What is zero-knowledge proof?
Zero-knowledge proof is a cryptographic protocol that allows one party (the proving party) to confirm the truth of a statement to the other party (the verifier) without revealing any additional information about it (neither the content nor the source from which the proving party learned the truth). The first time zero-knowledge proof was written about in a scientific paper by MIT researchers Shafi Goldwasser, Silvio Micali, and Charles Rakoff back in 1985.
Zero-knowledge proof can be characterized by three main properties:
- Completeness. If the proving person knows the statement, he will be able to convince the verifier of it.
- Correctness. If the proving person does not know the statement, then he can only fool the verifier with a small probability.
- Zero disclosure. The verifier, even if he behaves dishonestly, learns nothing but the very fact that the statement is known to the proving one.
What types of zero-knowledge proof are there?
- interactive (the verifier independently interviews the proving person in real time)
- non-interactive (does not require direct communication between the verifier and the proving person; the first one can verify the authenticity of the statement ex post facto).
Zero-knowledge proof can also be divided into two groups, based on the presence or absence of a record of the authenticity of the statement by several verifiers.
How does it work?
Proof is usually in the form of an interactive protocol. This means that side B asks a series of questions to the proving party, if he knows the secret, he will answer all the questions correctly. If side A does not know the secret, but wants to convince the verifier otherwise, it has some probability (at least 50%) of answering the question correctly. However, after a certain number of questions (10–50), the verifier is fairly likely to be convinced that the proving party does not know the secret. At the same time, none of the answers gives any information about the secret itself.
Jean-Jacques Kiskater and Louis Gilloux explain the zero-knowledge proof well with the story of Ali Baba’s cave (see picture). To get through the cave, you must open the door between C and D. The door only opens when someone says the magic words. Let Peggy know the magic words and want to prove it to Victor without revealing the words themselves.
This is how zero-knowledge proof works in this case:
- Victor is at point A.
- Peggy walks all the way through the cave to the door either through path C or through path D. Victor can’t see which way Peggy went. After Peggy disappears into the cave, Victor moves to point B.
- Victor shouts to Peggy to leave the cave from either the left aisle or the right aisle.
- Peggy, using magic words if necessary to unlock the door, leaves the cave from the aisle Victor asked her to leave from.
- Peggy and Victor repeat steps 1–4 a number of times.
In case Peggy does not know the secret, she will not be able to fool Victor if the proof stages are repeated several times in a row. Since she can only exit from the aisle she entered, in each round of the protocol the probability of guessing which side Victor will ask her to exit from is 50%. Accordingly, her probability of deceiving Victor is also 50%. However, the probability to fool him in two rounds is already 25%, and in n rounds she has only one chance out of 2^n. Victor can confidently assume that if all n (n=10–50) rounds of Peggy’s proofs are correct, then she really knows the secret words that open the door between points C and D.
What is zero-knowledge proof used for?
One obvious use of zero-knowledge proof in cryptocurrencies is to verify that the user has the funds for the transaction, without revealing to the network participants who the user is and how much money they have in their account.
This protocol can also be used in areas where data security (e.g., personal information) or financial transactions need to be ensured.
Zero-knowledge proof can play the role of a tool that provides data and user verification, granting privileged access and establishing trusted connections.
What are the advantages of zero-knowledge proof?
- Improving user privacy in public blockchains and other networks
- Strengthening information security by replacing inefficient methods of authentication and verification;
increasing blockchain throughput and improving scalability.
What are the disadvantages of zero-knowledge proof?
- Require significant computing power
- Potential for compromise in a trusted installation
- Potential vulnerability to quantum computing.
Which projects use zero-knowledge proof?
ZCash, a cryptocurrency focused on increased user privacy, uses a modified zk-SNARKs protocol. The same protocol was partially implemented in the Ethereum network as part of the Byzantium hardfork.
The startup QEDIT has developed an SDK (Software Development Kit) that allows zero-knowledge proofs to be implanted into existing blockchains to increase transaction privacy while still allowing validation by nodes.
StarkWare has created solutions based on the zk-STARKs protocol, which can also be implemented in existing networks.
Aztec is a project that attempts to introduce zero-knowledge proof-of-concept into the existing Ethereum network by creating a stack of smart contracts focused on privacy.
And, of course, Aleo is the world’s first full-featured private application development platform (with zero-knowledge) with speed, integrity, and scalability. Aleo achieves this by using decentralized systems and zero-knowledge cryptography to protect user data online. The Leo programming language was developed to create an application on Aleo. It allows developers to intuitively and easily write zero-knowledge applications and ensures that user data is private by default.
This article was written by Aleksander#8393
This article uses materials from the following sources:
1. https://forklog.com/cryptorium/chto-takoe-dokazatelstvo-s-nulevym-razglasheniem-zero-knowledge-proof/