Today let’s have a look on zk technology in crypto! What problem can zk technologies solve? What projects adopting this technology are promising? (little spoiler =@namada is one of them).
ZK (zero-knowledge) technology is a term for protocols and services using an encryption method called zero-knowledge proofs. Zero-knowledge proofs allow one party to prove a fact to another party so they can verify it without the second party knowing the fact itself.
The concept of ZK technology emerged in the 1980s, and the development of zero-knowledge protocols has gained traction over recent years as the rise of public blockchain platforms created new applications for encryption technologies.
Zero-knowledge proofs are most commonly used to introduce privacy and scalability to blockchains. However, they have an array of potential use cases in identity and authentication.
For example, if someone needs to prove a credential, such as the fact they’re over 21, they can only do so by producing an identity document that shows their date of birth. They have no way of proving that they’re of age without disclosing their actual age or date of birth.
The researchers expanded concept into a computing theory describing the complexity of knowledge needed to prove a fact. They drew a distinction between “interactive” zero-knowledge proofs.
Two parties must repeatedly interact to prove and verify the fact, and ‘non-interactive’ zero-knowledge proofs, which eliminate the need for interaction. This issue can be illustrated by an analogy called the Ali Baba cave.
The Ali Baba cave involves two parties: Peggy, the prover, and Victor, the verifier, standing in a cave shaped like a ring. Peggy can take path A on the left or Path B on the right to reach a magic door, locked via password, blocking the path to the opposite side of the cave.
Peggy wants to prove to Victor that she knows the password for the magic door without having to tell it to him. To prove her knowledge, Peggy enters the cave while Victor waits outside so he can’t see which path she takes.
He then enters the cave and shouts the name of the path he wants Peggy to use to return. If Peggy didn’t actually know the password, there is a 50% chance of her emerging from the path Victor wanted her to use.
However, if they repeat this test many times and Peggy always emerges from the right path, Victor can eventually conclude that she must know the password.
A key breakthrough in ZK technology came in the 1991 when Manuel Blum, Paul Feldman, and Silvio Micali published their paper “Non-Interactive Zero-Knowledge and Its Applications.”
In the paper, they propose using a cryptographic key shared between the prover and verifier. The prover and verifier agree the means of proving a fact without revealing knowledge of it and generate the shared key based on these rules.
The prover can then enter their side of the shared key, which the verifier can easily verify matches theirs. The fact can now be proven and verified in a single interaction, eliminating the need for multiple interactions.
Reducing the time and burden of interaction made it feasible to deploy zero-knowledge proofs in computing at scale. The shared key works as a pair in a similar way to the public/private keys encrypting a blockchain wallet.
In the paper, Blum, Feldman, and Micali also laid out a set of criteria that apply to all zero-knowledge proofs:
- It must be sound, so that an invalid input cannot return a true value.
- It must be zero-knowledge — the verifier must only learn of the validity or otherwise of a statement, not any of the information about the original input.
- It must be complete, meaning that as long as the input is valid, the proof will always verify the statement is true and thus can be trusted.
Outside the blockchain sphere, ZK technology has applications in areas authentication and nuclear disarmament. Within blockchain, zero-knowledge proofs have developed and gained substantial utility over recent years.
Currently, there are two types of ZK technology in use by blockchain protocols: ZK-SNARKs and ZK-STARKs. ZK-SNARK is an acronym that stands for Zero-Knowledge Succinct Non-Interactive Argument of Knowledge. Each letter is a defining property.
ZK — the protocol is zero-knowledge. A verifier can validate a fact without knowing the fact itself.
Succinct — the proof is smaller and easier to verify than the fact itself.
Non-interactive — prover and verifier are only required to interact once thanks to a shared key.
Argument of Knowledge — the protocol must meet the “soundness” criteria laid out above so that it cannot be cheated, and it must be prohibitively difficult for anyone without knowledge of the fact to create a ZK-SNARK.
ZK-SNARKs were developed by Zcash as an solution to enable private transactions. A key drawback of snarks is that a trusted setup using a protocol is needed to create the shared encryption key, so they aren’t an entirely trustless way to transact for everyday purposes.
ZK-STARK stands for Zero-Knowledge Scalable Transparent Knowledge of Argument. The properties that differ from a ZK-SNARK are: Scalability — where there is a lot of data to be processed for a verification.
ZK-STARKs can handle exponentially larger amounts of data with only an incremental increase in verification time. ZK-STARKs leverage publicly verifiable randomness to generate the shared key needed for the zero-knowledge proof. They eliminate the need for a trusted setup.
These features mean ZK-STARKs offer some advantages over ZK-SNARKs; however, ZK-STARKs generate more complex proofs than ZK-SNARKs, so generally incur higher transaction costs.
L1 blockchains vs L2 zkRollups
There are two big different groups of cryptoprojects adopting zk technology. First one, native L1 blockchains. Second — L2 zkrollups. Let’s have a look on both of them.
Layer 2 platforms leverage zk to make Ethereum more scalable, using a solution “zero-knowledge rollups” (ZK rollups) This method is used to bundle Ethereum transactions into batches to be executed on the Layer 2 platform instead of the Ethereum mainnet, alleviating congestion.
@Starknet is decentralized ZK-Rollup based Layer-2 blockchain. StarkNet developers need to learn the Cairo programming language (instead of Solidity), which can make onboarding new developers somewhat more of a challenge.
