This week’s article will look at one of the most technical features of blockchain technology, which is often mentioned in the blockchain space, but usually only technical developers care about: zk-proofs. Recent breakthroughs from BSV have now made the technology open and accessible, so I hope to spend some time explaining what they are and why they are important for the whole industry.
What are ZK proofs?
Besides sounding like a very cool buzzword, zk-proofs (or zk-SNARKs as they’re sometimes commonly called) are essentially a means by which a party (or a prover) can prove their knowledge of something secret to a second party (a verifier) without revealing the real thing in public. As such, it allows a buyer to buy a secret from a seller without trust if the purchase itself can be done atomically.
This turns out to be the fundamental keystone of any smart contract technology on blockchain, as it enables complete privacy for smart contracts while providing transparency for actual transactions.
Some blockchains like ZCash use ZKPs as part of their core protocol to enforce things like fixed inflation, coin supply, and distribution timing, while others allow ZKPs to be used in their native scripting language, like BSV and ETH.1.
Even though ZKPs are a technology that has been around since the 1980s, their practical use on blockchains has been fraught with challenges, primarily due to the size tradeoffs and computational resources required to generate and use them effectively. Traditional zk-SNARKs required a reliable “setup” phase which, if compromised (via leaked secrets or a corrupted key), would compromise the entire system in a way that is difficult to detect. Moreover, common implementations required significant computational resources to generate the proof (on the order of >10 seconds and >100MB for a few gigabytes of memory). All of these really prevented its use on Bitcoin, given BTC’s scaling limitations2 in terms of transactional block sizes and also the practical impossibility of having to wait 20 seconds for proof generation for each transaction.
That said, the potential benefits of zk-proofs far outweigh their practical limitations, which is why many blockchain projects are currently working on ways to deploy zk-proofs while mitigating their limitations.
These benefits become apparent when you consider the primary purpose of any blockchain: decentralization or the distribution of calculation logic in dealing with smart contracts (in bitcoin they are simply called predicate scripts Where Payment Terms). In theory, if zk proofs were implemented as a blockchain’s core consensus protocol, it would effectively become something like ZCash, and projects like Ethereum wouldn’t need every node to compute the same thing redundantly to be certain that a validator did not “cheat”. Instead, a demonstrator could simply compute the result of executing a contract, embed the zk proof, and do, at least in theory.
In practice, due to the size of the witness (the proof), it becomes more and more prohibitive due to the blockchain economics for platforms that cannot scale in volume, like ETH, where applications more complex (and therefore useful) zk-proofs would become too expensive to run due to gas charges that scale with the size of data to be chained and the amount of computation required. This has significantly limited the application of zk proofs on Ethereum. On BTC, the problem is that they have a strict limit on the size of transactions and blocks, which also puts a positive pressure on the cost of integrating such evidence into the public blockchain.
However, with BSV there are no such limitations, and thus, we have seen significant breakthroughs in the development of native zk-proofs implementations in recent months.
SCrypt, a project that combines a Typescript-like smart contract language and compiler with Bitcoin ASM (op-codes), pioneered work on zk proofs and their derivatives on BSV. What started as a theoretical proof of concept a year ago has grown into a plethora of tools and examples for harnessing the power of zk proofs on bitcoin. I will briefly review the milestones here in chronological order. Feel free to use it as a “playlist”.
1) Nov 2, 2021 – First, describes how to theoretically build a ZKKSP where proof can be used for an outsourced party to help a buyer find a private key that results in the desired custom address. This can be done without the seller of the information knowing the actual private key (which would defeat the purpose) while allowing the buyer to not have to do the math work themselves to derive the key of the desired personalized address.
2) August 6, 2022 – Almost a year later, a massive breakthrough in creating recursive ZKPs can be applied to problems where a global global problem can be solved in small steps. Each step can then produce a ZKP of equivalent size, which simply proves the “change” from the previous solution. This way, instead of computing a very LARGE single proof which would be prohibitively expensive in many ways as shown above, a proof can be “additive”. This is also useful for problems in which the answer is not discrete, but sits on a continuum and can be infinitely refined, such as optimization problems, where the buyer is willing to pay for a sufficiently ” pretty good “. The work can then be paid progressively instead of being a form of “win-win”. Labor can be distributed among a group of workers, each contributing their share and being paid for their partial contributions. For example, calculating a Fibonacci series or finding successive digits of pi, or running BitTorrent!
