Since Bitcoin and other cryptocurrencies are around, media and governments continue spreading the idea that they’d be anonymous. Sure, a wallet address isn’t directly attached to yourself as an individual, but it certainly is linked to the IP address you’re using to send and receive crypto.
The top 3 cryptocurrencies BTC, ETH, and Binance Coin, share similar consensus algorithms and store all transactions on a public ledger. The string of numbers and letters that is your public wallet address might not tell anyone directly looking at it that it’s you. Still, with advances in chain analysis and big data, it’s increasingly easy to find out who’s behind a public address. What can be used to get hold of criminals, such as the pipeline hackers whose bitcoin addresses were hopefully blacklisted, can come to bite us back when it comes to individual financial privacy.
It’s no surprise that China is leading in developing a central bank digital currency, or a CBDC, as experts like to call them. A digital currency running on a public blockchain will give them full visibility on every citizen's transactions. Considering that China isn’t known for being an advocate of Human Rights, it’s safe to assume they’ll use such data not always for the best.
But even if you’re not living in a country where the government might be actively scoring people according to their behavior, you might still want to retain privacy over some of your transactions, in the end, who you share what data with should ideally be in our own hands.
That’s what privacy cryptocurrencies are attempting to offer, and one concept all of them rely on our Zero-Knowledge Proofs. If that’s one of the things you’ve heard about but are by now afraid to ask, worry not. Today, I’ll explain what zero-knowledge proofs are, how they work, and where they can and are already used. Bear with me.
Zero-Knowledge Proofs
As the name suggests, these proofs rely on knowing nothing. Reminds you of someone? Unlike Jon Snow, though, while we know nothing, we still can prove something.
While it doesn’t sound groundbreaking, zero-knowledge proofs are among the most powerful technologies that allow us to anonymize network transactions completely. The idea was first proposed in the 1980s by a team of MIT researchers working on theoretical systems in which one party communicated with another party, trying to convince them that a mathematical statement was true.
So far, it seems like a more theoretical problem, but as we’ll see, the problem has various benefits for real-life use, for example, when it comes to using passwords. Whenever you’re logging into a cloud computing platform or your Social Media accounts, the platform verifies your password by re-computing a password hash and comparing it to the stored value. This signifies that all these platforms know your cleartext password, and no matter how complicated your password is, if they experience a breach, that’s of little use.
Imagine if the server wouldn’t need to know the cleartext version of your password but just that you have that information to verify you?
That’s what Zero-knowledge proofs make possible. How they work is often explained with Balls or Alibaba's Cave. Since we already mentioned Jon Snow, let’s use his example. Let’s assume the wolf has found a secret key that opens a door in a perfectly round cave (because why not). The door is blocking the way so that the ends of the cave don’t connect.
There are 2 pathways, A and B, on which the wolf can come out of the cave. How do we now prove to Jon that the wolf has the key?
Jon stands in front of the cave but can’t see the end of it. The wolf is in the cave, and then Jon shouts on which path the wolf should return. They repeat this various times. As the ends are blocked without the key, the wolf wouldn’t be able to always come back on the path that Jon advised. But since he has the key, it’s an easy feast. After several rounds of this, Jon knows that the wolf has the secret key without ever having seen it.
Anyone standing outside doesn’t even know what’s going on. So even when you know nothing, you can still know that a certain statement holds. Good news for Jon and all of us as Zero-Knowledge Proofs can be applied in various fields.
All Zero-Knowledge-Proofs fulfill three properties:
- Completeness: There must be a high-probabilistic chance that the prover is telling the truth
- Soundness: The prover can only convince the verifier when they are telling the truth
- Zero-Knowledgeness (Jon Snow-dness): the prover can prove that they know an information X without revealing anything about the actual information to the verifier.
Advantages of Zero-Knowledge-Proofs are:
- simplicity: they don’t require the use of any advanced encryption methodology
- Security: they’re very secure and enable users to verify information without revealing the information itself
However, they also have a few disadvantages, mainly being lengthy and limited in their use. Zero-knowledge proofs require 2000 computations which might require more resources as well as time to verify something. Additionally, only numerical values can be the secret in zero-knowledge proofs — but then, isn’t everything a sea of 0 and 1s for a computer?
Interactive vs. non-interactive
Zero-Knowledge-Proofs can be interactive or non-interactive. The above example with the Wolf and Jon is an interactive zero-knowledge-proof during which the prover (the wolf) and the verifier (Jon) interact with each other various times to convince the verifier of the soundness of the knowledge.
In non-interactive zero-knowledge-proofs, there is no interaction between the verifier and the prover; it just involves picking a hash function.
Usecases
Potential use cases of zero-knowledge-proofs include obviously private blockchain transactions (which I will cover a bit more below), verification of passwords, completely private messaging services that would ensure that no one can read private messages and establish an end-to-end trust connection, file system control, and authentication systems.
Another potential use case is in voting. Zero-Knowledge-Proofs make it possible for voters to verify that they are eligible to vote and cast their vote while staying completely anonymous.
To come full circle, a few words on privacy cryptocurrencies.
Privacy coins
Several cryptocurrency projects have developed protocols that allow users to transfer in private without revealing their wallet addresses. Many of them rely on a specific implementation of Zero-Knowledge-Proofs, the so-called zk-Snarks. The snark, while it sounds like a snake to me whenever I read it, stands for “Succinct Non-Interactive Argument of Knowledge.” It's a difficult set of words to express that it’s a construction of the Zero-Knowledge-Proof that is executed without any interaction between the prover and the verifier.
Obviously, while it sounds like prover and verifier are 2 people, it’s just nodes in the blockchain network, so computers or mining machines.
In 2016 Zcash was the first cryptocurrency that implemented zk-SNARKS to enable private transactions. One vulnerability of using zk-SNARKS, though, is that they require establishing trust at the time of set-up by sharing information. This happens during a trusted setup ceremony in which various nodes participate. The information used during the ceremony could damage the system if it fell into the wrong hands.
When ZCash launched, they, therefore, decided to destroy the private keys used in their ceremony.
Challenges for developers looking to implement zero-knowledge-proofs in their cryptocurrencies are the lack of standardization and potentially less scalability, as zero-knowledge-proofs take up quite some computing power.
Nevertheless, we’ve seen countless privacy currencies evolve over the years, all with slightly different implementations of Zero-Knowledge-Proofs and different network sizes. Apart from ZCash, Dash is another notable example that lets users decide when they want to transact publicly and when privately. Other known privacy currencies are Monero, Firo, and PirateChain.
Hopefully, you now know more about zero-knowledge-proofs and might be a bit more intrigued ever to try a private cryptocurrency.
