In cryptography, zero-knowledge proof is a proof method that refers to a party ( The prover) proves to another party (the verifier) that a statement is true without revealing any information other than that the statement is true.
Proofs in daily life are not zero-knowledge. For example, when buyers must prove they are over 21 to purchase alcohol, they present identification with their date of birth. But this method of proof is flawed because while proving that the age requirement is met, it also discloses other unrelated but sensitive information, such as name and address.
In comparison, zero-knowledge proofs are superior because they do not require the prover to reveal details about the statement itself or how he/she discovered the truth. Suppose Alice is color blind and cannot tell the difference between a blue ball and a red ball. Alice thinks the two balls are the same, but Bob wants to prove to Alice that the two balls are different in a zero-knowledge way. Bob can rely on the following mechanisms.
Bob asks Alice to hold a ball in each hand and put her hands behind her back. The left hand is blue and the right hand is red. Alice can decide whether to swap the balls in her left and right hands. Alice then shows Bob the two balls again, and Bob tells Alice whether she swapped the balls.
Alice: Did I change the ball? (Left hand changes from blue to red)
Bob: Yes.
Alice: Did I change the ball? (The left hand is still red)
Bob: No, not last time.
Alice and Bob keep repeating this process until Alice is convinced that the two balls are indeed different, otherwise Bob will not always be able to accurately determine what Alice is doing behind her back. Note that in this process, Bob does not need to tell Alice which ball is blue, nor does he need to explain how he knows it.
The above zero-knowledge proof example is interactive. Although it is easy to understand, it is not practical as a practical solution because it requires both parties to communicate with each other multiple times before establishing a proof.
Researchers invented non-interactive zero-knowledge proofs to solve these problems. Non-interactive proofs require only one round of communication between the prover and the verifier. The prover feeds information into a special algorithm to compute a zero-knowledge proof. The verifier can then check the proof to ensure the validity of the secret information. Another benefit of non-interactive proofs is that once the proof is generated, anyone can verify it.
In the blockchain field, zero-knowledge proof is mainly used in rollup scenarios. It enables the underlying blockchain to outsource calculations while ensuring the verifiability of calculation results. Off-chain computers execute the transaction and then submit the results along with proof that the transaction was executed correctly. This reduces on-chain network congestion and increases transaction speed.
Zero-knowledge proofs allow the underlying blockchain to verify off-chain transactions without re-execution. While zero-knowledge proofs are technically superior, research surrounding the topic is still in its early stages. It will be at least a few years before zero-knowledge proof technology is actually adopted.
You may also be interested in the following:
- What is the Byzantine Generals Problem