Zero-Knowledge Proofs and Their Impact on Blockchain
Introduction to Zero-Knowledge Proofs
Zero-knowledge proof (ZKP) blockchain projects are revolutionizing how developers build advanced decentralized applications (dApps) that scale the Web3 ecosystem while protecting users’ privacy. This cryptographic technology helps blockchain projects overcome the scaling and privacy limitations inherent to many layer-1 blockchains. Zero-knowledge technology enables blockchain projects to facilitate greater transaction throughput, protect user data while still being able to verify identities, and support complex computation. Additionally, it allows enterprises to adopt blockchain technology while protecting their intellectual property. Underpinning all these use cases are zero-knowledge proofs.
What Are Zero-Knowledge Proofs (ZKP)?
ZKPs enable someone to prove they know or have a piece of data without revealing the underlying information. A “prover” creates a proof using knowledge of a system’s inputs, and a “verifier” confirms the proof was calculated correctly, even though the verifier cannot see the information. Essentially, zero-knowledge proofs make it possible to verify the validity of a dataset while preserving the privacy of the data itself.
Historical Context
Zero-knowledge proofs (ZKPs) were first mentioned in a paper by Shafi Goldwasser, Silvio Micali, and Charles Rackoff, titled “The knowledge complexity of interactive proof systems,” published in 1985. The original definition still stands:
A zero-knowledge proof is a method by which one party (the prover) can prove to another party (the verifier) that something is true without revealing any information apart from the fact that this specific statement is true.
How Do ZK Proofs Work?
There are a prover (the party that proves they have some information) and a verifier (the party that verifies the prover has the info). The process typically involves three main steps: a commitment, a challenge, and a response. The verifier checks the response against the challenge and commitment to determine if the statement is indeed valid. This can be repeated multiple times to ensure a high level of confidence.
Types of Zero-Knowledge Proofs
ZK-SNARKs
Zero-Knowledge Succinct Non-Interactive Argument of Knowledge (ZK-SNARKs) is a form of ZK proof that requires no interaction between the prover and verifier. They are succinct because the proof size is small, and the verification is fast. Most ZK-SNARKs use elliptic curve cryptography and a trusted setup to generate parameters for the ZKPs.
ZK-STARKs
Zero-Knowledge Scalable Transparent Argument of Knowledge (ZK-STARKs) are similar to SNARKs but with a few differences. STARKs use hash functions instead of elliptic curves and, unlike SNARKs, do not rely on a trusted setup, making them more transparent. They are also post-quantum secure, meaning they remain secure even in the face of quantum computing advancements.
Why Use Zero-Knowledge-Based Networks?
Zero-knowledge solutions grant developers a way to leverage the security of an existing layer-1 blockchain like Ethereum while enabling dApps to scale through higher throughput and faster transactions, protecting users’ personal information by keeping it hidden off-chain, and lowering the cost for end-users by publishing transactions in batches. Ultimately, these advantages enable projects to build advanced dApps that rival the performance and functionality of Web2 systems while maintaining the benefits of decentralization.
Comparing Zero-Knowledge Solutions and Optimistic Rollups
Optimistic rollups are an alternative layer-2 technology used by prominent scaling solutions. According to the analytics site L2Beat, as of June 29, 2022, optimistic rollups account for 74.3% of the total value locked (TVL) stored on Ethereum layer-2 networks, with zero-knowledge-based solutions accounting for 25.9%.
The fundamental difference between zero-knowledge scaling solutions and optimistic rollups is how transactions are verified. Optimistic rollups use fraud proofs that are only generated when disputing a state change published on the layer-1 blockchain, while zero-knowledge solutions post validity proofs after every batch is published on-chain. This means that zero-knowledge-based protocols always have a valid state, with the trade-off of consuming more gas to verify validity proofs on the base chain.
Combining zero-knowledge rollups with off-chain data can increase gas consumption efficiency. These more efficient zero-knowledge-based solutions are known as validiums and volitions. Critically, they can also prove a state is valid without revealing the underlying data, which can help drive enterprise adoption of public blockchains as organizations can protect user information and trade secrets.
Another difference between the two types of layer-2 solutions is their capital efficiency. In optimistic rollups, the standard window for transactions to be finalized and for withdrawals to be processed is one week, while users can withdraw funds in around ten minutes from zero-knowledge solutions.
Types of Zero-Knowledge-Based Solutions
zk-Rollups
Zero-knowledge rollups bundle many transactions together and post them to the layer-1 blockchain with a proof verifying the validity of that computation. The proofs that get published on-chain are known as validity proofs and can be either SNARKs or STARKs. When these proofs are verified on the layer-1 blockchain, the zero-knowledge rollup has a new state.
Validium
Validiums combine validity proofs with off-chain data storage to enhance scalability. Validity proofs are still published on the base chain, while data is stored off-chain. This significantly improves throughput and lowers gas costs. This architecture presents the risk that malicious actors may make data unavailable, preventing users from withdrawing their funds. This data-availability problem is being overcome with proof-of-stake-type systems that use cryptoeconomic incentives to ensure data is stored by many different nodes and is always available. It’s important to note that while these malicious actors could stop transactions, they cannot directly steal user funds.
