The Spartan Group
Published in

The Spartan Group


1. What are ZK Proofs

2. How can ZK Proofs be used with SBTs?

3. What is zk-SNARK?

  • Zero-Knowledge: During the interaction, the verifier learns nothing apart from the statement’s validity.
  • Succinct: The proofs are short and fast to verify.
  • Non-interactive: There is no or only a little interaction. For zk-SNARKs, there is usually a setup phase and, after that, a single message from the prover to the verifier. Furthermore, SNARKs often have the so-called “public verifier” property, meaning anyone can verify the proofs themselves.
  • ARguments: The verifier is only protected against computationally limited provers. Provers with sufficient processing power can generate proofs/arguments about incorrect statements. This is regarded as “computational soundness,” as opposed to “perfect soundness.”
  • of Knowledge: it is not possible for the prover to construct a proof/argument without knowing a certain so-called witness.

4. High-Level Explanation of how ZKSBT works

4.1.1 Generate a random Lambda.

4.1.2 Generate proving key and verification key

Generate proving key `pk` and verification key `vk` with program C and lambda.

4.1.3 Sharing of proving and verification key

Project generating proving and verification key for the user

4.1.4 Generation of Proof

Where H is the hash secret, s is the secret and pk is the proving key
User generating proofs

4.1.5 Verification of User’s Attribute

5. TL;DR of the High-Level Example

5.1 On-chain vs Off-chain Algorithms

  • The project (verifier) will run the generator to generate the proving key and verification key.
  • Any user (prover) can then use the proving key to generate an off-chain proof.
  • The user can do so by running the proving algorithm with the following inputs — proving key, public input and private witness (generated from the hash of the secret and the secret).
  • The general verification algorithm inside a smart contract can be run with the proof, hash of the secret, and verification key as public input parameters.
  • The outcome of the verification algorithm can then be used to trigger other on-chain activity.
Full trusted setup process for zk-SNARKs. Source:

6. Implementation of zkSBT

6.1 Circuit Creation

6.2 Setup Phase

6.2.1 Key Generation

6.3 Proof Generation Phase

6.4 Verification Program Phase

6.4.1 How can projects use Verifier.sol in their SBT? Risk: Preventing Replay Attacks

6.5 Implementation Architecture

7. Composability of ZKSBT (zk-SNARK SBT) with Counter Party Soul

7.1 Monolithic Approach: SBT issuer takes responsibility

7.2 Polylithic Approach: Each project takes responsibility

8. Conclusion



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Spartan Labs

A Web3 Venture Studio, backed by The Spartan Group. Just imagine the smartest people working on the coolest stuff in Web3. That’s us.