3) November 10, 2022 — Sudoku puzzle! Named as the first “hands-on” bitcoin ZKP app (which includes all bitcoin strings), last week sCrypt released a ZKP’s app to outsource the solution of a Sudoku puzzle. While we’ve been talking about it in theory for a year or more, it’s finally something to see the code in reality.
With this example, developers can now, without trust, outsource general issues to the public like a stateless bountyand the solutions provider can safely collect the premium in a way that does not require any receiver or intermediary. This deserves a bit of pause and reflection as this is what people have been trying to put to work for a while.
An improvement over a previous implementation that required a setup process between a buyer and seller (which practically meant it couldn’t easily be used as a pseudonymous bounty), this version can be done in a single transaction of premium published by the buyer, and collected by a pseudonymous seller in a single transaction.
Although this example uses Sudoku as the puzzle to solve, any puzzle that can be easily checked can use this method.
Think traveling salesman solutions for logistics companies or solving chess endgames for profit! Or even something like putting a bounty on creating a more efficient sorting algorithm? Or as a way to incentivize genetic algorithms to evolve to do something useful like Boolean operations? (Both have simple algorithmic methods to verify that they are indeed valid solutions).
4) November 14, 2022 – Proof of Reserves – Given the recent collapse of giant Defi FTX, many companies have started talking about implementing proof of reserves to show the world that they control the assets that he claims to owe and in addition everyone to whom he owes liabilities can “be counted” to ensure that their assets cover all of their liabilities. This describes how it could be done on Bitcoin.
5) Nov 26, 2022 – Pay for decryption key – ZKP’s Swiss army knife!
This is the real blockchain multi-tool… the ability to pay for a private key without trust. The applications of this would probably deserve an article on their own. Unsavory hackers have exploited this use case in the past with attacks such as cryptolocker where a hacker encrypts all your private data on your computer and demands a ransom to let you decrypt it again by selling you a password. private decryption. Adding insult to injury, for many victims who paid the ransom in bitcoins, the hacker would still refuse to deliver the private key, leaving the victim out of pocket and with data loss. With the ability to exchange a private key in confidence, both confirming that the seller has control of the necessary key and that payment for the key cannot take place if the key is not released at the same time time, this enables many use cases, from trustless digital marketplace exchanges to legacy and digital legacy planning. This is the generic “escrow” smart contract that can be used to construct most other complex contracts.
6) Bitcoin zkBattleship – Finally, any discussion of online games using ZKPs would not be complete without an example of where not requiring an “oracle” of knowledge to know the state of the shared game board, such as Battleship, shines really. These types of games can be extended to most card games where there is a “dealer” state, ie, who keeps track of which players have which cards? This example shows its implementation using the game Battleship, where the blockchain manages the “game state” in a trustless way.
As recent quick posts from the SCrypt team show, the technology is developing rapidly and has yet to mature, along with the development of easier tools to help beginner developers get started writing bitcoin smart contracts, that use ZKPs. . But the floodgates are now officially open. Let the games begin!
width=”562″ height=”315″ frameborder=”0″ allowfullscreen=”allowfullscreen”>
/djc
Wall Street Technologist
[1] Notably missing BTC, as they have disabled the necessary language features
[2] Also, as mentioned earlier, BTC Core did not re-enable the original Bitcoin 2009 operational codes to make this possible.
Watch: Presentation of the BSV Global Blockchain Convention, Smart Contracts and Computation on BSV
width=”562″ height=”315″ frameborder=”0″ allowfullscreen=”allowfullscreen”>
New to Bitcoin? Discover CoinGeek bitcoin for beginners section, the ultimate resource guide to learn about bitcoin – as originally envisioned by Satoshi Nakamoto – and blockchain.
