware.
The next post will cover Part 2 of Lecture 2, which dives more into the mathematics behind zkSNARKs.
