acm-header
Sign In

Communications of the ACM

BLOG@CACM

Unlocking the Potential of Zero-Knowledge Proofs in Blockchain


View as: Print Mobile App Share:

Zero-Knowledge Proofs (ZKPs) are becoming a standard within blockchain technology, helping to maintain transactional privacy and integrity, highlighting their potential to create a more secure and private blockchain landscape.

In this post, we will explore the intricate world of zero-knowledge proofs (ZKPs) and their role within the blockchain. The focus will be on the theoretical underpinnings and potential applications of ZKPs, examining how they could revolutionize privacy in blockchain transactions.

Additionally, the piece will critically assess the current state of ZKP technology, exploring its benefits and limitations, and discussing its future possibilities for enhancing blockchain security and privacy.

What is a Zero-Knowledge Proof (ZKP)?

A zero-knowledge proof (ZKP) is a cryptographic method that is used to prove an individual knows a set of data, without revealing what this data contains. This form of verification can be extremely effective in scenarios where the details of data need to remain private.

Blockchains are designed to be transparent but there are many situations where privacy is required. For example, smart contracts may contain sensitive information such as financial details or personally identifiable information that could be used to commit fraud or other criminal activity. To protect this information, smart contracts often require specific inputs before they can be executed.

Zero-knowledge proofs have established themselves as one of the primary methods to accomplish privacy on a public blockchain. This is achieved by one party (the prover) cryptographically proving to another party (the verifier) that they possess accurate knowledge of hidden data - data that could only be known by the prover with a very high level of certainty.

In addition to more private blockchain transactions, ZKPs can also help thwart cybercriminals by adding a layer of security. The importance of such technology is even more evident when you consider that 66% of organizations have experienced a cyber attack in the past 12 months. This just so happened to create the perfect storm, sparking curiosity and bringing the blockchain to the limelight once again. 

Zero-Knowledge Proofs: How They Work

An advanced level zero-knowledge proof requires the prover to perform several actions that verify that the underlying data is known if executed properly. In the event of an individual attempting to gain unauthorized access to the data, i.e.. guessing at the required actions, the verifier's testing procedures will determine that the attempt at providing proof is not legitimate. 

ZKPs can come in two forms, interactive or non-interactive. An interactive ZKP requires the prover to repeat the process for individual verifiers each time. Meanwhile, a non-interactive ZKP allows the prover to generate proof that can be verified by anyone who has knowledge of the same proof.

The concept of zero-knowledge proofs was initially outlined in the 1985 MIT paper, "The Knowledge Complexity of Interactive Proof-Systems" which was written by Shafi Goldwasser and Silvio Micali. The paper outlined how it was possible to provide a distinct statement about a data point, which could be verified as true, without the need to provide additional details.

Three key characteristics help to define ZKPs:

  • Completeness - If the information or statement provided, and the actions taken are correct, then the verifier can determine that the prover possesses sufficient knowledge.

  • Soundness - If the information provided is false and the prover is attempting to gain unauthorized access then the verifier can easily determine that the prover does not know the correct input.

  • Zero-knowledge - In this case, the prover can provide a true statement, however, this does not provide the verifier with any additional information regarding the correct input.

The Different Types of Zero-Knowledge Proof

Zero-knowledge proofs can come in various forms, each having different characteristics in terms of proof times, verification times, the size of the proof, etc. The most popular ZKPs include:

  1. PLONK - An acronym of "permutations over Lagrange-bases for oecumenical non-interactive arguments of knowledge". PLONK is regarded as one of the most trusted and ubiquitous ZKP setups and is compatible with any program, while also able to include a large number of participants. 

  2. ZK-SNARKS - A "succinct non-interactive argument of knowledge" is small-scale and simple to verify. This type of ZKP generates cryptographic proof using elliptical curves and requires less computational resources compared to a hashing function. 

  3. ZK-STARKS - A "scalable transparent argument of knowledge" is a ZKP that involves a low level of interaction between the prover and the verifier, resulting in a faster speed. 

