What Is Zero-Knowledge Proof and What Are Its Use Cases in Crypto?
Have you ever submitted a financial or health record that may contain embarrassingly private information, just to prove that you can afford a loan or there are no major issues with your body? What if you can show them that your income stream is steady and ample, or you’re of sound health without revealing that you just purchased $100 worth of Nutella, or bruised your knee falling off of the bike? This is a prime example - also a potential use case - of Zero-Knowledge proof.
What is Zero-Knowledge proof (ZKP)?
You may have guessed from our example, Zero-Knowledge proof (ZKP) is a method or process of proving the validity of a statement without revealing the statement.
Say you just finished today’s Wordle (Yes, people still play that) before your friends could. Instead of telling them what the word is, all you need to do is share your Wordle result image with five straight green boxes. This way, everyone who saw the image would know you just got the word right but no one could tell what it is unless they already knew it. What’s more handy is that you only have to share this image on your Twitter once and everyone will know that you have solved it without any further interaction with you (they don’t even have to know you). This is known as non-interactive ZKP, in contrast to interactive ZKPs, where the verifiers have to engage in a series of exchanges with the provers to decide whether they are convinced.
Needless to say, this intricate mechanism (interactive and non-interactive) will create many novel, interesting use cases, especially in industries where privacy is valued above most other things - cryptocurrency comes to mind. Two of the most famous advances in this field are zk-SNARKs and zk-STARKs.
zk-SNARKs vs. zk-STARKs
zk-SNARK stands for zero-knowledge Succinct Non-Interactive Argument of Knowledge, with its highlight in non-interactive, meaning that anyone can verify a statement without interacting with the prover. This allows a blockchain network to verify the ownership of accounts, as well as ensure that the sender in a given transaction has sufficient balance without revealing addresses or transaction amounts.
Random elliptic curves are at the center of zk-SNARKs’ security model. A trusted setup is also required to kickstart a protocol using zk-SNARKs. This involves creating private keys that are later used to create proofs for transactions and verifications. As a result, zk-SNARKs are subject to quantum attacks and private key leaks. That said, zk-SNARKs can significantly reduce block sizes and gas consumption and have already accrued a large community since its inception in 2012.
zk-STARKs, which stands for zero-knowledge Scalable Transparent Argument of Knowledge, was introduced in 2018. As the name suggests, zk-STARKs focus on scalability and transparency. zk-SNARKs’ prover and verifier times increase linearly with witness size but in the case of zk-STARKs, it does so quasilinearly, making them far more agile when handling large datasets. zk-STARKs also leverage on publicly verifiable randomness and hash functions, which means they do not require an initial trusted setup and are quantum resistant.
That said, zk-STARKs generate far larger blocks and require much more computing power, which translates into more gas consumption and longer verification time. zk-STARKs also have far fewer developers and available resources compared to its older brother.
What are ZKP’s use cases in crypto?
Proof of Identity
There is no place with a higher concentration of private data than our identity information. Traditionally, a proof of identity requires the prover - you - to submit your identity information - everything about you, relevant or not, in shocking details - to the verifier.
With ZKPs, on the other hand, all you need to do is generate a credential that serves as proof of the ownership and soundness of your identity. Verifiers need only perform some calculations to check the validity of your credential, instead of having access to all your personal information.
Merkle Tree Proof of Reserves
A Merkle Tree is a binary tree with data stored in its leaves. Each leaf has its own hash value and these hash values will be sorted into different groups (nodes) for further hashing until there is only one value - the root hash.
Verifiers need only take hash values from several nodes to verify the integrity of everything in the Merkle Tree without diving into a sea of 1s and 0s. This is widely used in proving an exchange has sufficient reserved funds and did not move their traders’ funds elsewhere for unspeakable purposes.
Bitget has always prioritized our customers and our Merkle Tree Proof of Reserves is available for everyone to verify: Bitget’s Proof of Reserves.
For more information about our Merkle Tree Proof of Reserves, refer to our introduction to Merkle Tree.
Zk-rollups
A rollup, as its name suggests, is a scaling solution that rolls up a collection of transactions into one. This enables much faster and cheaper transactions than, say, Ethereum’s mainnet. There are two factions in Ethereum’s rollup solutions: Optimistic and Zero-knowledge. We will focus on the latter in this article.
Zero-knowledge rollups (zk-rollups) run computation off-chain and submit only a validity proof (a ‘summary’ of all rolled-up transactions) on-chain. Once this proof is verified on-chain, all rolled-up transactions will be finalized in one stroke.
There are several major players in Ethereum’s zk-rollup solutions. Polygon announced that their zkEVM mainnet beta is set to launch in late March. In an effort to counter Polygon, zkSync -another contestant - opened up registration for developers on their ‘mainnet’ just one day after Polygon’s announcement.
Other notable participants in this race include Loopring, a decentralized exchange that offers high throughput and low settlement cost leveraging on zk-rollup; Immutable X, a Layer2 solution focusing on NFTs that delivers a near-instant, zero gas fee experience with zk-rollups.
At Bitget’s zero-knowledge zone, you can trade Polygon, Loopring, Immutable X, Mina, and many other explorers in the land of zero-knowledge. Register now and start trading our selected assets at Bitget Zero Knowledge Zone!