There is an increasing emphasis on improving privacy in the cryptocurrency space. Bitcoin, Ethereum, Bitcoin Cash, and Litecoin are all actively looking for the most appropriate means to increase their privacy and with it, their fungibility. Privacy-focused projects like Monero and Zcash the only ones fighting to increase our ability to remain anonymous.

Using evidence without knowledge

Zero-knowledge evidence has long been viewed by many as a suitable vehicle for increased confidentiality. Zero-knowledge proofs are methods of proving something while disclosing only a very small amount of information about that something. Zk-SNARKs are a form of zero-knowledge proof application. The Zcash team has been at the forefront of their implementation. Ethereum developers are also considering zk-SNARKs as a way to implement such proofs.

However, there were a few major flaws. The main problem has been the need for trust configuration. Zk-SNARKs are based on an authorized private key. This essentially undermines the whole purpose of decentralized public blockchains. By introducing the need to trust a person rather than a code, you threaten the whole concept of lack of trust.

Fortunately, a more recent development called zk-STARKs has shown a way to achieve the same level of privacy as zk-SNARKs without the need for a trusted configuration. If developers can successfully implement this, zk-STARKs could provide a privacy solution that offers some of the best anonymities available. It would also be completely trustless, more scalable and secure.

What is a zk-SNARK?

A zk-SNARK is a succinct, non-interactive knowledge argument to zero knowledge. When applied to cryptocurrency, it means you can hide all transaction data. This includes the address of the sender, the address of the recipient, as well as the amount of the transaction. Zk-SNARKs allow us to hide all of this information, while also allowing the network to confirm and verify transactions. It maximizes confidentiality while maintaining consensus.

In terms of blockchain-level privacy, this is truly remarkable. It is one of the most advanced privacy technologies at the blockchain level. Of course, this does nothing to protect users at the network level. For this, it is necessary to integrate protections such as Tor or I2P.

Zk-SNARK issues

There are, however, several issues with zk-SNARKs. The first is our trust configuration problem. Evidence is based on a common chain that ensures the legitimacy of zero-knowledge evidence. Various people were involved in the process that created this channel. So in short, the confidentiality of the system depends on these people not disclosing the details of this aforementioned process. According to The Zcash team, who are currently the main users of this technology, the process was carried out with different parties participating from different locations. Ultimately, you have to assume and hope that these people don’t have or will compromise this setup. If they did, it would compromise the full confidentiality of zk-SNARKs.

Commentators have observed that as the value of blockchains and their native assets that rely on zk-SNARK increases, the incentive of malicious parties to entice or force original actors to hand over the details of this setup increases. . Ultimately, it looks like no matter how many audits developers do on the setup, since it relies on the good behavior of those initial people, it probably won’t be used in the mainstream.

What is a zk-STARK?

A zk-STARK is an evolving and transparent knowledge argument without knowledge. Note the main differences from zk-SNARK, namely scalability and transparency.

The idea was proposed by Eli Ben-Sasson and was developed with his co-authors in their white paper. Ben-Sasson founded his own company, StarkWare Industries, which focuses on finding and applying zk-STARK to blockchains of all kinds.

Eli Ben-Sasson, the mastermind behind zk-STARK

Ben-Sasson’s innovations created zk-STARKs to provide evidence that can be verified much faster than previously thought. In addition, they have in fact exponential scale in relation to the set of data they represent, whether it is a blockchain asset, documents, or other datasets.

Right now, Monero, Zcash, and Ethereum are all seriously considering zk-STARKs.

What do zk-STARK fix?

First of all, the zk-STARKs solved the problem of the trust configuration. They completely remove the need for multiple parties to create the necessary private key for the chain. Instead, all that is needed to generate the evidence is public, and the evidence is generated from random numbers. zk-STARKs actually remove the requirement in zk-SNARKs for asymmetric cryptography and instead use the chop functions similar to those found in Bitcoin mining.

Beyond that, they are expected to have a longer lifespan in terms of cryptographic resilience than zk-SNARKs. At present, zk-STARK are considered resistant to the progress of quantum computing. In contrast, the elliptical curve cryptography that underlies zk-SNARKs is sensitive to advances in computing power that quantum computing might pose.

Quantum computers are able to decrypt private keys from public keys much faster than older computers. This is due to the differences between bits (0 or 1) and qubits (0 and 1 at the same time). Elliptical curve cryptography is what we typically use to generate private and public keys and is not quantum resistant. Zk-STARKs, on the other hand, do not use this type of cryptography and are therefore immune to such advances.

quantum computing

Zk-STARKs stand up to the tremendous advances in computing power of quantum computing.

Current limitations with zk-STARK

The main problem with zk-STARKs is their size. Currently, the evidence he uses is simply too large to be used in most blockchains as is. According to Vitalik Buterin, zk-STARKs will result in evidence of a few hundred kilobytes versus the 288 bytes seen in zk-SNARKs. However, there’s no reason to believe the developers won’t fix this daunting problem. Indeed, the compression of privacy features has evolved rapidly, as the implementation of Bulletproof in the case of confidential transactions and Zcash Sapling upgrade for zk-SNARKs.

Use cases and implementation

At present, no public blockchain has integrated zk-STARK. However, it is likely that they will end up in Zcash or Monero over the next few years and possibly Ethereum as well.

Buterin has raised concerns about Ethereum’s lack of privacy and has shown great interest in integrating zk-SNARKs. However, given the benefits of zk-STARKs, it seems increasingly likely that Buterin and others will consider them. Indeed, in July 2018, the Ethereum Foundation awarded a grant to StarkWare Industries. The hope is that other developments could help correct Ethereum’s lack of privacy.

Monero is apparently considering zk-STARK for a later date. If we see more research to reduce the size of the evidence, it is likely that they will implement it.

Of course, outside of the cryptocurrency space, companies and projects could realize their benefits. Ben-Sasson believes companies could increase the security and privacy of their own data or that of their customers while maintaining a degree of public transparency.

About The Author

Related Posts