Zero-knowledge proofs have gained significant attention in recent years, captivating researchers, technologists, and developers. Zero-knowledge proofs (ZKPs) are a cryptographic method by which one party (the Prover) can prove to another party (the Verifier) that a given statement is true without revealing any additional information about the statement. ZKPs have the potential to revolutionize the way we interact with computers and the internet, and they are particularly exciting for their potential to help scale blockchains and enable new applications.
By leveraging these proofs, users can authenticate their claims and interactions within a blockchain network without compromising privacy or security. One of the biggest challenges facing blockchain technology is scalability. Blockchains are designed to be decentralized and secure, but this also makes them slow and expensive to use. ZKPs can help to address this challenge by allowing blockchains to process more transactions per second without sacrificing security.
For example, ZKPs can be used to prove that a user has the right to vote without revealing their identity. This would allow blockchain-based voting systems to be more secure and efficient than traditional voting systems.
These primitives also have the potential to enable a wide range of new applications, including:
- Decentralized identity: ZKPs can be used to create decentralized identities that can be used to prove who you are without revealing any personal information. This would allow you to use your identity online without having to worry about your privacy being compromised.
- Privacy-preserving computation: ZKPs can be used to perform computations on data without revealing the underlying data. This would allow you to share data with others without having to worry about your privacy being compromised.
- Confidential transactions: ZKPs can be used to make transactions on a blockchain confidential. This would allow you to make payments without having to worry about your financial information being exposed.
This primitive works by having the Prover and Verifier engage in a series of questions and answers. The Prover uses the knowledge of the secret to answer the Verifier’s questions in a way that proves the truth of the statement, but without revealing any additional information about the secret.
For example, the Prover wants to prove to the Verifier that they know the value of a secret number, without revealing the secret number itself. The Prover and Verifier could engage in the following conversation:
- The Prover chooses a random number, let’s say 456
- The Prover then computes a function of the secret number and the random number, let’s say 789
- The Prover sends the function value, 789, to the Verifier
- The Verifier can then compute the function value themselves, using the secret number that they do not know
- If the Verifier computes the same function value, 789, then they know that the Prover must know the secret number
- The Verifier does not learn anything about the secret number, because they only computed the function value, not the secret number itself
At the end of this conversation, the Verifier can be confident that the Prover knows the value of the secret number, because the Prover was able to answer all of the Verifier’s questions correctly. However, the Verifier does not know the value of the secret number, because the Prover never revealed it.
SNARKs (Succinct Non-interactive zero-knowledge proofs) and STARKs (Scalable Transparent Arguments of Knowledge) are two common types of zero-knowledge proofs. SNARKs work by using a Prover and a Verifier. The Prover has the information that they want to prove, and the Verifier wants to verify that information. The Prover generates a proof, which is a small piece of data that proves that the statement is true. The Verifier then verifies the proof, which is a quick and efficient process. STARKs work in a similar way to SNARKs, but they are more efficient. STARKs are able to generate proofs that are even smaller than SNARK proofs, and they can be verified even more quickly.
Both SNARKs and STARKs have the potential to be used to improve the scalability and efficiency of blockchains. By using zero-knowledge proofs, blockchains can verify transactions more quickly and efficiently, without sacrificing security.
Here are some of the benefits of using SNARKs and STARKs:
- Scalability: SNARKs and STARKs can help to scale blockchains by reducing the computational cost of verifying transactions.
- Efficiency: SNARKs and STARKs can help to make blockchains more efficient by reducing the time it takes to verify transactions.
- Security: SNARKs and STARKs can help to improve the security of blockchains by making it more difficult to attack them.
In its early years, Ethereum operated in a monolithic manner, with the main network (layer one) performing all transaction executions, security, and data services. Recently, Ethereum has been transitioning towards a modular design, relying on external third-party solutions to enhance scalability of data and execution. This has led to the rise of Layer 2 solutions such as Optimism and Aztec, which execute transactions off-chain and then efficiently “rollup” batches of transactions to the Ethereum Layer 1, significantly improving transaction speed and affordability.