Despite this, transpilers from Solidity to Cairo and other, better-known programming languages are being created to sidestep this issue. Starknet uses zk-starks technology.
@zksync is an Ethereum Layer-2 scaling solution designed to accommodate high speeds (2,000+ TPS) while ensuring low gas fees and high security. Unlike many Layer-2s, ZKSync allows nearly instantaneous withdrawal of funds to the Ethereum Layer-1 mainnet.
It should be noted that ZKSync is the sole zk-rollup protocol with full EVM compatibility, meaning that developers can redeploy live smart contracts from Ethereum without rewriting or customizing them for ZKSync. This increases interoperability and decreases development time.
Announced in April 2022, @Scroll_ZKP is perhaps the newest Ethereum zkRollup-based Layer-2 to hit the market. Unlike most Layer-2s, Scroll has been personally reviewed by Vitalik Buterin and was created in collaboration with the Ethereum Foundation.
While most ZK-Rollups are application-specific, making it somewhat challenging for developers to build compatible dApps, Scroll’s ZK-Rollups are verifiable on the general EVM allowing for the easy migration of existing Ethereum dApps.
In addition, the Scroll team is in the process of developing a decentralized market for proofs which allows the generation of zero-knowledge proofs for outside developers.
It’s worth to mention @aztecnetwork. Aztec Labs developed Noir as a standalone, open-source, universal language for zero-knowledge programming. Noir is designed to be compatible across proving systems while also being verifiable to any chain.
@taikoxyz is a decentralized Ethereum-equivalent zkEVM. Taiko consists of three main parts: zkEVM circuits (for proof generation), L2 rollup node (for managing the rollup chain), and protocol on L1 (for connecting these two parts together for rollup protocol verification).
That was a quick overview of main zkrollup solutions. Let’s dive into zk-based L1 (native) blockchains!
@zcash: One of the first crypto assets, Zcash — previously known as ZeroCash — helped pioneer the use of zero-knowledge technology in the sector by supporting its privacy-preserving transactions with zero-knowledge Proof.
Zcash is a cryptocurrency that offers anonymous transactions through the zk-SNARK protocol. The first widely used cryptocurrency to use zero-knowledge proofs is this one.
@MinaProtocol offers highly compact and practical zero-knowledge proofs by utilizing a variant of the zk-SNARK protocol known as plonk. No matter how many transactions are committed to the network, Mina Protocol intends to be a light blockchain with a fixed size of just 22 kB.
This Mina Protocol’s 22Kb size should enable everyone to manage a node and contribute to the network’s security without the need for complex computer hardware.
While a few chains — including Mina, ZCash and others — already use zero-knowledge cryptography in production, none of them provide true programmability or full on-chain smart contract functionality. As a result, they are limited in what they can do. But that’s changing.
@AleoHQ is the platform aiming to offer fully private applications. Aleo is building a foundational layer that will help to catalyze and grow the next generation of truly mass-market use cases from gaming to DeFi and beyond.
The main goal of Aleo is to make a solution that will have profound impacts on a large and growing number of applications in the blockchain space and beyond, protecting user and application identity without sacrificing the performance required to support millions of users.
To write private applications on Aleo intuitively and easily, team have developed a programming language called Leo. Aleo runs on a decentralized operating system for private applications called snarkOS. These tools will enable developers to build the next generation of smart contracts. Aleo can express powerful DeFi primitives like stablecoins or decentralized exchanges.
Namada
Namada is a Proof-of-Stake Layer1 protocol designed to provide asset anonymity between different blockchains.
The main features of Namada are:
- Zero-knowledge Proofs & MASP: Only the sender and recipient know the transaction information, and all assets share a single secure set.
- Modern Consensus & Cubic Proof-of-Stake: Uses Tendermint BFT consensus and advanced proof-of-stake protocol with cube cut and improved F1 fee distribution.
- Proof generation on edge devices & instant finality: Supports zero-knowledge proof generation in the browser, and fast finality ensures transactions are processed in seconds.
- Privacy as a public good: The Namada protocol rewards secure transactions that effectively promote privacy.
Namada can interact with Cosmos blockchains via IBC and with Ethereum via a secure two-way bridge.
To ensure privacy, Namada is rolling out an updated version of the Multi-Asset Shielded Pool (MASP) scheme, which allows multi-chain users to make shielded transfers with any kind of asset held by the user, be it fungible or non-fungible assets — and independent to what chain or platform they were created on.
One of the key properties of Namada is that all assets will be sharing one anonymity set. This feature allows us to move away from the per-asset shielded set, which can significantly weaken the privacy guarantees specially when the asset has a low transaction volume and/or high value; it also allows us to create a way larger anonymity set, as any fungible and non-fungible assets across all sovereign chains and platforms can be sharing the same shielded set.
The reference implementation of the Namada protocol is built in Rust by Heliax, one of the development organizations in the Anoma ecosystem. Namada is the first fractal example of Anoma and the first step towards a multi-chain vision of homogeneous architecture & heterogeneous security.
If you want to learn more about Namada please follow latest news and join Namada’s social networks:
Website https://namada.net
Twitter https://twitter.com/namada
Discord https://discord.com/invite/namada
Talks https://namada.net/talks