In 1989, in the 1st Issue of Volume 18 of the Society for Industrial and Applied Mathematics (SIAM), an article was released by three college students. Shafi Goldwasser (MIT), Silvio Micali (MIT), Charles Rackoff (Univ of Toronto); published: “The Knowledge Complexity of Interactive Proof Systems.” This article was the first to introduce the concept of zero-knowledge proofs.
The introduction of the article reads:
‘Zero-knowledge proofs are defined as those proofs that convey no additional knowledge other than the correctness of the proposition in question.’
Quick Navigation Links:
- What is a Zero-Knowledge Proof?
- Where’s Waldo & a Jar of Marbles
- What is Required?
- Interactive Proofs
- Non-Interactive Proofs
- The Cave Door
- Trust Me
- Argument for Soundness
- Why is this Important?
- What is ZCash?
- ZCash vs. Bitcoin
What is a Zero-Knowledge Proof
You may be wondering, why would you want to do such a thing? Imagine that you have a secret that you don’t want to reveal to anyone, but you want to prove that you know what the secret is.
Where’s Waldo & A Jar of Marbles
To help illustrate when a zero-knowledge proof would be beneficial, let’s look at 2 simple real-life examples.
Imagine you and a friend are looking at a Where’s Waldo book, and you find Waldo before your friend. Your friend doesn’t believe you and wants you to prove it. How can you prove to your friend that you know the location of Waldo without revealing his actual location?
For the second example, pretend you have a large jar full of marbles. You want to prove to your ‘skeptical’ friend that you know how many marbles are inside. You need to do this without revealing how many are inside or having your friend count them.
What Do You Require?
As you consider those riddles, let’s dive into the requirements of zero-knowledge proofs.
You Complete Me
In this example, we will introduce Paul ‘the Prover’, and Veronica ‘the Verifier.’
The first requirement is Completeness, which is a simple requirement. It says if Paul is honest, and he has a secret to prove to Veronica. If Veronica is also honest, then everything will work in this scenario. If both the Prover and the Verifier follow the Protocol to completeness, it will work as planned. Simply put, if all parties are honest and completely follow the rules, everything will function correctly.
A Sound Argument
The second requirement is Soundness. This condition states that if Paul did NOT have a secret, but still wanted to convince Veronica that he did, this would be impossible. In reality, many zero-knowledge protocols relax this requirement, because it is impossible to guarantee 100% soundness with zero knowledge. However, they make it so Paul’s chances of fooling Veronica are extremely low.
Making the protocol sound attempts to ensure that one cannot do anything to cheat the system.
I Have No Knowledge
Completeness and Soundness are standard requirements among any interactive proof. The differentiator in a zero-knowledge proof is the third requirement, Zero-Knowledge. In our example, Paul is an honest man. Veronica finds out that Paul has a real secret, but not what the secret is.
Additionally, anyone who may be spying on Paul and/or Veronica has no way of knowing if the act is scripted or genuine. Meaning, Paul can prove to Veronica and only Veronica that he knows the secret. If Veronica’s sister Vicki enters the scene, Paul will have to Prove the secret all over again to her.
The term interactive proof refers to the interaction that occurs between the Prover and the Verifier. The purpose of the interaction is to convince the Verifier that the presented information is true.
Non-interactive zero-knowledge proofs are a variant of zero-knowledge proofs. With non-interactive zero-knowledge proofs, no interaction is necessary between prover and verifier.
Non-Interactive zero-knowledge proofs are also referred to as
Now let’s look at a real-life example of the zero-knowledge protocol in action.
The Cave Door
My favorite analogy to help illustrate this concept is the Cave Door Analogy. Pretend that there is a circular cave, the cave can only be enterred/exitted at the front. At the back of this circular cave, there is a door. This door has a keypad that requires a passcode to be entered to open it.
Paul wants to prove to Veronica that he knows the passcode without revealing what the code is. All Paul has to do is enter one direction of the circular cave with Veronica watching, and come out the other side. This example of a zero-knowledge proof is known as the Cave Door example.
You Can Trust Me…
To complicate this example, imagine that Veronica does not see Paul enter the cave.
Once Paul enters the cave, he chooses which direction to go. Veronica then walks to the mouth of the cave and directs him which way to exit.
If Paul exits the way that Veronica directs him, should she believe that he knows the secret code?
Let’s dive a little deeper into that question, as we take a closer look at the Soundness characteristic of zero-knowledge proofs.
So You’re Saying There’s a Chance…
Veronica is unable to see Paul enter the cave, and she does not know what direction he goes initially. Paul has a 1 in 2, or 50% chance of exiting the cave in the right direction regardless of whether he knows the code or not.
This probability makes Veronica question him, and she requests that he complete the task again.
Veronica steps away from the cave, and Paul enters the cave again. He is free to choose whichever direction he likes. Once Paul is inside Veronica directs him again on which way to exit. Paul exits the correct way for a second time, the likelihood of this is 1 in 4 or 25%.
