The ABCs to ZKPs

An introduction to Zero-Knowledge Proofs: the future of Cybersecurity

Does the Blockchain make sense to you? I mean, does it really make sense? All of your private data (yes, including your search history) would be stored on a public, distributed (everyone can see everything) network and its actually supposed to improve privacy. I’m going to ask you again. Does that really make sense to you?

The use of a blockchain requires a validator. This validator’s goal is to verify that the transactions (additions of blocks to the chain) are valid (not fraudulent), hence maintaining the integrity of the blockchain. In the context of Proof of Stake mechanisms (what Ethereum uses for validation), these validators are then compensated for their work with fees from their validation. If the validator were to propose or verify a fraudulent block, they would end up losing any assets they staked to become a validator. In this way, there is no need for a central authority to manage the chain.

But how does a validator make sure a block is valid? They would have to know all the information in the block and then make a decision. Seems simple. But then how the hell is the Blockchain secure!?

What if the validator could prove a block is valid, with having absolutely no knowledge about the data in the block. Hmm. An absolutely-no-knowledge-proof would be an amazing way to maintain the security of the Blockchain. Introducing… the Zero-Knowledge Proof! The easiest way to explain this concept is to use analogies and use cases, so prepare yourself for a whole lot of made up names.

Example of zero-knowledge on the blockchain:

If Jack wanted to send $10 of crypto to a friend, the blockchain has to make sure that Jack has $10 of crypto to send before authorizing the transaction. But the blockchain doesn’t care (and shouldn’t care) who is sending/receiving the money and how much is in their account; so how would it make the checks necessary? The system would have to prove the sender has enough money, without knowing who they are or how much money they have. This example is actually an algorithm called ZK-snarks (I will dive into this in a bit).

The concept of Zero Knowledge (I am going to use ZK and ZKP for simplicity) is not a new concept. Sure, the most popular applications of this algorithm right now are within the Blockchain space, but this technology was actually introduced in 1982 by three Computer Scientists interested in solving global privacy issues. There was no intention of applying it to Blockchain tech (mostly because Blockchain didn’t come along until much later) but instead was intended for a number of real-world issues.

One of my favorite non-Blockchain related applications for ZK is how it could have affected the nuclear disarmament between Russia and the US during the Obama administration. In 2009, Obama set the goal to have a “world without nuclear weapons.” This announcement was clearly directed at Russia as they are the world’s strongest nuclear country. Since the announcement, both countries have been slowly shedding some of their nuclear power, but there is one main hurdle: for the countries to go from restricting the number of deployed weapons, to actually getting rid of them, there needs to be a verification method for one country to prove it has dismantled its deployed weapons. The issue here is that the design of a nuclear warhead is highly classified and neither country wants to share this data with the other. This, in turn, has created a standstill amongst the two countries.

Does this problem sound familiar? One entity wants to prove something to another, without releasing any details. The perfect application of a Zero-Knowledge Proof.

Great, now that you know a little history, let’s get back to ZKs

A Zero Knowledge Proof is a method of cryptography. Cryptography is the practice of using an algorithm and a key to transform an input (like a name) into an encrypted output in cipher-text(eg. %@^#). This cipher-text can’t be decrypted without the key used to encrypt it. In this way, data can be kept secure from those without the key. The unique part of ZK is that it keeps data unencrypted, and instead just never reveals the data to anyone that is not intended to access the data.

In the case of verifications on the Blockchain, the prover and verifier are the two ends to a transaction using ZK. The prover is the person sending the transaction through (if you remember Jack from above) and they are allowed to see all the data, but can’t be trusted to verify a transaction themselves. The verifier is the one that ensures the transaction is valid (not fraudulent) and this node is trusted to verify the transaction, but not to see the data.

