The privacy problem facing the blockchain world is a major concern. Although there is much talk about cryptocurrency offering “unrivaled security” in protecting personal transaction data, it is not true. Blockchain is transparent and open by nature. Although you cannot see the owner’s name or personal data for a cryptocurrency address, anyone can use a Blockchain Explorer to find out what that address has bought and sold. But, it is possible for address ownership leaks to occur and sensitive private data could be exposed. Although this may not seem to be a major problem, some people do not want their transaction history to be made public for various reasons. A hypothetical world could allow the real owner of an address to be revealed. Blockchain transparency, which can be used by law enforcement agencies and government agencies to tax, track and punish those who use alternative payment channels, may also give advertisers and malicious people access your buying data.
These issues affect Bitcoin, Ethereum, and many other cryptocurrencies. Companies have recognized the need for privacy-centered tokens. As a result, we now have a variety of privacy-centric tokens that are becoming more and more popular. Zcash, one privacy coin, is based on a specialized technology called zero Knowledge Proofs (zk-SNARKs).
History
The idea of zero-knowledge proofs was created by MIT researchers Goldwasser, Silvio and Charles Rackoff. They were working on interactive proof systems. The assumption that the “prover”, in every scenario, was malicious meant that they would try to fool the verifier before discovering zk-SNARKs technology. The three researchers turned the tables and began to question the morality of both the prover and the verifier. The researchers expressed concern over the amount of information that the verifier would have about the prover during verification. They then asked the following question: How can we be sure that the verifier won’t leak the learned knowledge?
People like Vitalik Buterin (ETHEK co-creator), Christian Reitwiessner (Edward Snowden) have been actively promoting zero knowledge proofs technology. If you have a Masters Degree in mathematics, it is possible to understand the complex mathematics behind zero knowledge proof technology. Vitalik Buterin has created a few Medium posts that relate to the zk SNARKS technology.
Also read:
- How do you stake Ethereum
- Best Ethereum wallets
- How do I buy Ethereum
About zk-SNARKs
The acronym zk–SNARK stands to mean “Zero Knowledge Succinct Nu-Interactive Argument Of Knowledge” and is a proof construction in which one can show possession of certain information. A secret key is created without divulging any information and without interaction between the verifier and the prover. This is significantly different from other proof systems where at least one party must know all information. This could be an example: A password to someone’s email account stored on a server.
The server has the plaintext of your password. Your privacy is at the mercy of the server (the verifier) in this scenario. Your password could be stolen or compromised by an attacker. These scenarios can be prevented by using zero-knowledge proofs and path-breaking in all senses.
For example, a prover could take the hash of a password stored on a server to convince the verifier that the password exists. Without revealing the password’s exact value, the prover would be able to do this. The prover can convince the verifier that the password is not only known, but also that it exists. It is not enough to know the password. The server must verify that the password is valid in order to grant you access to password-protected content. To prove you know the password, you can use mathematical proof.
It is evident that zk-Snarks are an important part of modern blockchain technology. It seamlessly integrates with smart contract technology. Smart contracts are basically an escrow system that activates once a function has been completed. Problems can arise when the tasks required are complex and confidential. In order to receive your payment, you may need to perform multiple steps. Zk-Snarks shows that these steps were taken in the smart contract, but does not reveal what they are. It can reveal a portion of the process, but not the entire process. This proves that you are truthful about your claims.
Let’s take a closer look at the zl–SNARK acronym:
- Succinct: The sizes of the proofs (hash functions) are small compared to the time it takes to create them.
- Non-interactive: There is very little or no interaction. zk-SNARKs have a setup phase, followed by a single point between the provers and verifiers. SNARKs can also have the “public verifier” property, which allows anyone to verify without having to interact with them again. This is crucial for blockchains.
- ARguments: The verifier is not protected against computationally limited proofers. With enough computational power, provers can prove or argue against wrong statements. Any public-key encryption can also be broken if there is enough computational power. This is sometimes referred to as computational soundness, rather than “perfect soundness”.
- of Knowledge: It is impossible for the provers to create a proof/argument if they don’t know a certain witness (for instance, the address from which he would like to spend, the preimage of a hash function, or the path to a Merkle-tree Node).
You can also add the zero-knowledge prefix to require that the verifier does not learn anything other than the validity of the statement during interaction.
Zero-knowledge proofs of quality are verifiable in milliseconds. They are only a few hundred bytes and can be used even for statements regarding programs that are extremely large. The initial zero-knowledge protocols required that the prover and the verifier communicated back and forth for multiple rounds. However, in “noninteractive” constructions the proof is a one message sent by the prover to the verifier. The zk-SNARKS system generates short, non-interactive, blockchain-viable knowledge proofs. It does this by generating common reference parameters for the provider and verifier.
