Unlocking the Secrets of Zero Knowledge Proofs: A Guide to a Secure and Private Internet
In today’s digital age, where almost every aspect of our lives is connected to the internet, the threat of identity theft looms large.
The exponential increase in cyberattacks and data breaches has made it easier for hackers to steal personal information and commit fraud, leaving millions of people vulnerable to the threat of identity theft.
Shockingly, in 2022, over 60 million people fell victim to identity fraud, resulting in over 1 billion US dollars in losses. The harsh reality is that even trusted websites may not be immune to these attacks, leaving your sensitive data at risk. As a matter of fact, it’s the digital equivalent of whispering a secret in a crowded bar – you never know who might be listening.
As you might know, databases can be hacked, the data sent to the WiFi you are connected to could be intercepted, and phishing websites could allow you to visit a malicious replicate website. In other words, the internet is like the Wild West, full of danger at every turn.
It is a bar thing!
When a person presents their ID at a bar, they essentially disclose their entire identity. Similarly, when an individual provides proof of funds, they reveal their complete bank account details and transaction history.
For a long time, it was common sense to provide a statement with collateral revelation of other information, an action that is definitely unecessary. Usually, everyone takes it for granted but in the digital age, where sensitive information is being shared daily and viewed by malicious actors, privacy is king.
However, it all comes down to these questions: how can a person verify their age without revealing their whole identity? How can they prove they deposited funds without revealing their bank account details? How can a user become more secure on the internet, and finally, how can two parties share private information with each other without even trusting one another?
This is exactly where Zero Knowledge Proofs (ZKPs) come into play.
Zero Knowledge Proofs is a technology that allows a person to prove that a statement is true to another person without revealing any information other than what is actually needed.
Let us take a simple example:
Jill and Joe play cards every night to have fun. One day, Joe admits that he was cheating by having a secret mark on the back of the cards to know which is red and which is black.
Jill, shocked, did not trust him and wanted proof that Joe can indeed identify the color of the card from the back. However, Joe did not want to reveal the secret mark he left on the cards, but insisted on showing that he could.
Therefore, he asked Jill to put a card face down on the table. He directly said it was red, and indeed when revealed, it turned out to be a red card.
Joe had a 50% chance of getting the color right. But then, they repeated it 5 times, leaving Joe with a 3.125% chance of hitting the mark.
If Joe were to repeat the task 20 times consecutively, the probability of it being attributed to pure chance would decrease to 0.000009%. As the number of times he performs the task increases, the probability of it being a result of pure luck approaches 0%. Therefore, Joe’s ability to identify a red card from a black one is proven beyond doubt.
This is exactly how Zero Knowledge Proofs work. In fact, a cryptographic circuit is composed of cryptographic algorithms that validate a proof numerous times and produces a “code” that a system can instantly authenticate to verify the truthfulness of the statement.
In reality, these ZKPs are complex cryptographic algorithms that are used to ensure security and completeness of the proofs that are generated.
An example of this is Tornado Cash, a decentralized app that has attracted both attention and controversy. It utilizes ZKPs to enable users to deposit and withdraw cryptocurrencies anonymously, without associating the deposit with the withdrawal address.
This has allowed anyone, with malicious or non-malicious intent, to transfer cryptocurrencies out of a doxxed (known) wallet to an anonymous wallet, leading to the arrest of developers, the ban of others, and a huge US blacklist of cryptocurrency addresses that interacted with the protocol.
In addition to that, ZKPs are utilized by layer-2 blockchains that operate on top of layer-1 blockchains like Ethereum to enhance scalability and lower transaction costs.
These blockchains perform the transaction processing and validate that they have processed all the transactions without revealing the specific processed ones.
The use of Zero Knowledge Proofs prompts a discussion on how it can enhance privacy and security in a trustless digital setting, which raises some new questions:
How can we handle the new age of privacy? How will governments handle it? Are we even ready for it? Let us keep these questions for another day.