- zk-SNARKs are a form of cryptography that enable privacy coins like Zcash to function.
- Here's everything you need to know about how they work in crypto, and where else you might see them pop up.
Decrypt’s Art, Fashion, and Entertainment Hub.
An important segment of the crypto industry revolves around so-called "privacy coins," which promise highly anonymous transactions. Privacy coins, notably Zcash (ZEC), rely on a technology called zk-SNARKs, which stands for Zero-Knowledge Succinct Non-Interactive Argument of Knowledge.” This field is also referred to as zero-knowledge cryptography.
The concept of “zero knowledge” can be somewhat mind-melding, and zk-SNARKs get complicated quickly, so let’s start at the beginning.
In a nutshell, cryptography is the study of secure communication techniques. People often use cryptography when they only want a sender and recipient to view the contents of a message.
Cryptography has been around for centuries. One of the earliest examples of cryptography arose in Ancient Egypt where followers of Khumhotep II inscribed his tomb with encrypted symbols that marked a departure from traditional Egyptian hieroglyphics.
One of the most common elements of cryptography in the cryptocurrency world is hash functions, the backbone of any blockchain. Hash functions—specifically SHA-256, a hash function found in most blockchains—essentially turn an input such as a word phrase or a number into an encrypted piece of information of a fixed length that look like this:
Hash functions (you can read more here) allow blockchains like Bitcoin to process transactions, link blocks to one and other, and ensure the integrity of blockchain data is maintained.
Just like hash functions, zk-SNARKs are a form of cryptography. They are used to guarantee stronger privacy than users would otherwise get on a blockchain.
Zcash: zk-SNARKs in action
zk-SNARKs are a form of “zero-knowledge” cryptography—hence the zk.
zk-SNARKs allow crypto users to send transactions on a blockchain in a totally encrypted way—meaning no one can read them—while at the same time signifying the transactions took place in a legitimate manner. But how is that possible?
Zero knowledge proofs allow person A to prove to person B that statement X is true without revealing any information beyond the validity of statement X itself. Imagine verifying to someone that you’re over the age of 21 without revealing your birthday or the fact you’re 25. That’s a useful way of imagining how zk-SNARKs function.
This is exactly what takes place when two individuals make a transaction in Zcash, one of the cryptocurrency industry’s leading privacy coins. The goal of Zcash is to anonymize as much information about users and transactions as possible.
“The strong privacy guarantee of Zcash is derived from the fact that shielded transactions in Zcash can be fully encrypted on the blockchain, yet still be verified as valid under the network’s consensus rules by using zk-SNARK proofs,” the Zcash website reads.
Fundamentally, this kind of shielded transaction is the opposite of what we see in, for example, the Bitcoin blockchain, where sender and receiver addresses—as well as the value of a transaction—are available for anyone to see.
In a shielded transaction, Zcash uses zk-SNARKs to show a sender possesses the funds he or she wishes to transmit, and that the transaction cannot be modified by a third party.
For these shielded transactions to work, they must satisfy certain conditions. Specifically, in Zcash, they entail users publishing a “commitment” and revealing a “nullifier.”
A commitment refers to an unspent balance on the Zcash blockchain. Just like Bitcoin, nodes on Zcash’s network maintain a list of such balances, showing that funds are indeed available.
A person who wishes to send Zcash publishes a commitment in order to say, “see, I have this amount of money” (albeit without revealing how much). In turn, the nullifier serves to say “this same amount of money is spoken for—it has been sent to someone else.’
In other words, nullifiers are tied to commitments—they are numbers that need to be revealed before a commitment can be spent. If Alice wants to sent Bob Zcash, she has to use a commitment to prove she has the authority to spend the funds, and a nullifier to show the requisite amount has been reserved exclusively for Bob (without, of course, revealing Bob is the recipient).
Each new shielded payment gives rise to three types of record on the blockchain—records that are protected by means of a hash. The hashes in question represent: the address of the transaction recipient, the amount that was sent, and a number unique to the transaction itself.
The upshot is that shielded transactions rely on hash functions just like Bitcoin, but it’s the zk-SNARKs that add a new layer of privacy.
Coins like Zcash and Monero—another popular privacy coin in the crypto sphere—are popular among some users given the fact that the crypto industry is composed of many libertarians. Both coins try to set themselves apart from more popular cryptocurrencies like Bitcoin by claiming that nobody could pry into your private financial lives if you used their coins.
However, given concerns that cryptocurrencies in general—and privacy coins especially—can serve as tools for criminals, these projects are far from popular with law enforcement agencies and regulators.
The future of zk-SNARKs
zk-SNARKs are a useful tool for anonymizing crypto transactions. But they are also helping to power a growing number of other applications beyond privacy coins. Celo, for instance, is a cryptocurrency protocol that focuses on mobile payments and aspires to create a more inclusive financial world.
Decrypt spoke with Pranay Mohan, who works on product and engineering at Celo. He suggested that Zcash might be where people first hear about zk-SNARKs, but that the technology’s potential extends far beyond privacy hawks. Mohan points in particular to how zk-SNARKs can help people in the developing world.
“If we think about how these people are able to use cryptocurrency now it’s near impossible, they’re not using Metamask and throwing $10,000 into a random DeFi project,” he said. Using zk-SNARKs, Mohan adds, mobile phone users can sync instantly with a blockchain—retaining the same trustless properties of crypto but on devices that don’t have a high degree of technical capacity.
Despite their promise, zk-SNARKs remain very niche. Even in a highly technical industry like crypto, many people aren’t aware of what they are. But that may be changing as more companies begin embracing the technology.
These include Aleo, a startup that recently raised $28 million from blue chip venture capital firms, to build tools that will let web develops integrate zero knowledge proofs in a wide variety of Internet applications—a project that promises to let consumers browse the web without revealing a trove of personal data.
But that hasn’t dissuaded EY, one of the world’s largest accounting firms, from experimenting with this advanced cryptography.
Paul Brody, global blockchain leader at EY, says the company is using zero knowledge proofs like zk-SNARKs to let clients embrace blockchain’s potential without sacrificing user privacy.
According to Brody, the accounting firm’s own Nightfall solution provides a means for transacting on the Ethereum network with absolute privacy, while providing enterprises—not just individuals—with these benefits.
And while there are regulatory concerns surrounding highly private financial transactions, Brody believes zk-SNARKs will gather mainstream momentum in the future.
“Privacy is essential for business users,” he said, adding, “For enterprises, some of their most sensitive information is about what they buy, from whom, how much they pay and how much they are buying in volume.”