Zero-Knowledge Proofs can act as a powerful tool to increase privacy and can act as an essential base layer when building applications for Bitcoin, says Xiaohui Liu. Liu is the Founder and CEO of sCrypt, a company dedicated to providing integrated on-chain smart contracting solutions on BSV.
Speaking at the recent IEEE Blockchain Event held at the University of Exeter, Liu noted that when people think of Bitcoin’s peer-to-peer capabilities and properties it is most commonly associated with payments. However, Bitcoin also has powerful data integrity features, which enable anyone to verify and certify data, and the actions performed upon it, he said.
A Zero-Knowledge Proof lets one party (a prover) who claims to know a secret, convince another party (a verifier) that the claim is valid, whilst not revealing the secret. Because of the hiding nature of ZKP, it can be used in many cases where privacy is desirable. More importantly, it can also be used as a building block to construct more sophisticated protocols.
Illustrating Zero-Knowledge Proofs: Where’s Wally?
To better highlight the benefits of Zero-Knowledge Proofs, Liu gave the example of Where’s Wally? (also known as Where’s Waldo? in the US), a series of books where you have to find Wally in a scene full of colourful characters.
‘Alice claims she has found Waldo in this picture and tells Bob she knows where he is. She tells him that she knows where Waldo is but won’t tell him exactly. So, how can she prove to him that she has found Waldo without showing his exact position?’
‘Alice then takes a large board and cuts out a segment that looks exactly like Waldo and moves the picture so that the cutout clearly highlights Waldo. In this way, Bob is convinced that Peggy’s claim is valid, while still not knowing Waldo’s exact location. That is a Zero-Knowledge Proof.’
This is also the case with digital signatures in the blockchain world, said Liu. ‘For example, if Alice wants to send some Bitcoin to Bob, she first has to show proof of having a private key corresponding to a Bitcoin address.’
‘She cannot just disclose this key to the blockchain as other people could just steal her coins. In this case, she can just use a digital signature which proves to the blockchain and miners that she does know the key without disclosing it.’
Privacy and scalability
While Zero-Knowledge Proofs might seem abstract and theoretical, Liu noted that there are two key benefits:
- Privacy
- Scalability
Arguably, the most significant and most obvious benefit is the extra privacy that Zero-Knowledge Proofs offer in that people can prove something without actually disclosing their personal information, said Liu. He added that this process is very fast and the proof itself is small in size (several hundred kilobytes), which enables a lot of applications which are not available on other blockchains.
Tornado Cash and the problems with exchanges
Citing the recent controversy around Tornado Cash, Liu noted that Zero-Knowledge Proofs would prevent bad actors from using the blockchain to hide anonymously. He added that exchanges could benefit enormously from their implementation.
Many users today prefer to store their cryptocurrency asserts with centralized exchanges for ease of use similar to online banking, to avoid the difficulty and risk of managing cryptographic keys themselves. Unfortunately, storing assets with an exchange exposes users to the risk of the exchange losing them due to external or internal theft.
Zero-Knowledge Proofs allow an exchange to cryptographically prove solvency, meaning its assets cover its liabilities. The proof does not disclose any private information, including its customers, the addresses it controls, and total liabilities. Liu notes that this can also be complementary to trusted auditing, which can be costly or can be applied independently.
Zero-Knowledge Proofs and gaming
Liu added that another use for Zero-Knowledge Proofs on the blockchain is in gaming, with several of the world’s most popular games – such as battleship and poker – relying on incomplete information.
‘This type of game seems impossible on the blockchain, as the whole point is to guess the location of something. If you put the entire game state on the blockchain then your opponent can see it – there’s no guessing anymore. But if I don’t put it on-chain, how do you know that nobody is cheating?
‘This dilemma is solved by Zero-Knowledge Proofs. With Battleship, we would just hash the position of the fleet and commit that to the blockchain. Every time we make a move we would then also submit that to the blockchain to determine whether it was a hit or miss.’