Never Completely Sound
Veronica is still not satisfied with the 25% odds. However, the more times that Paul completes the task successfully, the better the odds are that Paul does, in fact, know the code.
In any event, you can never achieve complete soundness in a zero-knowledge environment. Zero-knowledge protocols aim to make the network sound enough to highly discourage cheating. This is usually done by making it more costly to cheat than the reward one would receive.
Why are Zero-Knowledge Proofs Important?
The Cave Door analogy provides a great visual to explain what a zero-knowledge proof is. But why are zero-knowledge proofs important in blockchain?
I Don’t Know You Like
The ability to answer the question, Does User A have enough funds to send to User B? Not knowing who the Users are, what the amount is, or exactly how much total currency either have, is the primary use case of zero-knowledge proofs. However, this technology does not only need to apply to transactions of value.
The same zero-knowledge principles can also apply to the exchange of data. My opinion is that this would be very powerful when it comes to something like anonymous police work, or a decentralized social platform.
There are also countries where freedom of speech does not exist to the same level as the United States. This technology opens up the possibility to give people a voice to express opinions that they could not safely do before.
What is ZCash (ZEC)?
ZCash is a privacy coin. This means that transactions on the ZCash network can have the details shielded from public view. ZCash is NOT the only privacy coin on the market today, I will discuss others like Monero and Dash in future articles.
What is Zerocoin?
At the core of the ZCash currency lays the cryptographic protocol for anonymizing transactions, called Zerocoin. Zerocoin was created by a group of scientists from Johns Hopkins, MIT, and the Israel Institute of Technology.
History of Zerocoin
The Zerocoin protocol was initially developed as an upgrade to the Bitcoin network. The protocol was designed to increase the privacy of Bitcoin. The Zerocoin team reconsidered and decided to launch a new currency called ZCash. The project was privately funded, and there was no ICO or pre-mining. To learn more about the details of what an Initial Coin Offering is, review this ICO Deep Dive.
The ZCash network launched on October 28, 2016. ZCash has an excellent team, directed by Bryce Wilcox, better known as Zooko Wilcox-O’Hearn. Zooko is also the team leader of the project, and a well respected member of the crypto community.
Gotta Get Paid…
Due to the fact that ZCash was privately funded. It was agreed that within 4 years of the launch of ZCash 20% of the mined cryptocurrency would be distributed back to the developers and investors. Not all members of the ZCash community liked the idea of this distribution of coins.
The disagreement caused some members to perform a hard fork and create ZClassic. To understand the details of a Hard Fork, have a look at this Hard Fork detailed explanation. ZClassic did receive attention for a short period of time. However, today the currency does not have an active development team. Unlike ZClassic, ZCash continues to perform well as a currency and as a use case.
ZCash vs Bitcoin
To further understand ZCash, let’s examine how transactions happen on both the Bitcoin and ZCash blockchains. When a Bitcoin transaction occurs, the address of the Sender and the Receiver and the amount sent are recorded. This information is publicly accessible via the blockchain.
Conversely, with ZCash, the blockchain contains the information that One Annonymous User sent an unknown amount of coins to another Annonymous User. In other words, private transactions using ZCash only record the outcome of the transaction, not the specific details.
What Makes ZCash Different?
ZCash uses the hashing algorithm known as Equihash for block mining. Mining a block on the ZCash blockchain takes approximately 2.5 minutes. Like Bitcoin, ZCash has a total supply of 21 million coins.
A Fungible Coin
An interesting characteristic of ZCash coins is that they are Fungible. Fungibility essentially means that all coins have a clean history. Something is fungible if one unit of the good is equivalent to another unit of the same good of the same quality at the same time and place. For example, if two people are standing next to each other, and each has an ounce of gold, both ounces will have the same value in USD. However, with Bitcoin, you can see the history of this coin. This is why Bitcoin is not a fungible asset.
To See or Not To See…
Additionally, ZCash gives users the ability to choose the level of privacy for each transaction. Transactions can happen either anonymously or publicly, depending on the users need. ZCash offers 2 types of addresses, ‘T-addresses’ and ‘Z-addresses’. ‘T-addr’ are Transparent addresses, ‘t-addr’ transactions are viewable to the public. ‘Z-addr’ are shielded addresses. Transactions that take place using a ‘z-addr’ will not give any additional information about the transaction.
The Z.Cash website does an excellent job explaining and illustrating the different types of transactions.
Zero-knowledge protocols and privacy coins are definitely exciting new technologies. In a time when everyone wants to publicize their lives to family, friends, and the world. Responsible sharing of personally identifiable data should be of the utmost importance to everyone.
There is little doubt that zero-knowledge principles will continue to rise in popularity. I hope that we see more zero-knowledge protocol use cases in the very near future.
Today’s Top 5 Coin Prices
Bitcoin Cash: $115.33
Bitcoin Dominance: 53.5%
ZCash: $47.24 // Market Cap: $274,124,646