1/ In the first part of my deep dive into zero-knowledge rollups (zkr), I focused on the history of L2 scaling

In the second part (below), my focus shifts to the wild world of zero-knowledge proofs (zkp), the underlying technology for zkr

🧵👇

cryptoexplainere60.substack.com/p/zk-world-pt-…
2/ The concept of a zkp came from a 1985 academic paper out of @MIT

The idea is there is a prover and a verifier - the prover can prove the truth of information to the verifier w/o revealing the information itself
3/ Technically speaking, zkp is a protocol btwn prover and verifier in which a prover can convince the verifier of the validity of a claim w/o revealing anything other than the proof itself that the claim is true

Should be impossible... which is why its so cool!
4/ An example comes from the Where's Waldo? game

How can a prover prove knowing where Waldo is to the verifier w/ "zero-knowledge"?
5/ In a "traditional" proof, a prover would point to Walod or say, "Waldo is next to the red stripped tent" but that would convey knowledge

There is a way around this...
6/ The prover takes a large piece of paper and cuts a small hole in the middle

The prover then places the small hole in the middle so that only Waldo is showing to the verifier

Once the verifier comes to check the answer, the verifier is able to see Waldo and nothing else
7/ The verifier is convinced that the prover knows where Waldo is while all the info about Waldo’s exact whereabouts remains private

This is the big idea - the proof itself is used to verify the truth
8/ If the prover instead showed the verifier a sailboat behind the paper, then the verifier would know that it was false

This is an oversimplification but conceptually what a zkp is
9/ Zkp have three properties:

- Completeness: if the provers claim is true then there is no artificial help needed to verify

- Soundness: if the provers claim is false, then under no scenario can the verifier be convinced that it is true
10/ Properties pt. 2:

- Zero-knowledge: prover does not present any additional knowledge other than the proof itself
11/ Why is this important?

- Privacy: zkp allow for privacy of information

- Scalability: verification time is faster than execution time
12/ There are two main types of zkp - zk-SNARKs & zk-STARKs

zk-SNARKs were first proposed by researchers in 2012

SNARKs first successful implementation was @zcash
13/ SNARK stand for:

Succinct - verified quickly w/ small proof length

Non-Interactive - prover & verifier limit interactions

ARgument of
Knowledge
14/ The problem w/ SNARKs is that to efficiently implement the system to be able to publish to a blockchain, a trusted setup is needed (Zcash for example) - this is a security vulnerability
15/ zk-STARKs were first introduced by a team of researchers in 2018 including @EliBenSasson who went on to co-found @StarkWareLtd

STARKs build upon SNARKs while fixing the trusted setup issue
16/ STARK is for:

Scalable - "fully scalable" 

Transparent - no trusted setup

ARgument of
Knowledge
17/ STARKs aim to be more scalable than SNARKs while solving for the trusted setup issue

STARKs are also secure against quantum computing

As a tradeoff, STARKs are more complex, have higher proof sizes, and higher @ethereum verification gas costs

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with DecryptCrypto

DecryptCrypto Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

:(