If anyone had the secrets of randomness that generated these parameters, they could create fake proofs that would appear valid to the verifier. This would allow Zcash to create counterfeit coins. Zcash created the public parameters using a multi-party ceremony. This was to prevent such a thing from happening. You can find more information about the parameter generation process and the randomness of it on the zCash Paramgen Page. This blog and the whitepaper are good sources of information.
Encoding
To have zero-knowledge privacy within Zcash, a mathematical operation determines whether a transaction is valid (determined by the network’s consensus rules). It returns the answer to the question of whether or not the transaction is valid without disclosing any of the information it used in its calculations. This is achieved by encoding certain consensus rules of the network in zk–SNARKs. These are the steps to achieve this encoding:
Arithmetic Circuit – R1CS – QAP – zk SNARK
This guide is free and will help you track whales and influencers in order to get alpha information.
Email Subscribe
First, create an arithmetic circuit by breaking down the logic steps into the smallest operations. Similar to a boolean circuit where a program can be broken down into simple steps such as AND, OR, and NOT, an arithmetic circuit converts a program into single steps that include the basic operations of addition, subtraction (multiplication), division, and multiplication.
This is an example of an arithmetic circuit used to compute the expression (a+b),*(b*c).
The inputs a,b, and c are traveling left-to-right along the wires to the output wire. To confirm that the values are traveling correctly, a Rank 1 Constraint system, or R1CS is required. The R1CS will verify that the value exiting the addition gate from which a and b went into is a+b in this example.
The R1CS representation requires that the verifier checks many constraints, one for each wire in the circuit. Gennaro’s, Parno’s, Gentry and Raykova discovered that it was possible to combine all these constraints into one” in a 2012 paper. This method employs a representation of the circuit known as a Quadratic Arithmetic Program (QAP). This is the only constraint to be verified. It’s now between polynomials and not between individual numbers which would take much longer. To verify the proof, you need to make sure that the two polynomials match at a randomly selected point .
zk–SNARKs vs. other privacy protocols
Every major privacy protocol has one type of privacy technology that protects your data. Zcash chose to use the zk–SNARKS technology and it has been recognized by Ethereum and its developers.
Vitalik and his colleagues have been so impressed by the technology that Ethereum plans to integrate ZkSnarks in its own platform. One of the most important projects in the Metropolis phase is to create an alliance with Zcash that will allow for the mutual exchange value. Zooko Wilcox (chief developer of Zcash) presented at DevCon2 Shanghai, where he discussed the future of an alliance. He said that Z-Cash, and by extension, Zk-SNARKs, could be integrated with Ethereum in three ways.
The Baby Zoe is the first way. (Zoe = Zcash in Ethereum). It creates a Zcash smart contract with Ethereum by adding a zk–snark pre-compiler to Ethereum. It is hoped that the Ethereum system will be able to create a zk snark enabled DAPP over its Blockchain.
The second method aims to integrate Ethereum compatibility into a zk–SNARKs based Blockchain. This could open up new opportunities for Zcash like the ability to run DAPPS and its own virtual machine.
The third method is Project Alchemy. This basically involves the interoperation and connection of both blockchains so that value can seamlessly flow between them. Zcash intends to accomplish this by cloning BTC Relay. It’s an Ethereum script that was created to create a Bitcoin Light Client inside Ethereum. To create an Ethereum Zcash light client, the Zcash clone will follow the same principle.
Currently, zk-SNARKs cannot be used for all Ethereum transactions and is instead a “tool within the toolbox”.
There are arguments for privacy coins market competition. Monero uses signatures, while PIVX uses a zero currency protocol that involves exchanging units PIVX for an anonymous voucher called zPIV. These vouchers can be sent to any address and received as regular PIVX units. All of these options have both positive and negative sides, but the consensus online is that Zcash may be the best option going forward. It will need to address some issues first, such as the 20% tax that all blocks that are created within the first few years of the currency’s existence include. This is sent automatically to the founders. This is known as ” , the founder’s tax“.
Due to the nature zk-SNARKs it is possible that the founders could make unlimited amounts of Zcash tokens if they conspire or are coerced. Because it is impossible to determine the total Zcash token supply at this point,
Bitcoin Private
A Zclassic fork of Zcash has been announced recently in response to Zcash problems. Although the fork was largely unnoticed for most of its existence, it was rebranded under the name Bitcoin private.
Bitcoin Private will use the original Bitcoin blockchain, but with many upgrades and changes including the introduction of zk -SNARKs. Zclassic prices soared in response to the change. They jumped from less than one dollar too close to $100 at their peak. At the hard fork, a snapshot was taken of all ZCL and BTC held. Anybody who held ZCL or BTC in a wallet, supported exchange or other means was credited Bitcoin Private (BTCP), at a 1:1 ratio.
Conclusion
Zcash is the first widespread use of zk–SNARKs, a new form of zero-knowledge cryptography. Zcash’s strong privacy guarantee stems from transactions being encrypted on the blockchain. They can also be verified to be valid using zk SNARK proofs. Although it is still a secure protocol, it has a bright future.
