Zero-disclosure evidence is a cryptographic protocol that allows one side (the prover) to confirm the truth of the statement to the other side (the verifier), without disclosing any additional information about it (neither the content nor the source from which the prover learned about the veracity). The definition was first proposed by researchers at the Massachusetts Institute of Technology (MIT) Shafi Goldwasser, Silvio Mikali, and Charles Rakoff in the scientific article “The Complexity of Evidence in Intera Active systems ”(1985).
How it works
Imagine that you are in a room with someone blindfolded. On the table in front of you are two balls – white and black. You need to prove to the second person (the verifier) that the balls are really different colors, without revealing which ones. To do this, you should ask him to hide both balls under the table. After that, ask to get only one so you can see it. Then the ball hides again and the next time the verifier can again show either white or black. However, you can prove the statement, because you know for sure whether he changed them under the table.
Nevertheless, the verifier will not be completely sure of the truth of the fact, because luck or deception could have taken place. This problem is solved by repeating the experiment n times. With each round, the chance of accidentally turning out to be right will be halved: after five repetitions, the probability of cheating will be 1 to 32, after 10 rounds – 1 to 1024, and after 20 rounds – about 1 to 1,000,000.
Through repetition, it is possible to achieve the desired level of evidence reliability, but absolute certainty cannot be achieved.
Why use zero-knowledge proof
One of the obvious applications of evidence with zero disclosure in cryptocurrencies can be called checking the user’s availability of funds for a transaction, without disclosing to network participants who this user is and how much money he has in his account.
This protocol can also be used in areas where it is necessary to ensure the security of data (for example, personal information) or the conduct of financial transactions.
Zero-disclosure evidence can play the role of a tool that verifies data and users, provides privileged access, and establishes trusted connections.
What types of evidence are there with zero disclosure
- Interactive (the verifier independently interrogates the prover in real time);
- Non-interactive (does not require direct communication between the verifier and the prover; the former can verify the authenticity of the statement after the fact).
Evidence with zero disclosure can also be divided into two groups, based on the presence or absence of a phase of fixing the authenticity of the statement by several verifiers – the so-called trusted setup using a Boolean function.
For some protocols, such as zk-SNARKs (Zero-Knowledge Succinct Non-Interactive ARgument of Knowledge), this is a prerequisite. Verifiers generate a special secret that is destroyed immediately after a trusted installation. If the secret continues to exist, then the data on the network can be faked, thereby leveling the benefits of using the protocol.
There are protocols that do not require a trusted installation (for example, zk-STARK (Zero-Knowledge Scalable Transparent ARguments of Knowledge).
What are the benefits of zero-disclosure evidence
- Increasing the privacy of users in public blockchains and other networks;
- Strengthening information security by replacing inefficient authentication and verification methods;
- Blockchain throughput and scalability.
What are the disadvantages of zero-disclosure evidence
- Require significant computing power;
- The possibility of compromise with a trusted installation;
- Potential vulnerability to quantum computing.
Which projects use zero-disclosure evidence
Focused on increased user privacy, ZCash cryptocurrency uses the modified zk-SNARKs protocol. The same protocol was partially implemented on the Ethereum network as part of the Byzantium hard fork. At the moment, air developers are considering additional options for using this technology.
Startup QEDIT developed the SDK (Software Development Kit), which allows you to implement evidence with zero disclosure in existing blockchains to increase the privacy of transactions while maintaining the possibility of their validation by nodes. Note that the project has already been awarded the European Commission Quality Mark, and among its partners are such well-known companies as VMWare, Ant Financial and Deloitte.
StarkWare has created solutions based on the zk-STARKs protocol, which can also be implemented on existing networks. The project has already attracted funding from Vitalik Buterin, Pantera Capital, Intel Capital, Sequoia Capital and other investors.
Dutch bank ING has released a modified version of the evidence with zero disclosure – Zero-Knowledge Range Proof (ZKRP). This protocol can prove that the client has a salary in the range necessary to obtain a mortgage, without disclosing the amount itself.
Subscribe to ForkLog news on Telegram: ForkLog Live – the entire news feed, ForkLog – the most important news and polls.