Education: zkSNARK

Hi everyone,

if you have heard about the term “ZK” or “Zero-Knowledge”, may be from this article,

https://mirror.xyz/lordachita.ecc.eth/YoZky_NCemwVLttigoRK1v4yoFgYLjOfMph8hJP47hU

and wants to learn more, this is the article you might have to read. I will explain it in the most accesible way, even for people who is just a starter.

Zero-Knowledge Succinct Non-Interactive Argument of Knowledge (zkSNARKs)

Prerequsite

You are familiar with high school-level mathematics and have experience using a Web3 wallet, such as Metamask.

Introduction

As a preparation, please watch the attached videos:

https://www.youtube.com/watch?v=C0uJs8hwaRY&list=PLJ_r35m80nKhImOYtUj1MsVhcepHH4x_Z&index=1&ab_channel=ZKM

https://www.youtube.com/watch?v=3jktuvQ49ms&list=PLJ_r35m80nKhImOYtUj1MsVhcepHH4x_Z&index=2&t=8s&ab_channel=ZKM

Public Key Cryptography

Let's begin the concept of Zero-Knowledge Proof with the concept of public key cryptography within the context of web3 technology.

  1. We have two key actors: a Prover and a Verifier. You can think of the Prover as akin to a Metamask wallet, and the Verifier as a decentralized application (dApp) protocol.

  2. Within the Prover's wallet, there are two essential components: a private key represented as $$\hat{a}$$ and a corresponding public key denoted as $$a$$. Anyone can access the public address associated with the wallet, if they know ระ. However, the private key should remain concealed as its name suggests.

  3. Now, when the Prover interacts with dApps, the Verifier initiates the process by sending a value $$c$$ to the Prover. The Prover then proceeds to sign $$c$$ using the $$Sign_{\hat{a}}(c)$$ function. Here, $$c$$ serves as the input for the Sign function, and$$ \hat{a}$$ plays a pivotal role as the primary parameter for this signing operation. The outcome of this signing process is represented as $$r$$ as shown above.

  4. Subsequently, the Verifier undertakes the crucial task of verifying $$r$$. This verification operation is conducted by employing the Prover's existing public key $$\hat{a}$$ as the primary parameter for the Verify function. The objective is to determine whether the output of this verification process, denoted as $$Verify_{a}(r)$$, matches the original message $$c$$. In essence, this verification step ensures the integrity and authenticity of the message $$c$$ in the context of the interaction between the Prover and the Verifier.

Now that you gained some basic understanding of cryptography, let's progress to exploring the concept of zkSNARKs.

zkSNARKs: Explained

Image 2: Module 0 Part 1 at 12:51

Now, let’s describe each word in the term zkSNARKs

  • Zero-Knowledge: refers to Zero-Knowledge proof which means that the prover can convince the verifier that a statement is true without conveying any additional information (or knowledge, which is the witness *$$w$$ *from Image 2) apart from the fact that the statement is indeed true.

  • Succint: refers to the proof being very small in size and quick to verify.

  • Non-Interactive: means that the process requires minimal communication between the prover and the verifier, often just a single message (therefore it is fast to verify).

  • Arguement: is synonymous with proof.

To explain the concept of zkSNARK from Image 2, let’s think about the public key cryptography example. You may compare

  • the knowledge $w $ as a private key $$\hat{a}$$, which is assumed to only be known by the prover.

  • Then, the verifier asks to compute $$F(x)=c$$,

  • And thus, the result is y = r = $$Sign_{\hat{a}}(c).$$

Therefore, in short,

  • SNARKs are cryptographic tools for efficiently proving knowledge or computations, as described that they are succinct and non-interactive and have properties as described in Image 2.

  • zkSNARKs add an extra layer of privacy through the term Zero Knowledge proofs, allowing for verification without revealing sensitive information."

zkSNARKs: Challenges

However, there are still notable issues, such as the requirement for Trusted Setup and vulnerability to quantum attacks. Consequently, zkSTARKs have emerged as a competitive alternative. The table below offers a summarized comparison.

Image 3: A comparision between zk-SNARKs and zk-STARKs https://hacken.io/discover/zk-snark-vs-zk-stark/

Conclusion

Anyone who reads this article should gain a clear understanding of the fundamental concepts of zkSNARKs. Those wishing to delve deeper into zkSNARK technologies can find more detailed articles in the References section.

Note: This post is a contribution to ProjectZKM, the universal zkVM empowering Ethereum as the Global Settlement Layer.

Reference

  • ProjectZKM: Full playlist

https://www.youtube.com/playlist?list=PLJ_r35m80nKhImOYtUj1MsVhcepHH4x_Z

  • The paper

https://dl.acm.org/doi/10.1145/62212.62222

  • Consensys: Good readable introduction to zkSNARKs

https://consensys.io/blog/introduction-to-zk-snarks

https://consensys.io/blog/zero-knowledge-proofs-starks-vs-snarks

  • Berkeley: Good precise lecture

https://www.youtube.com/watch?v=gcKCW7CNu_M&ab_channel=Blockchain-Web3MOOCs

Loading...
highlight
Collect this post to permanently own it.
lordachita logo
Subscribe to lordachita and never miss a post.