zk-SNARKS, How is This Algorithm Used
The algorithm for privacy
What is zk-SNARKS?
zk-SNARKS stands for zero-knowledge Succinct Non-Interactive Argument of Knowledge. It is one of the main algorithms that run blockchain, specifically blockchain privacy to boot.
S- Succinct means that the proofs are small and easy to verify even if the concept being proven is complicated!
N- Non-interactive means that we don’t need a back-and-forth communication between a prover and verifier — like the “Where’s Waldo?” example, a prover can hand over the proof, the construction-paper-contraption, and a verifier can tell if the proof is valid without asking any further questions.
AR- Argument is a formalism for talking about these proofs because there is some fancy cryptography and non-determinism that doesn’t quite make these “formal proofs” in the traditional sense (though we can still think of them as such).
K — Knowledge refers to the fact that the prover actually has the evidence themselves — Not only do they prove that Waldo exists on the page, but as the prover, they know where Waldo is on the page.
The purpose of zero-knowledge proofs is for a verifier to be able to convince itself that a prover knows about a secret parameter called a witness that fulfills some connection without revealing the witness to the verifier or anybody else.
We may think about this in terms of a program called C that takes two inputs: C (x, w). The public input is x, and the secret witness input is w. The program’s output is boolean, meaning it is either true or false. The purpose is to prove that the prover knows a secret input w such that C(x,w) == true given a specified public input x.
Wikipedia says it more succinctly here.
In cryptography, a zero-knowledge proof or zero-knowledge protocol is a method by which one party (the prover) can prove to another party (the verifier) that a given statement is true while the prover avoids conveying any additional information apart from the fact that the statement is indeed true. The essence of zero-knowledge proofs is that it is trivial to prove that one possesses knowledge of certain information by simply revealing it; the challenge is to prove such possession without revealing the information itself or any additional information.
How is it used
zk-SNARKs have been included into Ethereum by developers. What does this represent? In concrete terms, precompiled contracts can be used to bring the verification algorithm’s building blocks to Ethereum.This is how: To generate the proving key and verification key, run the generator off-chain. Any prover can then generate a proof off-chain using the proving key. You can then use the proof, the verification key, and the public input as input parameters to run the general verification algorithm inside a smart contract. The outcome of the verification algorithm can then be used to activate other on-chain activities.
In some crypto transactions the sender address, receiver address, and input and output values are all linked on the public blockchain to validate transactions. Zcash and Mina protocoal and other blockchain crypto groups use zk-SNARKs to demonstrate that the prerequisites for a valid transaction have been met without disclosing any sensitive information about the addresses or values involved. These are shielded transactions. The sender of a shielded transaction creates a proof to indicate that, with a high degree of certainty.
Bitcoin tracks unspent transaction outputs (UTXOs) to determine what transactions are spendable. A “commitment” in Zcash is the protected counterpart of a UTXO, and spending a commitment requires exposing a “nullifier.” All of the commitments that have been created, as well as all of the nullifiers that have been exposed, are kept on Zcash nodes. To avoid releasing any information about the commitments or which nullifiers correspond to which commitments, commitments and nullifiers are maintained as hashes.
It keeps both parties from knowing everything about the other party. Your transactions will remain private and secure, and untraceable. Bitcoin and other cryptocurrencies everything is on the ledger and public, same with Ethereum for the most part. If you know the sender’s wallet address you can track their transactions ‘on chain’. This is how many are able to follow the most successful investors in the NFT space, by tracking successful investors transactions.
An example from Ethereum
Here’s an example of how zk-SNARKs can help with Ethereum privacy.
Assume we have a straightforward token contract. A mapping from addresses to balances would normally be at the heart of a token contract.
The sender and receiver of transactions will not be hidden. However, the balances and sent sums will be hidden. Confidential transactions is a term used to describe this attribute.
To send tokens from one account to another, we’ll use two zk-SNARKs. The sender creates one proof and the receiver creates another.
The sender’s beginning balance and transaction value will be used as private inputs. They use hashes of initial balance, ending balance, and value as public inputs. Starting balance and value will also be used as secret inputs by the receiver. They use hashes of initial balance, ending balance, and value as public inputs.
How does this look:
Below is the program we will use for the sender zk-SNARK, where as before x represents the public input, and w represents the private input.
function senderFunction(x, w) {
return (
w.senderBalanceBefore > w.value &&
sha256(w.value) == x.hashValue &&
sha256(w.senderBalanceBefore) == x.hashSenderBalanceBefore &&
sha256(w.senderBalanceBefore - w.value) == x.hashSenderBalanceAfter
)
}Code language: JavaScript (javascript)
The program used by the receiver is below:
function receiverFunction(x, w) {
return (
sha256(w.value) == x.hashValue &&
sha256(w.receiverBalanceBefore) == x.hashReceiverBalanceBefore &&
sha256(w.receiverBalanceBefore + w.value) == x.hashReceiverBalanceAfter
)
}Code language: JavaScript (javascript)
The programs verify that the sending balance is more than the value being transmitted and that all hashes are same. The proving and verification keys for our zk-SNARKs would be generated by a trusted group of people.
What happens at the end is hashes of the balances are updated, not the balances themselves. As a reader of the transaction, or verifier, you do not know the actual balance, just a representation of that balance.
This is meant to give readers and general audience a basic understanding of what zk-SNARKS algorithm is used for. It is mostly used in blockchain and cryptocurrency transactions at this point. There is some reason to believe this algorithm will move beyond the crypto enclave someday. That is if it gets faster and a version can be found that takes less energy than the current iteration of zk-SNARKS does.
There are other crypto projects that use some form of zk-SNARKS in their privacy stack such as Celo, Loopring, and Monero. These all have their own version of a privacy algorithm that may or may not be zk-SNARKS based.
I hope you enjoyed this post.
Also, if you are not a Medium member and you would like to gain unlimited access to the platform, consider using my referral link right here to sign up. It’s $5 a month and you get unlimited access to my articles and many others like mine. Thank you.
If you want to subscribe to my email list click here.
My business site is here
