Overview and Future Prospects of zk-SNARKs Technology

Summary

zk-SNARKs ( ZKP ) is widely regarded as one of the most revolutionary innovations in the blockchain field, following distributed ledger technology, as an important cryptographic technique. This article provides a systematic review of the development of ZKP technology over the past forty years and the latest research.

First, the basic concepts and historical background of ZKP are introduced, with a focus on analyzing circuit-based ZKP technologies, including the design, application, and optimization methods of models such as zk-SNARKs, Pinocchio, and Bulletproofs. In terms of computing environments, this article introduces ZKVM and ZKEVM, discussing how they enhance transaction processing capacity, protect privacy, and improve verification efficiency. The article also elaborates on the working mechanism and optimization methods of ZK Rollup as a Layer 2 scaling solution, as well as the latest advancements in hardware acceleration, hybrid solutions, and dedicated ZK EVM.

Finally, this article looks forward to emerging concepts such as ZKCoprocessor, ZKML, ZKThreads, ZK Sharding, and ZK StateChannels, and discusses their potential in blockchain scalability, interoperability, and privacy protection.

By analyzing these latest technologies and development trends, this article provides a comprehensive perspective for understanding and applying zk-SNARKs technology, demonstrating its immense potential in enhancing the efficiency and security of blockchain systems, and offering important references for future investment decisions.

Directory

Preface

1. Basics of zk-SNARKs

2. Overview

3. zk-SNARKs Example

4. Non-interactive zk-SNARKs

5. Background

6. The Proposal of NIZK

7. Fiat-Shamir transformation

8. Jens Groth and his research

9. Other Research

10. Circuit-based zk-SNARKs

11. Background

12. Basic Concepts and Characteristics of Circuit Models

13. Circuit Design and Applications in zk-SNARKs

14. Potential Defects and Challenges

15. zk-SNARKs model

16. Background

17. Common Algorithm Models

18. Scheme based on linear PCP and discrete logarithm problem

19. Proof Scheme Based on Ordinary People

20. Zero-Knowledge Proofs Based on Probabilistic Verifiable Proofs

21. Classification of the Setting Stage Based on CPC

22. Overview and Development of Zero-Knowledge Virtual Machine

23. Background

24. Classification of existing ZKVM

25. Front-end and Back-end Paradigms

26. Advantages and Disadvantages of the ZKVM Paradigm

27. Overview and Development of zk-SNARKs Ethereum Virtual Machine

28. Background

29. The working principle of ZKEVM

30. Implementation Process of ZKEVM

31. Features of ZKEVM

32. Overview and Development of Zero-Knowledge Layer 2 Network Solutions

33. Background

34. The working mechanism of ZK Rollup

35. Disadvantages and Optimizations of ZK Rollup

36. The Future Development Direction of zk-SNARKs

37. Accelerate the development of computing environments

38. The Proposal and Development of ZKML

39. Development of ZKP Scaling Technology

40. Development of ZKP Interoperability

41. Conclusion

Preface

With the arrival of the Web3 era, blockchain applications ( DApps ) are experiencing explosive growth, with new applications emerging every day. In recent years, blockchain platforms have been handling the activities of millions of users daily, processing billions of transactions. The vast amount of data generated by these transactions often contains sensitive personal information, such as user identities, transaction amounts, account addresses, and balances. Given the openness and transparency of blockchain, this stored data is publicly accessible to everyone, raising various security and privacy issues.

Currently, there are several cryptographic technologies that can address these challenges, including homomorphic encryption, ring signatures, secure multiparty computation, and zk-SNARKs. Homomorphic encryption allows computations to be performed on ciphertexts without decrypting them, helping to protect the security of account balances and transaction amounts, but it cannot protect account addresses. Ring signatures provide a special form of digital signature that can hide the identity of the signer, thus protecting account addresses, but it is powerless in protecting account balances and transaction amounts. Secure multiparty computation allows the distribution of computational tasks among multiple participants without any participant knowing the data of others, effectively protecting account balances and transaction amounts, but it also cannot protect account addresses. Additionally, these technologies cannot verify whether the prover has sufficient transaction amounts in a blockchain environment without disclosing transaction amounts, account addresses, and account balances.

zk-SNARKs(ZKP) is a more comprehensive solution. This verification protocol allows for the validation of certain propositions without revealing any intermediary data. The protocol does not require complex public key infrastructures, and its repeated implementations do not provide malicious users with opportunities to obtain additional useful information. Through ZKP, verifiers can validate whether the prover has sufficient transaction amounts without disclosing any private transaction data. The verification process involves generating a proof containing the transaction amount claimed by the prover, which is then passed to the verifier. The verifier performs predefined calculations on the proof and produces a final computation result to determine whether to accept the prover's assertion. If the prover's assertion is accepted, it means they possess sufficient transaction amounts. The above verification process can be recorded on the blockchain, with no forgery.

The feature of ZKP plays a core role in blockchain transactions and cryptocurrency applications, especially in privacy protection and network scalability, making it not only a focus of academic research but also widely regarded as one of the most important technological innovations since the successful implementation of distributed ledger technology (, particularly Bitcoin ). It is also a key sector for industry applications and venture capital.

As a result, many network projects based on ZKP have emerged one after another, such as ZkSync, StarkNet, Mina, Filecoin, and Aleo. With the development of these projects, algorithmic innovations related to ZKP are constantly emerging, with reports of new algorithms being introduced almost every week. In addition, hardware development related to ZKP technology is also advancing rapidly, including chips specifically optimized for ZKP. For example, projects like Ingonyama, Irreducible, and Cysic have completed large-scale fundraising, and these developments not only demonstrate the rapid progress of ZKP technology but also reflect the transition from general-purpose hardware to specialized hardware such as GPUs, FPGAs, and ASICs.

