Or what are zkSnarks and why do they matter Ethereum co-founder Vitalik Buterin the virtues of a technology that could help scale Ethereum “by a huge amount.” recently extolled What has Ethereum gurus and wizards buzzing? cryptography It’s called zkSnarks (pronounced zee-kay Snarks), and it’s essentially a technology that can verify a computation having to execute the computation knowing what was executed. This might be a bit confusing or even appear mystical, technically-infeasible. For some clarity, here’s a mini-story that illustrates the basic principle of zkSnarks. without or Double Trouble Our story begins with a parrot and a viper, who have an affectionate yet mischievous relationship. The two friends are prowling the jungle in search of a tropical treat. Shortly after setting off, they come upon a tree bearing two mangoes. Upon inspection, the viper remarks excitedly that the mangoes are (miraculously) identical! The parrot disagrees and insists that there is indeed a difference. There’s good reason for this dispute: while snakes are color-blind, parrots have superb vision. And so, the parrot, unlike the viper, recognizes a subtle difference in color between the two mangoes. The parrot proposes a game to prove she is right but desires to do so without revealing the two mangoes are different. The viper reluctantly agrees and the game begins. how Each round, the viper hides both mangoes from the parrot and chooses one mango to reveal. The parrot then decides if the revealed mango is the same as in the previous round. After many rounds have passed, the parrot boasts a perfect score; she’s guessed correctly every round. Illustrations by . Lea Filipo With each successive round, it becomes increasingly likely that the two fruit are different. How else could the parrot guess correctly every time? Faced with the parrot’s success, the viper has no choice but to concede that the two mangoes are indeed different. You can think of the parrot as the and the viper as the . prover verifier This — admittedly strange — tale illustrates the ‘zero-knowledge’ or property of _zk_Snarks. During the above interaction, the parrot convinces the viper that a certain statement is true (that the two mangoes are different) revealing it’s true (because they are different colors). This framing should look familiar to the definition that we laid out at the beginning of the article. zk without why Take the core concept of this story, add a dash of cryptography, toss it in the world of , and you’ll end up with a rough but palatable approximation of zkSnarks. blockchain Now that we have a sense of how zkSnarks , let’s have a look at what they can . work do Taking the Plunge Before we talk about how zkSnarks could help scale Ethereum by a “huge amount,” there’s another use case that’s worth mentioning: privacy. Crypto projects like use them as a way to maintain a publicly-verified ledger while shielding participant identification and keeping transaction data anonymous. Zcash How does it work? Think back to the parrot’s game. But instead of mischief and mangoes, think in terms of tokens and transfers. Simply put, someone can prove ownership of a token and send it to someone else revealing the value of the token the identity of the recipient. Again this framing should look familiar to the definition that we laid out at the beginning of the article. without or Scalability Privacy is undoubtedly cool. But developers soon realized that zkSnarks could also alleviate Ethereum’s scalability issues. ZkSnarks could be leveraged to generate small and tidy computational proofs — even if the computation in question was executed , that is, untethered to the Ethereum network. off-chain The process of simply verifying one of these proofs is cheaper and faster than having to execute the computation on the Ethereum network. So, This process basically offloads the computational heavy lifting to off-chain computational resources and thereby frees up far more limited on-chain resources. zkSnark proofs can be generated and then verified . off-chain on-chain In other words, this process essentially shrinks the amount of on-chain resources needed for each computation. And if each computation consumes fewer resources, the Ethereum network can process more of them. The end result? More scalability. Crucially, zkSnarks maintains the of on-chain computations. That is, you can still prove that you ran your program or executed a certain smart contract in a trustless manner. security guarantees Vitalik Buterin preaching the gospel of zkSnarks. As Buterin mentions in this Tweet, a zkSnark is considered a ‘layer 2’ solution, which means that it could be implemented without altering the blockchain itself. But, unlike other ‘layer 2’ solutions, such as or , zkSnarks doesn’t require data to be held off-chain. (For the curious, a ‘layer 1’ solution, like , directly alters the functionality of the base-layer blockchain.) Plasma Raiden sharding The Road Ahead . It won’t vanquish Ethereum’s scalability limitations overnight. And it still faces a number of technical hurdles. While clever solutions are already in the works (e.g. ), the true promise of zkSnarks is patiently awaiting real-world deployment and implementation. zkSnarks isn’t a silver bullet this one Despite its nascent form, the technology represents a promising route toward a more functional Ethereum network. Vitalik Buterin estimated that — an increase of over 30x. While this is surely a tall claim, Buterin isn’t known to be the hyperbolic type. And if he’s right, headlines decrying Ethereum’s inability to process transactions could be(god-willing) a thing of the past. zkSnarks could bring the Ethereum network throughput from 15 to 500 transactions per second CryptoKitty Other Resources Check out what Gnosis developers are doing with zkSnarks. Here’s a tutorial about deploying zkSnarks from Felix, a developer at Gnosis. Follow Gnosis on Twitter. Follow me on Twitter. , and Kei Kreutler._ Much thanks to Lauren Dunmore, Lea Filipowicz, Nadja Bene_š
Share Your Thoughts