Zero-Knowledge Proofs have three properties:

1. Completeness: If the statement (transaction) is true (valid), the verifier will become convinced it is true/valid and the transaction will go through
2. Soundness: If the statement (transaction) is false (invalid), the verifier will become convinced it is false, and the transaction will not go through
3. Zero-knowledge(ness): The protocol doesn’t reveal any of the prover’s private information to the verifier during the transaction

These three properties ensure a ZK proof is valid. If any one of these properties is not true, the ZK proof is obsolete.

Now that you have a base-level understanding for the purpose of ZKPs, let’s explore how something can actually be proved with zero knowledge. Analogy time!!!

Hannah can enter the cave, but Mark can’t

Let’s say Hannah (the prover) knows the password to a gate in a round cave. She wants to prove to Mark (the verifier) that she knows the password, but Mark cannot know the password. How can she prove this to Mark? One obvious answer would be for Mark to follow her through the cave and watch her enter the code and open the gate.

Assume if Mark sees Hannah entering the password, he will know the password

The issue with this solution is that Mark would then know the password. The concept of zero-knowledge wouldn’t apply. What if we applied a little bit of probability for Mark to be sure Hannah knows the password?

Let Hannah choose which path to go down (A or B) without Mark knowing which one she chooses. Then, have Mark randomly choose a tunnel for her to emerge out of. If she emerges out of the tunnel he calls out, he can be 50% confident that she knows the password.

We could repeat this process until Mark’s confidence level approaches 100% that Hannah knows the code. In this way, Mark doesn’t know ANYTHING about the code, but he is sure Hannah knows the code. The repetition in the process ensures cheating becomes improbable so the process can be verified. But notice, Mark’s confidence level can never actually be 100% because of the nature of the proof.

This analogy is an example of an interactive proof. There are two types of Zero-knowledge proofs:

1. Interactive: The verifier makes the prover perform a set of actions that gives the verifier a confidence level for whether or not to validate the prover’s transaction. This process is then repeated until the verifier’s confidence level approaches 100%. This type of ZKP requires stable, continuous communication between parties, which oftentimes is just not possible.
2. Non-interactive: In this proof, there is no interaction between the two parties. This type of ZKP is complicated to understand but much more efficient that its interactive counterpart. Instead of the verifier giving the prover a set of actions to perform, a hash function (digital signature) is created of a random number generated by parameters set by the prover and verifier. When the prover can solve the hash of that random, the proof answer is returned to the verifier. If you want to read more about Non-interactive ZKPs, check this out. But I must warn you, it can get pretty complicated.

The ZK-snark

I told you we would come back to this. On top of ZK-snarks being my absolute favorite word in the entire Blockchain space, their applications have super interesting potential. The Zero Knowledge Succinct Non-Interactive Argument of Knowledge is a protocol that can prove/verify any statement with math.

The “Succinct” aspect means the protocol can be verified within milliseconds with a proof length of only a few hundred megabytes (even for longer ones): an important aspect for a blockchain handling thousands of transactions per second. The “Non-Interactive” aspect just conveys the prover and verifier don’t have to go back and forth for verification. And finally, the difference between and “Argument of Knowledge” and a “Proof” is quite technical, so we will skip it for now. There is also a lot of math to dive into with ZK-snarks so stay tuned as I release another article soon on the technical side. For a deeper understanding, check this out.

So why is this technology important?

The introduction of ZKPs to the Blockchain is monumental for the universal acceptance of the Blockchain and Web3.0 as our society’s primary infrastructure. The freedom, privacy, and individuality that Web3.0 technology brings to the table will never reach its full potential until there is widespread acceptance. For these technologies to become more desirable, people want certainty. Security is an excellent way to provide certainty and push the global usage of the Blockchain forward. ZKPs provide that bridge for the Blockchain to truly become a secure environment ruled by the laws of its code.

I hope you learned something about ZKPs in this article and it inspires you to want to learn more. For further learning, there are some links throughout this article highlighting different subtopics. You can also follow my Medium page and reach out to me on Linkedin to discuss anything Blockchain-related.