ZK-SNARK: Definition, How It's Used in Cryptocurrency, and History

What Is ZK-SNARK?

Zk-SNARK stands for “Zero-Knowledge Succinct Non-Interactive Argument of Knowledge.” It is cryptographic proof that allows one party to prove it possesses certain information without revealing that information. This proof is made possible using a secret key created before the transaction takes place. Zk-SNARK is used as part of the protocol for the cryptocurrency Zcash.

Understanding ZK-SNARK

For many original members of the cryptocurrency community—primarily the Bitcoin community—privacy was an assumed aim and feature of cryptocurrencies. However, privacy was always a second-order concern, given cryptocurrency's need to create a "trustless" system of guaranteeing the integrity of electronic currency and digital transactions.

In the early 2010s, Bitcoin users sometimes assumed that their transactions were anonymous because their offline identities weren't associated with users' public keys. But through the end of the decade, coordinated efforts by data scientists, hackers, and law enforcement proved that it is not only possible but relatively easy to re-identify people who had given pseudonymous data to multiple sources.

Because of the perceived lack of privacy of some of the original cryptocurrencies like Bitcoin, developers started working on privacy-focused coins. The most prominent of these is Zcash, backed by a privacy concept known as zk-SNARKs.

Zero-Knowledge Proof

A zk-SNARK ("Zero-Knowledge Succinct Non-Interactive Argument of Knowledge") utilizes a concept known as a "zero-knowledge proof." Put simply, a zero-knowledge proof is a situation in which each of two parties in a transaction is able to verify to each other that they have a particular set of information, while at the same time not revealing what that information is.

For most other types of proof, at least one of the two parties must have access to all the information. A traditional proof can be compared to a password used to access an online network. The user submits the password, and the network itself checks the contents of the password to verify that it is correct. In order to do this, the network must also have access to the contents of the password.

A zero-knowledge proof version of this situation would involve the user demonstrating to the network (via mathematical proof) that they have the correct password without actually revealing the password itself. The privacy and security advantages in this situation are clear: If the network does not have the password stored somewhere for verification purposes, the password cannot be stolen.

The mathematical basis of zk-SNARKS is complex. Nonetheless, proofs of this type allow one party to demonstrate not only that a particular bit of information exists but also that the party in question has awareness of that information. In the case of Zcash, zk-SNARKs can be verified nearly instantly, and the protocol does not require any interaction between the prover and the verifier.

ZK-SNARK Example

Because zk-SNARKs are tough to comprehend, it's best to use a simple example of what they are. Imagine you have a safebox with a combination lock at a bank with a note in it. The note has a signature and printed name on it. You believe you're the only one that knows what it says. You're discussing it with a friend but have not revealed anything about the note other than it exists in that safebox.

The friend tells you they know what it says and then tells you the name on the note. They have provided proof that they know the combination and what's on the note without revealing it.

On a blockchain, it is much more complicated, but this is the general idea. Someone provides proof they know something without revealing it.

Criticism of ZK-SNARKs

There are, of course, concerns related to zk-SNARKs. For instance, if someone was able to access the private key that was used to create the parameters of the proof protocol, they could create false proofs that nonetheless looked valid to verifiers. This would allow that person to create new Zcash tokens through a counterfeiting process. In order to prevent this from happening, Zcash was designed to elaborate the proving protocols and spread them out over multiple parties.

While the construction of the Zcash proving process was completed in such a way as to minimize the possibility of counterfeiting tokens via false proofs, there is at least one other concern related to the cryptocurrency as well. Zcash was created with a 20% "tax" levied on all blocks created over the first several years of the token. This tax is known as the "founder's tax," and it is used to compensate the developers of the cryptocurrency.

Critics have suggested that the founders could potentially use this facet of the system to create an infinite number of Zcash tokens without anyone else being aware of the existence of those tokens. For that reason, it's not entirely possible to know the exact number of Zcash tokens in existence at this point.

Since 2019, some developers have been working to improve zk-SNARKs by removing the trusted setup. In 2022, Zcash developers implemented the Halo 2 zero-knowledge system, eliminating one of the blockchain's most significant privacy issues. Halo 2 doesn't require a trust setup between users.

The Bottom Line

Zk-SNARKs serve as proof that one user has information without revealing it. This is a confusing but computationally quick mathematical process used in blockchains to maintain user privacy.