  4. Bulletproofs - This type is a short non-interactive zero-knowledge proof that does not need a trusted setup and is suitable for private transactions for cryptocurrencies.

Zero-Knowledge Proofs: Advantages

A key benefit of ZKPs is their effectiveness when it comes to leveraging privacy-preserving datasets within public blockchains or other systems that are designed for maximum transparency. This is particularly useful for the execution of smart contracts.

Smart contracts are self-executing programs that automatically perform actions that are defined in an agreement between two parties. Once the actions have been completed, transactions can be tracked and can't be reversed, enabling visibility. With zero-knowledge proof, users and businesses can execute smart contracts on the blockchain, while keeping the stored data private.

Benefits for Institutions

This is essential for institutions such as banks, financial institutions, enterprise-level businesses, and businesses that are part of a wider supply chain and must adhere to strict confidentiality when executing smart contracts. Such organizations are also legally required to safeguard the Personally Identifiable Information (PII) of their clients and comply with regulations set out by the countries they operate in.

ZKPs allow institutions to interact with public blockchain networks that have large volumes of users around the world, while still keeping datasets private. Without ZKPs, regulated businesses and institutions would need to rely on permitted blockchain networks that have far fewer users than public blockchain networks.

This is why ZKP technology is being applied to many institutional use cases for public blockchains, resulting in increased accessibility, more efficient economies, and innovations. Even institutions like the London Stock Exchange have entered the market, responsible for handling huge volumes of financial data, and are exploring the possibility of not just tokenization, but using ZKP to bolster their defenses. 

Zero-Knowledge Proofs: Use Cases

From cybersecurity to Web3 projects, ZPKs have a wide range of use cases, below are three common uses for which the technology is becoming a standard.

  • Private Transactions - An example of a private transaction is those made on the Zcash blockchain, a privacy-focused cryptocurrency. By using ZKPs, transactions remain completely private and details such as the sender, receiver, and monetary value are not disclosed. 

  • Decentralized Identity/ Authentication - ZKPs can play a fundamental role in identity management systems that allow users to verify their identity while protecting their details. 

  • Verifiable Computations - A decentralized oracle network offers smart contracts that can access off-chain data and computations that can be combined with ZKPs. In this case, the prover can provide a statement about an off-chain data point without revealing any data. 

The Current State of ZPKs: Limitations and Future Developments

The main limitation regarding ZKPs is the hardware, as the technology requires graphic processing units (GPUs) that have parallel processing capability to reduce the resources and time needed to prove a statement.

Meanwhile, PLONK uses improved algorithms to provide faster and more effective solutions, with similar alternatives expected to be developed in the future. However, more abstraction layers must also be developed to complement such advancements if the technology is to witness widespread adoption. Although the development landscape is active for ZKPs, the complexity of the technology still provides significant challenges.

From a business level, the implementation of ZKPs and other blockchain security technologies has presented some hurdles. With the increased integration of blockchain to business platforms, even smaller organizations are looking for help with SAP S4 HANA, given the fact that the German giant already included blockchain into its products for both security and efficiency reasons.

Fortunately, the infrastructure that powers cryptocurrency is expected to evolve rapidly due to the technology's popularity, causing optimism in ZKP circles. There is a significant investment in both consumer-facing cryptocurrency platforms and their backend infrastructure, with ZKPs a key consideration for creating a decentralized, privacy-first web.  

Conclusion

Zero-knowledge proofs are a rapidly growing technology that is used to ensure transactional privacy and integrity on the blockchain. This is key to allowing institutions such as banks, that must adhere to strict regulations, to interact with and execute smart contracts on public blockchain networks.

Although ZKPs still face barriers in terms of hardware and their complexity from a development point-of-view, the technology is expected to evolve significantly, boosted by major investment in cryptocurrencies and their infrastructure. 

 

Alex Williams is a seasoned full-stack developer and the former owner of Hosting Data UK. After graduating from the University of London with a Masters Degree in IT, Alex worked as a developer, leading various projects for clients from all over the world for almost 10 years. Alex has recently switched to being an independent IT consultant and started his technical copywriting career.


 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account