How zero-knowledge proof is designed to provide privacy critical to freedom in the era of mass surveillance
Blockchain comes into existence with various traits and characteristics like transparency, immutability, and decentralization and also brought distributed ledger into existence which helps users to remain anonymous and perform transactions with high security.
Basically in a nutshell, it provides control over privacy and is future-backed, but do you think that blockchain is fulfilling its promise of providing secrecy to the end user? A simple answer to this question is NO.
Various blockchain networks use public databases to keep the transaction history (Ref. Etherscan.io) and from there, anyone with an internet connection can view the list of the network’s transactions and eventually, they can see all the transactions done by the wallet provider and all the associated networks to that wallet’s network, in a way it is like if you have someone’s credit card number you can see the past transaction of the person, but in this whole process, the name is still invisible to you. The user will be still unknown with the help of a public key which ensures the shielding of your personal details.
As they say
The user’s sensitive information stored in a blockchain is only confidential not anonymous
In the current blockchain cryptosystem, the transaction is recorded on a public ledger and is transparent in nature due to this highly sophisticated banks are reluctant to adopt this technology as it doesn’t assure the anonymity of the client.
But now with the application of this simple yet profound concept of Zero-Knowledge Proof, it is very much doable.
What is Zero-Knowledge Proof?
It is an encryption scheme proposed by MIT researchers Silvio Micali, Shafi Goldwasser, and Charles Rackoff in the 1980s. In this method, a party i.e. prover can prove that a specific statement is true to another party without discussing any additional information.
Let’s understand this with a small example
Kids and Candy Bars
Suppose, two children — Bob and Alice, have received some candy bars from a party. Bob wants to know if Alice has got the same number of candy bars or not. But, at the same time, none of them is ready to reveal the exact number.
So, what they do is that Bob brings four lockable boxes into a room, assuming that the number of candy bars received will be 10, 20, 30, and 40. He labels each box with a value corresponding to the number of candy bars.
Then, Bob keeps the key to the box that defines the number of candy bars he received in his pocket (let’s say he got 30 candy bars) and throws away the keys of all other boxes. And he leaves the room.
Now, Alice enters the room with 4 small pieces of paper and writes ‘+’ on one of them while ‘-’ on every other. Here, ‘+’ denotes the number of candy bars she got, while ‘-’ represents every other value.
She slips the paper piece with the ‘+’ sign in one box (let’s say in the one representing 20 candy bars) and ‘-’ in the rest of the boxes. And she leaves.
Now, Bob enters the room again and opens the box whose key is in his pocket. Then, he checks if the box has a piece of paper with a ‘+’ sign or a ‘-’ sign. If it’s a ‘+’ sign, he realizes that Alice has an equal number of candy bars. While, in the other case, she doesn’t.
As we know that Alice has 20 candy bars and Bob has 30 candy bars, Bob will find a ‘-’ sign in the lockable box whose key he has. This will make him clear that they both do not have the same number of candy bars.
At the same moment, Alice will re-enter the room and find a ‘-’ sign in Bob’s hand and she will also come to know that they have a different number of candy bars.
Note: By this method, Bob will learn that they do not have an equal number of candy bars. But, he will still have no clue if Alice has more or less candy bars than him, and vice versa.
Prove you know where Waldo is, without sharing his location
In this example, Alice and Bob are racing to find Waldo in a popular children’s book series, where the point is to spot Waldo in a sea of shapes that look like him.
Alice: I know where Waldo is!
Bob: Alice, do you know what a liar is?
Alice: I can prove to you where he is without revealing his location.
To defend her integrity, Alice devises two solutions to prove her knowledge.
Alice cuts out Waldo from her scene and only shows Bob the Waldo snippet. To ensure that Alice didn’t just print out a new picture of Waldo, Bob can watermark the back of Alice’s scene page. Or, he can do a thorough cavity search on Alice before Alice enters a secret room to cut the page.
Alice cuts a hole in a very large, opaque sheet of cardboard. She places the cardboard cutout on top of the original scene. In this solution, only Waldo is shown. His coordinates relative to the rest of the scene are still unknown. Later, Alice can reproduce the scene underneath to prove that she used the original puzzle.
Both solutions fulfill the three important properties of zero-knowledge proof systems: soundness, completeness, and zero-knowledge.
Alice is able to use the same proofs to verify that she has found Waldo many times per game and across many games. In this sense, her proof systems achieve statistical:
- Soundness — everything that is provable is true: Assuming Alice doesn’t know Waldo’s locations and presents random pieces of the scene to her proof systems… then, her cardboard holes will display random images without Waldo. Put simply, Alice’s proof systems are truthful and do not let her cheat.
- Completeness — everything that is true has proof: As long as Alice finds Waldo, she’s able to consistently use her proofs to show Waldo, in each game. Put simply, Alice’s proof systems convince Bob that she found Waldo.
- Zero-Knowledge — only the statement being proven is revealed: As Alice proves to Bob that she has found Waldo, the only information revealed to Bob is that “Alice has found Waldo”. Waldo’s location is never revealed. Put simply, Alice’s proof systems prove her victory to Bob, without revealing her knowledge.
Pros of Zero-Knowledge Proof
Simple yet sophisticated: One of the main advantages of ZKP is that it doesn’t involve a complex encryption method
Privacy and Anonymity: It doesn’t require any sort of information to complete the process.
Cons of Zero-Knowledge Proof
Lengthy: In the ZKP method there are around 2,000 computations with each requiring a certain amount of time to them
Imperfect and still developing: The message delivered for verification/proof might be destroyed or modified
Limited: ZKP protocol demands the secret to be a numerical value in other cases translation is required.
Messaging: In messaging, end-to-end encryption is imperative so that no one can read your private message besides the one you are communicating with. To ensure security, messaging platforms ask users to verify their identity to the server and vice-versa. But, with the advent of ZKP, they will be able to build end-to-end trust in the messaging world without leaking any extra information. This is one of the prime applications of zero-knowledge proof in the blockchain world.
Identity Verification: Zero-knowledge proof can also facilitate transmitting sensitive information like authentication information with better security. It can build a secure channel for the users to employ their information without revealing it. And this way, avoid data leakage in the worst scenarios.
Challenges you’ll face while implementing ZKP in your projects
1. Absence of Standards
Since blockchain technology itself is at its early adoption stage, there are no standards, systems, and homogeneous languages that enable app developers and business prospects to interact with the concept of ZKP and harness its potential in an efficient way.
Another challenge that restricts the adoption of zero-knowledge proof in the blockchain environment is scalability, provided such algorithms require high computing capacity to operate on a high level.