In the world of cryptocurrencies, we sometimes hear about zero-knowledge proofs (or ZKP), which make it possible to anonymize certain transactions. Let’s find out what these zero-knowledge proofs are, how they work, and what they’re actually used for.
If Bitcoin and the cryptocurrencies forming the ecosystem that interests us so much could have been created, it is thanks to cryptographic algorithms. These have very specific functions and meet needs, such as the autonomous management of a wallet, for example. It is, therefore, through keys, transaction signatures and other systems that we can prove that we own our bitcoins without having to disclose our identity. This consequently allowed Bitcoin to come into being, a system that was not anonymous but pseudonymous.
But could we go further, that is, to set up anonymous transactions? We would then need other cryptographic bricks, including zero-knowledge proofs.
What are zero-knowledge proofs or ZKP?
Zero-knowledge proofs (ZKP) are protocols allowing an actor to prove that a situation is real without having to reveal information relating to the latter. For example, this would prove to a user that he owns bitcoins without indicating his signature or public address. Leaving the framework of cryptocurrencies, this can also be used to prove an identity without having to reveal it. We will study these two very relevant examples in detail later, but first, let us look at the origin of these protocols.
The term ” zero-knowledge proof” is quite recent but obviously does not originate from the current cryptocurrency ecosystem. It was in 1989 that three experts – Shafi Goldwasser, Silvio Micali and Charles Rackoff – first used this term in a scientific publication that described many concepts related to cryptographic proofs. Today, these proofs have become a subject of study in cryptography in their own right.
How Do ZKPs Work?
In the same way that there are many use cases for ZKPs, there are also many different operations because they are adapted to specific situations. Indeed, each particular case requires a unique scenario and the protocol is developed according to these parameters.
However, ZKPs follow general principles, so there are various examples to illustrate how they work.
Ali Baba’s cave
We consider Alice and Bob in front of Ali Baba’s cave, Alice possessing the latter’s password. The door blocks the passage of two corridors, A and B. Bob wishes to pass the door, but Alice does not want to divulge the password. The operation of the ZKP protocol associated with this situation would be for Alice to open the door and Bob to exit the cave using the password.
So Alice goes to the bottom of the cave, waiting for Bob’s instructions.
Bob then selects one of the corridors through which Alice must be able to emerge.
Alice exits through the corridor selected by Bob.
Since Alice doesn’t know Bob’s chosen lane in advance, there’s a one-in-two chance that she’s lying. By repeating the operation a sufficient number of times, Alice proves that she has access to both and that she has the password to move from one corridor to another if necessary.
Halloween candies
Back from their Halloween harvest, Alice and Bob want to know if they got the same number of candies without revealing the exact number they have.
To do this, Bob will create boxes for each harvest opportunity and write a number inside. He locks them and throws away the keys to the boxes containing the wrong number.
Alice, meanwhile, will take as many pieces of paper as there are boxes and write the “-” sign on all of them, except on one which will be marked with a “+”. She will then put a piece of paper in each of Bob’s boxes, the “+” being in the box corresponding to the number of candies she has collected.
Subsequently, Bob will recover the only box to which he has access, that is, the one that contains the number of candies he has and will learn the associated sign. If it’s a “+”, they have the same number. Otherwise, their harvests are different. In both cases, neither had access to the harvest of the other since Bob does not have the keys to the other boxes and therefore cannot search for the one containing the “+”.
We thus notice by these explanations that the protocols can take many different forms and adapt to the situations. They are often more complex than the one presented here and should show no logical flaws to be used in real applications. Indeed, flaws in these protocols could disclose sensitive information, precisely supposed to be protected by them.
Applications of ZKPs
The applications of ZKPs can be very numerous since they are not confined to cryptocurrency or decentralized identity systems that we will study later. Indeed, they can also take part in the dissemination of sensitive information without citing sources, such as the assessment of the armed forces of different countries. Finally, they are widely used in the context of blockchain platforms, as we will see together.
Anonymous transactions
The implementation of a ZKP protocol can make transactions anonymous, cryptocurrency, for example. Indeed, some blockchains claiming to be anonymous use ZKP processes to guarantee the confidentiality of their users. But some of these systems can be deployed within smart contracts in order to provide anonymity within existing platforms. This is the case of Tornado Cash, for example, which recently deployed its version 2. This service uses evidence without disclosure to successfully anonymize Ethereum transactions.
Decentralized identities
But where ZKP protocols really interest us is in the context of decentralized identities. Indeed, one of the problems of decentralized identities lies in the fact of selecting and limiting the shared data. No one wants to disclose certain sensitive data to everyone, and medical data comes first on the list.
Solutions using ZKPs for the management of personal data have several advantages:
- They are largely compatible with GDPR since the design of the system is based on data privacy.
- They provide users with great transparency within the framework of open protocols.
But if these advantages can be brought by centralized systems, with disclosure of information in all transparency, ZKPs make it possible to go further.
First, the information is not divulged; that’s the principle. They cannot be stored, at the mercy of attacks, or transferred to third parties who are less transparent about their use. If the subject interests you, I refer you to the very good work of Blockchain Partners on these subjects.
Exploitation of IOT data
If the IoT ( Internet of Things ) offers great promises of optimizing daily life in a personalized way for everyone, this ecosystem of products and services suffers from many problems: a general lack of security on IoT products, which are often inexpensive, as well as a very opaque management of the data collected, necessary for the optimization of the services. If security is not really guaranteed by the use of zero-knowledge proofs (even less by the use of a blockchain!), these solutions can solve the dilemma of the use of data.
Indeed, the problem is not so much the exploitation of data (resales, optimization of systems, etc.) but rather the link between the data collected and the owners of the connected objects. Everyone imagines these quasi-real dystopias today, in which insurance costs depend immediately on the data collected around you. The use of zero-disclosure information exchanges would guarantee the anonymity of users without giving their trust to the manufacturer (in the context of smart contracts or one where the code is made open source).
Scalability overlays
One of the uses a little less known to the general public but offering interesting promises is the use of ZKPs in scalability solutions. Mainly present in Ethereum overlay projects, zero-disclosure signatures make it possible to carry out a greater number of transactions over a given time by transmitting only the proof of transaction. Thus, less data is distributed on the network while ensuring the validation of the consensus of the latter. Examples of ZKP scalability protocols already exist today, in particular on top of Ethereum.
We can notably mention ZK-Rollup and its implementation of zkSync, an Ethereum DApp allowing to carry out transactions at a lower cost on Ethereum. It is, therefore, a micropayment solution, which still has disadvantages in use. We note, for example, a fairly centralized initial scheme, as well as a greater demand for computing power for zero-disclosure proofs than for classic transactions.
This concludes this presentation of zero-knowledge proofs, how they work and the use cases that interest us. Ethereum is the protocol today with the most active community on the issue of zero-disclosure proofs. But they are not necessarily related to blockchain technologies, but more generally trustless protocols. If you have any questions or comments about this article, do not hesitate to contact us in the comments or on social networks.