Volitions
Volitions combine both zk-rollups and validiums, allowing users to choose between either scaling solution as they share a single state root. Even if there were a successful malicious attack on the validium side of the volition, funds on the zk-rollup side would still be safe. This enables entities willing to pay higher fees for the higher security guarantees of a zk-rollup to natively interact with participants who prefer the lower transaction costs of a volition.
Zero-Knowledge Proof Blockchain Projects
zk-STARK Based Projects
- StarkEx: A layer-2 scalability solution built on Ethereum that uses STARK proofs to validate self-custodied transactions, enabling trading and payment applications. Projects built on StarkEx, such as DeversiFi, Sorare, and dYdX, have generated hundreds of millions of transactions and hundreds of billions of dollars in trading volume. However, StarkEx does not support smart contract functionality that enables fully-featured dApps.
- StarkNet: A general-purpose platform that enables developers to deploy smart contracts on an Ethereum-based zk-rollup. Prominent Ethereum dApps like Aave and Maker are set to launch on StarkNet. StarkEx zk-rollups can be launched on top of StarkNet to increase an application’s scalability.
- Immutable X: An NFT platform that facilitates the minting and trading of NFTs and tokens using an application-specific zk-rollup with StarkEx. The platform has supported tens of millions of NFT mints and trades with low fees, even during periods of network congestion on Ethereum. Immutable X will also launch on StarkNet.
zk-SNARK Based Projects
- Zcash: One of the earlier crypto assets that helped pioneer the use of zero-knowledge technology in the industry.
- Loopring: A decentralized exchange (DEX) built on Ethereum that supports order book style trading without taking custody of users’ assets. Powered by Chainlink Price Feeds, it has served over a hundred thousand users and facilitated billions in trading volume.
- zkSync 1.0 and 2.0: A rollup on Ethereum that supports token transfers and swaps. zkSync 2.0 is a layer-2 Ethereum scaling solution that uses a volition architecture that supports smart contracts.
- ZigZag: A decentralized exchange that uses an order book for ERC-20 trading pairs. The protocol currently operates on zkSync 1.0 but has plans to launch on both zkSync 2.0 and StarkNet.
- Mina: A lightweight zero-knowledge proof blockchain project that uses SNARKs to produce blocks limited to 22kb in size, with full smart contract functionality.
How Zero-Knowledge Protocols Can Increase Decentralization, Reliability, and Security
Zero-knowledge protocols can strengthen their security guarantees and automate their applications with reliable and decentralized Chainlink oracle services. Protocols across the Web3 ecosystem can use Chainlink trust-minimized services to access any external API and leverage secure off-chain computation to build more advanced applications.
Zero-knowledge protocols can enhance their dApps with:
- Highly accurate market data: Chainlink Price Feeds underpin the DeFi economy with hyper-reliable and globally precise price market data that is used to support decentralized stablecoins, lending and borrowing protocols, trading platforms, and many more use cases.
- Verifiable randomness: Chainlink VRF generates randomness backed by a cryptographic proof, which is then delivered and verified on-chain. NFT platforms can use this randomness for provably fair mints, while blockchain games can use it to create unpredictable gameplay.
- Smart contract automation: Chainlink Automation is a decentralized service that can be used to automatically trigger crucial smart contract functions such as settling limit orders, executing liquidations, rebasing tokens, and more.
- Proof of reserve: Chainlink Proof of Reserve provides automated verification based on cryptographic truth for reserve assets, enabling zero-knowledge protocols to reduce risk, improve transparency, and help prevent systemic failures in DeFi.
- Cross-chain communication: The Cross-Chain Interoperability Protocol (CCIP) provides protocols with a universal, open standard with which to build secure cross-chain applications that can transfer tokens, send messages, and initiate actions across Web3.
Enhancing Any Blockchain Project With DECO
A zero-knowledge proof crypto project doesn’t have to use a zk-rollup, validium, or volition to benefit from zero-knowledge technology. DECO uses zero-knowledge proofs to guarantee that data remains private and tamper-proof during its delivery across HTTPS/TLS systems.
DECO-enabled Chainlink oracle nodes can prove facts about data sourced from trusted servers without revealing the data on-chain, while also proving the source of the data since the TLS chain of custody is maintained. This enables a wide range of advanced use cases, such as decentralized identity (DID) protocols and DeFi platforms supporting undercollateralized loans by checking with an established institution whether a user’s creditworthiness meets their requirement without viewing any personal data.
Ultimately, DECO provides security guarantees that enable users to securely use personal information in on-chain systems without having to make that data available on-chain.
Conclusion
Together with layer-1 blockchains and decentralized oracle networks, zero-knowledge proofs are set to transform the blockchain industry by enabling ZKP projects to build highly scalable, cost-efficient, and advanced applications while preserving users’ privacy.
While there are other layer-2 solutions that may provide a better architecture for certain applications, zk-rollups, validiums, and volitions are set to capture a large volume of users among both individuals and enterprises as the blockchain industry moves toward mass adoption.
If you are a developer and want to integrate Chainlink trust-minimized services, check out our documentation, ask a question in Discord, or set up a call with an expert.
