The whole point of zk-SNARKs, or Zero-Knowledge Succinct Non-Interactive Arguments of Knowledge, is to prove knowledge without revealing anything. For example, you may want to prove that you know the solution to a Sudoku puzzle without actually revealing the solution.
zk-SNARKs are cryptographic primitives that allow one party i.e. the prover to prove the validity of a statement to a different party, the verifier without revealing any more information about the statement other than the statement is true. zk-SNARKs support two key properties — privacy and scaling, especially for blockchain systems. They enable applications such as Zcash for private transactions and Ethereum Layer 2 rollups for cost-effective scaling. We’ll take a look at how they function, and share an example on how to begin building them on your own.
Components of zk-SNARKs:
Compact: Proofs are short and can be verified quickly, usually in milliseconds.
Non-Interactive: The verifier and prover do not have to interact back and forth.
Arguments of Knowledge: Proofs ensure the prover knows the underlying data.
Some real-world applications of zk-SNARKS include:
Privacy Coins (Zcash): zk-SNARKs hide transaction information while still proving correctness
2nd Layer Scaling (Ethereum): Using zk-SNARKs, zk-rollups batch transactions, enhancing scalability.
Why Zk-snarks Are Needed
- Privacy:
Senders and receivers can obscure their identities and transaction amounts while still proving the transaction is valid.
- Scalability
zk-SNARKs reduce on-chain computation, allowing systems to verify proofs instead of processing large datasets. This is essential for Ethereum’s zk-rollups, which pack thousands of transactions into a single proof.
- Decentralized Identity
This also allows for proof without revealing details through zk-SNARKs. For instance, proving you are older than 18 without revealing your birth date.
- Efficiency in Blockchain
By minimizing the computations that must be performed on the blockchain, zk-SNARKs allow decentralized systems to be more swift and efficient.
How zk-SNARKs Work
For zk-SNARKs, three phases are crucial:
- Setup Phase
This interactive protocol creates public parameters, and serves as setup, which is needed for constructing and verifying proofs.
Example: To prove that you know the result of a multiplication, this step outputs parameters to verify that you did a correct multiplication.
- Proving Phase
Using public parameters and private data, the prover generates a concise proof.
An example is a prover showing that they know 2 numbers that equals 15 without revealing the numbers
- Verification Phase
It allows a third party, the verifier, to check the proof given the corresponding public parameters and allows the prover to prove their statement through this process.
Below is an example of a zk-SNARK circuit in Circom verifying a multiplication:
template Multiplier() {
signal input a;
signal input b;
signal output c;
c <== a * b;
}
component main = Multiplier();
Inputs: a and b are private inputs provided by the prover.
Output: c is the public output, verified without revealing a and b.
Verification: The verifier confirms that indeed c = a * b holds true.
Getting Started with zk-SNARKs
To construct zk-SNARK systems, you’ll need tools for writing, compiling and verifying circuits:
Circom: High-level description language to define circuits (mathematical constraints) for zk-SNARKs
snarkjs: Compile circuits, prove, and verify.
To implement a circuit in Circom (like the one above), you compile the circuit:
circom multiplier. circom --r1cs --wasm --sym
Generate and verify a proof with snarkjs:
snarkjs groth16 setup multiplier.r1cs powersOfTau.ptau multiplier.zkey
snarkjs groth16 prove multiplier.zkey witness.wtns proof.json public.json
snarkjs groth16 verify verifier.json public.json proof.json
Use Cases of zk-SNARKs
Some major use cases of zk-SNARKs include:
ZCash: Hides details of transactions through zk-SNARKs
Ethereum zk-rollups: Batch txs together to scale Ethereum.
Decentralized Identity: Verifying credentials while releasing no personally-identifiable information.
Conclusion
zk-SNARKs are transforming privacy and scalability in the blockchain. As they enable proof without disclosure, they unlock use cases in private transactions, decentralized identity and beyond.
Check out the zk-SNARK tools (like Circom and snarkjs) and start building circuits that could underlie tomorrow’s decentralized systems.