In both real life and the digital world, we often want to prove things to others. Before entering an office building, employees usually provide some type of ID before getting inside.
When users try to log into an app such as Facebook or Twitter, these services must first ask the user to log in with a password and occasionally a one-time passcode (OTP) is sent to their mobile device.
A downside of providing proof is we often give other types of information away. Providing a password to a website still means that the website itself keeps a copy of the hashed password in its servers. If someone were to hack the office building’s employee ID scanner, they may be able to obtain everyone’s private keys.
Zero-knowledge proofs or ZKPs provide a way for validating an identity or transaction without having to provide additional information. Because of its applications in cryptography, ZKPs have been adapted by blockchains to create secure and scalable validation protocols.
What are Zero-Knowledge Proofs?
Zero-knowledge proofs were first proposed by MIT researchers Silvio Micali, Charles Rackoff, and Shafi Goldwasser in 1985 in their paper “The knowledge Complexity of Interactive Proof-Systems”
This paper introduced the concept of knowledge complexity. This refers to the amount of knowledge about a proof transferred from the prover to the verifier. Zero-knowledge proofs aim to allow a party to prove that a specific statement is true to another party without having to disclose any other information.
ZKPs can be used as a secure alternative to current authentication systems and can also be added to blockchain protocols to keep transactions private.
How Do ZKPs Work?
To illustrate how zero-knowledge proofs work, let’s take a look at an abstract example of a ZKP.
Let’s say that you have a friend that is red-green colorblind. You have with you two identical balls that differ only in color: one red, and one green. To your friend, they look identical, but as a person without colorblindness, you can easily tell them apart.
Is it possible for you to prove to your friend that they are a different color without revealing which ball is red or green?
There is, in fact, a way to prove this without revealing the colors of the balls. First, you must let your friend put both balls behind his back and tell him to show any ball and hide it again. Next, you tell your friend that he has the choice to show the same ball again or switch it with the other.
Every time a new ball is shown, you can tell him whether he switched the ball or not. If you keep guessing the right call, it becomes more and more likely that the balls are differently colored. Your friend should now be convinced that the balls are differently colored without having to tell him which balls have which color.
Most practical examples of zero-knowledge proofs fall into two types.
First, ZKPs can be used when designing protocols. We can ensure that different parties cannot cheat or take advantage of the protocol. Second, ZKPs can be used for identification.
For example, we can use ZKPs to log in to a web application securely without having to reveal the password itself.
Let’s look into a few examples of how we can use zero-knowledge proofs.
One commonly discussed application of ZKPs is their possible role in online voting. Let’s say that we have an upcoming referendum where users can vote on a proposed policy. Each eligible voter is allowed to vote either 1 or 0 on the ballot.
Using ZKPs, voters can prove their right to cast a ballot without revealing their identity. This ensures that each vote will be truly anonymous. An additional ZKP will also be used to prove that a particular user’s vote is part of the final tally of votes.
Regarding the contents itself of the ballots, the voting system can also generate a zero-knowledge proof that each ballot contains either a 1 or 0. This is accomplished without having to know the contents of the ballot itself.
Blockchains such as Bitcoin and Ethereum do not natively support private transactions. As long as your Bitcoin wallet is public, anyone can go to a block explorer such as Blockstream to see all transactions that the wallet is part of.
Meanwhile, using a service such as a bank or payment services such as Cash App or Venmo gives you the ability to transact privately. This convenience, however, comes at the cost of revealing your information to the centralized service.
We can combine anonymity with decentralization by adding ZKPs to the blockchain protocol. Cryptocurrencies such as ZCash use ZKPs to create private transactions that allow coin holders to maintain their anonymity. Several of these cryptocurrencies use a type of ZKP known as zk-SNARK.
These ZKPs require no interaction between the prover and the verifier.
ZK-rollups are a scalability solution that allows off-chain transactions to be verified instantly and with minimal gas fees. They are a way to combine a large number of Layer 2 transactions and submit them onto the Layer 1 protocol.
Besides providing privacy, ZKPs allows for the scaling of complex systems. Blockchain protocols can use ZKPs to prove that users have settled the right transactions, have the appropriate balance, and so on. These secure yet scalable solutions are only possible through the mathematical proofs done off-chain in ZKPs.
Protocols such as Loopring use zero-knowledge proofs to help process off-chain transactions without having to compromise security.
Benefits of Zero-Knowledge Proofs
- ZKPs replace less reliable forms of authentication such as PINs or identification cards
- ZKPS increases the scalability of blockchains
- Implementation of ZKP requires simple encryption methods
- The use of ZKPS can make systems more secure by not requiring unnecessary information to be stored in the system.
Data privacy is already a major issue in both centralized and decentralized systems. Zero-knowledge proofs provide a way for different parties to prove or validate transactions and identities without having to reveal said transactions or identities.
As blockchain technology gets more widely used, the adoption of ZKPs to handle verification securely will be key to scalability concerns.