With Ethereum entering the Metropolis stage, it will introduce different changes that are going to make it more abstraction and privacy-friendly. One among those changes is the introduction of “Zero-Knowledge Succinct Non-Interactive Argument of Knowledge” otherwise known as Zk-Snarks.
Zero-knowledge refers to a proof of construction where an individual can prove ownership of data, without having to reveal that piece of data.
Succinct indicates that the zero-knowledge proof can be checked quickly. This includes proofs with statements that are substantial.
The sizes of the messages are tiny in contrast with the length of the real computation.
Non-interactive implies that there is no need for the verifier to interact with the prover in order to approve a zero-knowledge proof. Rather, the prover can publish their proof ahead of time, and a verifier can guarantee its correctness.
For Zk-SNARKs, there is normally a setup phase and after that, one message from the prover to the verifier.
Argument of Knowledge implies a proof of knowledge of some characterized computation.
It isn’t possible for the prover to develop a proof/argument without knowing a certain so-called witness (for instance, the address she needs to spend from the preimage of a hash function or the way to a certain Merkle-tree node).
Zk-Snarks runs on the idea of zero-knowledge proofs.
There are two parties when it comes to a zero-knowledge proof, the prover, and the verifier. Zero knowledge states that a prover can prove to the verifier that they have a specific knowledge without revealing to them what that knowledge really is.
PROPERTIES OF A ZERO KNOWLEDGE PROOF
Certain parameters are needed to be satisfied for a ZKP to work:
- Completeness: If the statement is true then an honest prover can convince an honest verifier.
- Soundness: If the prover is dishonest, the verifier can’t be convinced of the soundness of the statement by lying.
- Zero-Knowledge: If the statement is true, the verifier will not have any idea what the statement really is.
One of the examples of a zero-knowledge proof is as given-
In this example, the prover (P) tells the verifier (V) that they know the password of the secret door at the back of the cave and that they can prove it to the verifier without really disclosing to them the password.
It looks somewhat like the one shown below:
The prover goes down any one of the ways A and B. Suppose, at first they decide to go through the path A and reach the secret door at the back. When they do as such, the verifier V comes in at the entrance, without any knowledge of which path the prover actually took and declares that they need to see the prover show up from path B.
In the diagram, it is seen, that the prover does indeed appear in path B. But what if this was dumb luck? What if the prover had no knowledge about the passcode, and took the path B, was stuck at the door and by sheer fortune, the verifier instructed him to show up from path B, the one they were originally on in any case?
So, to test the validity, the experiment is done on many different times. If the prover can show up at the right path each and every single time, it proves to the verifier that the prover without a doubt knows the password despite the fact that the verifier doesn’t know what the password really is.
The three properties of zero knowledge are satisfied as shown below-
- Completeness: Since the statement was valid, the honest prover persuaded the honest verifier.
- Soundness: If the prover was dishonest, they couldn’t have tricked the verifier because of the fact that the test was done a number of times. Eventually, the prover’s fortune had to run out.
- Zero-Knowledge: The verifier never realized what the password was, yet was convinced that the prover had ownership of it.
The first widely known application of Zk-SNARKs is Zcash, a form of zero-knowledge cryptography. To know more about Zcash refer this article.