These advancements indicate that zk-SNARKs technology is not only an important breakthrough in the field of cryptography but also a key driving force for the broader application of blockchain technology (, especially in enhancing privacy protection and processing capabilities ).

Therefore, we decided to systematically organize the relevant knowledge of zk-SNARKs ( ZKP ) to better assist us in making future investment decisions. To this end, we comprehensively reviewed the core academic papers related to ZKP, ranking them based on relevance and citation counts (; at the same time, we also conducted a detailed analysis of the materials and white papers of leading projects in the field, ranking them based on their fundraising scale ). This comprehensive collection and analysis of materials provide a solid foundation for the writing of this article.

( 1. Basics of zk-SNARKs

)# 1. Overview

In 1985, scholars Goldwasser, Micali, and Rackoff first proposed zk-SNARKs in their paper "The Knowledge Complexity of Interactive Proof-Systems". This paper laid the foundation for zk-SNARKs, defining many concepts that influenced subsequent academic research. For example, the definition of knowledge is "the output of an infeasible computation", meaning that knowledge must be an output and an infeasible computation, which implies it cannot be a simple function, but rather a complex one. Infeasible computation is commonly understood as an NP problem, which is a problem that can verify the correctness of its solution in polynomial time, where polynomial time refers to the runtime of an algorithm that can be expressed as a polynomial function of the input size. This is an important criterion for measuring the efficiency and feasibility of algorithms in computer science. Due to the complexity of solving NP problems, they are considered infeasible computations; however, their verification process is relatively simple, making them very suitable for zk-SNARKs verification.

A classic example of an NP problem is the Traveling Salesman Problem, where the goal is to find the shortest path that visits a series of cities and returns to the starting point. While finding the shortest path can be challenging, verifying whether a given path is the shortest is relatively easy. This is because the total distance of a specific path can be computed in polynomial time.

Goldwasser et al. introduced the concept of "knowledge complexity" in their paper to quantify the amount of knowledge that the prover reveals to the verifier in interactive proof systems. They also proposed interactive proof systems ###Interactive Proof Systems, IPS###, where the prover (Prover) and the verifier (Verifier) interact through multiple rounds to prove the truth of a statement.

In summary, the definition of zk-SNARKs summarized by Goldwasser et al. is a special type of interactive proof, where the verifier does not gain any additional information other than the truth value of the statement during the verification process; and it proposes three basic characteristics including:

1. Completeness: If the proof is true, an honest prover can convince an honest verifier of this fact;

2. Reliability: If the prover does not know the content of the statement, he can only deceive the verifier with negligible probability;

3. Zero-knowledge: After the proof process is completed, the verifier only obtains the information "the prover possesses this knowledge" and cannot gain any additional content.

(# 2.zk-SNARKs example

To better understand zk-SNARKs and their properties, here is an example of verifying whether a prover possesses certain confidential information, which is divided into three phases: setup, challenge, and response.

Step 1: Set up

At this step, the prover's goal is to create a proof that he knows a secret number s, but does not directly reveal s. Let the secret number s be;

Choose two large prime numbers p and q, and calculate their product n. Given the prime numbers p and q, calculate the resulting n;

Calculate v=s^2 mod n, here, v is sent to the verifier as part of the proof, but it is not sufficient for the verifier or any onlooker to infer s.

Randomly select an integer r, calculate x = r^2 mod n and send it to the verifier. This value x is used for the subsequent verification process, but s is also not exposed. Let the random integer r, and calculate the obtained x.

Step 2: Challenge

The validator randomly selects a position a) which can be 0 or 1(, and then sends it to the prover. This "challenge" determines the steps the prover needs to take next.

Step 3: Response

According to the a value issued by the validator, the prover responds:

If a=0, the prover sends g=r) where r is the random number he chose earlier (.

If a=1, the prover calculates g=rs mod n and sends it. Let the verifier send a random bit a, and based on the value of a, the prover calculates g.

Finally, the verifier verifies whether x is equal to g^2 mod n based on the received g. If the equation holds, the verifier accepts this proof. When a=0, the verifier computes g^2 mod n to verify x on the right side; when a=1, the verifier computes g^2 mod n to verify xv on the right side.

Here, we see that the x calculated by the verifier as x=g^2 mod n indicates that the prover has successfully passed the verification process without revealing his secret number s. Here, since a can only take 0 or 1, there are only two possibilities, and the probability that the prover passes the verification by luck is 50%) when a is 0###. However, the verifier then challenges the prover n times, and the prover continuously changes the relevant numbers submitted to the verifier, always successfully passing the verification process. As a result, the probability that the prover passes the verification by luck becomes (1/2)^n(, which infinitely approaches 0), thus proving that the prover indeed knows a certain secret number s. This example demonstrates the completeness, reliability, and zero-knowledge property of the zero-knowledge proof system.

( 2. Non-interactive zk-SNARKs

)# 1. Background

zk-SNARKs(ZKP) are typically forms of interactive and online protocols in traditional concepts; for example, Sigma protocols usually require three to five rounds of interaction to complete authentication. However, in scenarios such as instant transactions or voting, there is often no opportunity for multiple rounds of interaction, especially in the application of blockchain technology, where offline verification capabilities become particularly important.

(# 2. The proposal of NIZK

In 1988, Blum, Feldman, and Micali first proposed the concept of non-interactive zero-knowledge proofs, proving the possibility for the prover and verifier to complete the authentication process without the need for multiple rounds of interaction. This breakthrough made instant transactions, voting, and blockchain applications feasible.