Education: zkSNARK

Hi everyone,

if you have heard about the term “ZK” or “Zero-Knowledge”, may be from this article,

and wants to learn more, this is the article you might have to read. I will explain it in the most accesible way, even for people who is just a starter.

Zero-Knowledge Succinct Non-Interactive Argument of Knowledge (zkSNARKs)

Prerequsite

You are familiar with high school-level mathematics and have experience using a Web3 wallet, such as Metamask.

Introduction

As a preparation, please watch the attached videos:

Public Key Cryptography

Let's begin the concept of Zero-Knowledge Proof with the concept of public key cryptography within the context of web3 technology.

Image 1: Module 0 Part 2 at 2:13
Image 1: Module 0 Part 2 at 2:13
  1. We have two key actors: a Prover and a Verifier. You can think of the Prover as akin to a Metamask wallet, and the Verifier as a decentralized application (dApp) protocol.

  2. Within the Prover's wallet, there are two essential components: a private key represented as a^\hat{a} and a corresponding public key denoted as aa. Anyone can access the public address associated with the wallet, if they know ระ. However, the private key should remain concealed as its name suggests.

  3. Now, when the Prover interacts with dApps, the Verifier initiates the process by sending a value cc to the Prover. The Prover then proceeds to sign cc using the Signa^(c)Sign_{\hat{a}}(c) function. Here, cc serves as the input for the Sign function, anda^ \hat{a} plays a pivotal role as the primary parameter for this signing operation. The outcome of this signing process is represented as rr as shown above.

  4. Subsequently, the Verifier undertakes the crucial task of verifying rr. This verification operation is conducted by employing the Prover's existing public key a^\hat{a} as the primary parameter for the Verify function. The objective is to determine whether the output of this verification process, denoted as Verifya(r)Verify_{a}(r), matches the original message cc. In essence, this verification step ensures the integrity and authenticity of the message cc in the context of the interaction between the Prover and the Verifier.

Now that you gained some basic understanding of cryptography, let's progress to exploring the concept of zkSNARKs.

zkSNARKs: Explained

Image 2: Module 0 Part 1 at 12:51
Image 2: Module 0 Part 1 at 12:51

Now, let’s describe each word in the term zkSNARKs

  • Zero-Knowledge: refers to Zero-Knowledge proof which means that the prover can convince the verifier that a statement is true without conveying any additional information (or knowledge, which is the witness *ww *from Image 2) apart from the fact that the statement is indeed true.

  • Succint: refers to the proof being very small in size and quick to verify.

  • Non-Interactive: means that the process requires minimal communication between the prover and the verifier, often just a single message (therefore it is fast to verify).

  • Arguement: is synonymous with proof.

To explain the concept of zkSNARK from Image 2, let’s think about the public key cryptography example. You may compare

  • the knowledge $w $ as a private key a^\hat{a}, which is assumed to only be known by the prover.

  • Then, the verifier asks to compute F(x)=cF(x)=c,

  • And thus, the result is y = r = Signa^(c).Sign_{\hat{a}}(c).

Therefore, in short,

  • SNARKs are cryptographic tools for efficiently proving knowledge or computations, as described that they are succinct and non-interactive and have properties as described in Image 2.

  • zkSNARKs add an extra layer of privacy through the term Zero Knowledge proofs, allowing for verification without revealing sensitive information."

zkSNARKs: Challenges

However, there are still notable issues, such as the requirement for Trusted Setup and vulnerability to quantum attacks. Consequently, zkSTARKs have emerged as a competitive alternative. The table below offers a summarized comparison.

Image 3: A comparision between zk-SNARKs and zk-STARKs                        https://hacken.io/discover/zk-snark-vs-zk-stark/
Image 3: A comparision between zk-SNARKs and zk-STARKs https://hacken.io/discover/zk-snark-vs-zk-stark/

Conclusion

Anyone who reads this article should gain a clear understanding of the fundamental concepts of zkSNARKs. Those wishing to delve deeper into zkSNARK technologies can find more detailed articles in the References section.

Note: This post is a contribution to ProjectZKM, the universal zkVM empowering Ethereum as the Global Settlement Layer.

Reference

  • ProjectZKM: Full playlist
  • The paper
  • Consensys: Good readable introduction to zkSNARKs
  • Berkeley: Good precise lecture
Subscribe to lordachita
Receive the latest updates directly to your inbox.
Mint this entry as an NFT to add it to your collection.
Verification
This entry has been permanently stored onchain and signed by its creator.