From Zero to Hero in Zero Knowledge Proofs [Part 11]
This is the eleventh part of the series that takes you from absolute ground zero in ZKPs to a fairly advanced level. We will start from the absolute basics and then move onward and upward. Subscribe to get regular updates!
Today marks the end of our zk-SNARKs understanding. We will review the end-to-end process one last time before we move to hands-on zk tutorials.
End-to-End Process Recap
Up until now, we have talked a lot about zk-SNARKs and their internal workings. Let’s review everything we have learned so far.
Trusted setup
ZKSNarks requires a one-off setup step to produce proving and verification keys. This step is generally seen as a drawback to zkSNARKS, as it requires trust in the intentions of the involved parties. If details of the setup are later leaked it would be possible to create false proofs.
A high-level description is turned into an arithmetic circuit
The creator of the zk-SNARK uses a high-level language to specify the algorithm that constitutes and tests the proof. This high-level specification is compiled into an arithmetic circuit.
Further mathematical refinement
The circuit is then turned into an R1CS, and then a series of formulae called a Quadratic Arithmetic Program (QAP). The QAP is then further refined to ensure the privacy aspect of the process. The result is a proof in the form of a series of bytes that is given to the verifier. The verifier can pass this proof through a verifier function to receive a true or false result. There is no information in the proof that the verifier can use to learn any further information about the prover or their witness.
Final remarks
Zk-SNARKs are many times smaller than the transaction data it verifies, making it ideal to use in applications where storage is costly and/or we need very short verification times. However, the trusted ceremony proves to be a challenge because there’s no way for users to assess the honesty of participants. Therefore, new algorithms have been developed like Halo, which is the new zk-SNARK capable of removing the trusted setup.
Finally, an important consideration to keep in mind is that SNARKs are not quantum secure. zk-SNARK uses elliptic curve cryptography (ECDSA) for encryption. While the ECDSA algorithm is secure for now, the development of quantum computers could break its security model in the future.
Congratulations, you just completed understanding the zk-SNARK protocol. Kudos to you! Go to this quiz and test out your understanding now!
Hey there, thanks for reading this far. If you liked this article, don’t forget to follow and leave a clap.
I am building Plurality Network, the user context layer on web3. Join our discord to get alpha!
Follow me here, on LinkedIn, on X, or on Farcaster to get the latest blockchain technical content in simple, bite-sized reads.