Two main types of solutions have emerged to optimize Ethereum’s execution capabilities: on-chain and off-chain scaling. On-chain scaling involves direct modifications to the blockchain to improve its transaction execution capabilities, like sharding. Off-chain scaling, on the other hand, involves external execution environments that facilitate fast, inexpensive transactions outside of Ethereum and then post transaction data in batches to Ethereum for finalization. One popular off-chain solution is zero-knowledge rollups (ZK rollups) which can facilitate around 2,000 transactions per second (TPS), a significant increase from Ethereum’s current ~30 TPS.
These rollups allow the combination of general-purpose EVM computation with the extensive transaction efficiencies offered by zero-knowledge proofs, which is seen as the “holy grail” of zk rollups. Ethereum’s creator, Vitalik Buterin, has predicted that zk rollups will eventually “win out in all use cases” due to advancements in zk-SNARK technology. We’re now also seeing these primitives being used to represent Ethereum Smart Contracts into a ZKP circuit. Commonly known as zk-EVMs (Zero-knowledge Ethereum Virtual Machines) are a type of virtual machine that can be used to run smart contracts on blockchains that can generate and verify proofs. Current blockchains are limited in their throughput by the need to verify every transaction on the blockchain. This verification process is computationally expensive, and it limits the number of transactions that can be processed per second. zk-EVMs can significantly reduce the computational cost of verifying transactions by using zero-knowledge proofs. He has notably categorized them into four main types:
- Type 1 zk-EVMs: Type 1 ZK-EVMs are fully Ethereum-equivalent, meaning they can verify Ethereum blocks as they are today. This makes them ideal for rollups, which can re-use a lot of infrastructure from Ethereum. However, Type 1 ZK-EVMs have the disadvantage of requiring a long prover time, which can be mitigated by clever engineering or ZK-SNARK ASICs.
- Type 2 zk-EVMs: Type 2 ZK-EVMs are fully EVM-equivalent at the VM level, but not quite Ethereum-equivalent. They make changes to data structures that hold things like the Ethereum state, but these are structures that the EVM itself cannot access directly. This means that applications that work on Ethereum would almost always still work on a Type 2 ZK-EVM rollup, but with some modifications.
- Type 3 zk-EVMs: Type 3 ZK-EVMs are almost EVM-equivalent, but make a few sacrifices to exact equivalence to further improve prover times and make the EVM easier to develop. The main advantage of Type 3 ZK-EVMs is that they are easier to build and have faster prover times than Type 1 or Type 2 ZK-EVMs. This is because they remove a few features that are exceptionally hard to implement in a ZK-EVM implementation. However, they have the disadvantage of being less compatible with Ethereum applications than Type 1 or Type 2 ZK-EVMs.
- Type 4 zk-EVMs: Type 4 ZK-EVMs are high-level-language equivalent, meaning they can be used to compile smart contracts from high-level languages such as Solidity and Vyper to languages that are explicitly designed to be ZK-SNARK-friendly. The main advantage of Type 4 ZK-EVMs is that they have very fast prover times. This is because they avoid the overhead of ZK-proving all the different parts of each EVM execution step, and instead start from the higher-level code directly.
The A.Capital portfolio has also been actively investing in this ecosystem over the last 4 years and notably excited about these 4 companies:
- Aleo: A privacy-preserving platform that enables developers to build decentralized private applications without sacrificing security or scalability. It does this by using zk-SNARKs, a type of zero-knowledge proof.
- Aztec: A privacy-focused layer-2 scaling solution for Ethereum that uses zk-SNARKs to enable private transactions. This means that users can send and receive ETH and ERC-20 tokens without their transactions being visible to the public.
- Ironfish: A privacy-preserving layer-1 blockchain that uses zk-SNARKs to enable private transactions and smart contracts. This means that users can interact with dApps without their activity being visible to the public.
- Stackr: A platform that allows developers to build application-specific rollups on Ethereum in web2 programming languages. This makes it possible to build more scalable and efficient web3 applications.
These projects are all working to address the privacy and scaling challenges of blockchain technology. By using zero-knowledge proofs, they are able to provide privacy without sacrificing security or scalability. This makes them promising candidates for the future of privacy-preserving blockchain applications.
The research and development of zero-knowledge proofs have paved the way for enhanced privacy, security, and efficiency in blockchain applications. Ongoing efforts are focused on optimizing zero-knowledge proof systems, making them more scalable, faster, and easier to implement. We’re extremely optimistic about the R&D efforts of ZKPs and how they represent a significant leap forward in computing.
