Zk-starks White Paper Aims for Zcash-level Privacy Without the Trusted Setup


A team of researchers has released a white paper for zk-starks, a much-anticipated blockchain privacy technology that has been lauded as a way to achieve zcash-level privacy without the risk of using a trusted setup.

One of the chief criticisms of using public blockchains like bitcoin to store monetary value is that they are the equivalent of making everyone’s bank account records publicly-accessible. Though the data is technically pseudonymous, it is often quite simple for governments and other powerful actors to associate addresses with their owners.

The zk-starks white paper, published on Jan. 12 by a team of researchers led by Eli Ben-Sasson of the Technion-Israel Institute of Technology, represents the latest attempt to use zero-knowledge (ZK) proofs to rectify the need for a public ledger to validate the integrity of the blockchain with the importance of protecting user privacy.

The white paper states:

“Human dignity demands that personal information, like medical and forensic data, be hidden from the public. But veils of secrecy designed to preserve privacy may also be abused to cover up lies and deceit by parties entrusted with Data, unjustly harming citizens and eroding trust in central institutions.”

The gripe with current ZK implementations — the most notable of which is the zk-snark technology currently used by the zcash cryptocurrency — is that they require the creation of a “master key.” The team behind zcash went to elaborate lengths to ensure that this key was not compromised during the launch of the network and was destroyed after its deployment.

However, the problem with such a trusted setup is that there is no way to conclusively verify that the key was destroyed without being compromised by a potentially hostile actor, who could use it to print new units of currency at will. The stakes of this trusted setup only increase along with zcash’s market cap, creating what some would term untenable systemic risk if zcash ever approached mass adoption.

“Public trust demands transparency from ZK systems, meaning they be set up with no reliance on any trusted party, and have no trapdoors that could be exploited by powerful parties to bear false witness,” Ben-Sasson and his co-authors continue, adding that unfortunately “no ZK system realized thus far in code (including that used by crypto-currencies like Zcash™) has achieved both transparency and exponential verification speedup, simultaneously, for general computations.”

Zk-starks (short for a zero-knowledge system that is a scalable and transparent argument of knowledge), if realized, could introduce transparency into the equation while also retaining the blockchain’s scalability.

The white paper includes a proof-of-concept in which police investigators prove that an allegedly-corrupt presidential candidate’s DNA does not appear in the department’s forensic DNA database, without compromising the integrity or confidentiality of either the candidate’s DNA or the database.

However, as the paper notes, zk-snarks are “roughly 1000x shorter” than zk-stark proofs, so more research will be needed to mitigate this problem through shorter proofs or another solution.

Notably, researchers are also exploring ways to implement ZK proofs into Bitcoin. Stanford University’s Applied Cryptography Group, for instance, recently released a white paper for Bulletproofs, a ZK protocol that could be used to increase the privacy of bitcoin transactions without a trusted setup.

Featured Image from Pexels

Edward Snowden Thinks Zcash Is “Risky, but Certain to Change Everything If It Succeeds”

edward snowden on zcash

Edward Snowden has said on Twitter that Zcash is risky, but certainly has potential. Specifically, he stated: “It’s a moonshot”, ”certain to change everything if it succeeds.” Edward Snowden’s comments on the technology behind Zcash may be part of the reason why Zcash’s price has risen so much in recent days. As of 12/21/17, ZEC is currently trading at ~$679 according to the Block Explorer Market data. 

This is just the latest one of several tweets Snowden has made on the subject of Zcash, referring to its privacy technology, known as Shielded Addresses. In the past, Snowden has even gone so far as to compare Bitcoin and Zcash, stating: “if it’s not private, it’s not safe.”

Snowden’s comments on Zcash prompt privacy debate

As a result of this public “support” from Snowden, Zcash’s opt-in privacy has come under fire by Monero users, who state that Monero is the more private and secure of the two currencies. Whether that’s true remains to be seen. Private transactions are certain to change everything, if successful. Some users criticised the fact that Zcash is maintained by a for-profit company, and whether or not that is the best idea for a privacy-oriented currency. Snowden responded raising concerns about the “founder’s fee” that the Zcash company takes, but otherwise stating that because the cryptocurrency is open source, anyone could fork and remove any issues that the company may add. Multiple other responses pointed out that while Zcash transactions can be private, they are not implicitly, and according to one response as few as 0.3% of all Zcash transactions were of the private type. 

How Anonymous Transactions work in Zcash

Zcash gives its users opt-in privacy on the blockchain through its Shielded Address. A transaction between two shielded addresses is completely private, meaning that on the blockchain, all that is visible is that a transaction happened, the source, destination, and amount transferred are all hidden. When sending from a Shielded address to a transparent address, the target and the amount the target received are visible on the blockchain, while the sender and the amount sent are not, the inverse is true for sending from a transparent address to a shielded address. And transactions between two transparent addresses are similar to those on the bitcoin blockchain, both the source and destination are visible, as is the amount transferred. It’s worth noting though, that at the time of writing, only a very small percentage of Zcash is stored in shielded addresses.

How to use a Blockchain Explorer aka Blockexplorer

blockexplorer example

BlockExplorer allows you to view information about transactions, blocks, and addresses on the Bitcoin, Bitcoin cash, and Zcash blockchains. On the main page of BlockExplorer, you will see information about the bitcoin blockchain, specifically the most recent blocks and transactions. you can select which cryptocurrency you want to view at the top of the page, and just below that you can search for block heights, transaction hashes, and addresses, and you can select which currency you wish values to be displayed to you in, this defaults to USD.

How to view blocks on BlockExplorer

For blocks, you can see the height of the block, how long ago it was mined, how many transactions were on the block, who mined it (if that information is available), and the size of the block in bytes. You can also see a constantly updating list of all the most recent transactions sent to the network

You can either click on a block height or search for a block height to view more specific information about the block, such as the number of transactions on the block, the reward that went to the person who mined the block, when the block was mined, and the number of transactions that are stored on that block. Below that information, you can see each individual transaction on the block and some information about it, such as the address it came from and the address it was sent to, the amount transferred in your selected currency, and the number of confirmations the transaction has.

How to view transactions on BlockExplorer

If you click on a transaction hash or search for one, you can view details on that transaction, such as the size in bytes it takes up in its block, the fee per kilobyte at the time of the transaction, the time it was received, and the block it is in (if applicable). Below that you can see specific information on who the transaction came from, where the transaction was sent, and how much currency was involved

How to view addresses on BlockExplorer

If you click on an address you can see what transactions have been sent to it, the total amount of currency it has received, how much it has spent, and how much it currently has available

What are blocks, transactions, and address?

A block is a list of transactions when a block is mined all the fees for the transactions in it go to the miner, and the block is added to the blockchain. A transaction is just that, a transfer of cryptocurrency from one address to another, minus the fee. 

BlockExplorer has a Bitcoin Blockexplorer, a Bitcoin Cash Blockexplorer, and a Zcash Blockexplorer. Stay tuned for more!