The History, Applications, and Principles of zk-SNARKs

1. The Development History of zk-SNARKs

The zero-knowledge proof system originated from the 1985 paper by Goldwasser, Micali, and Rackoff, which explored the amount of knowledge that needs to be exchanged to prove the correctness of a statement in an interactive system. If zero-knowledge exchange can be achieved, it is called a zero-knowledge proof. Early zero-knowledge proof systems had poor efficiency and usability, mainly remaining at the theoretical level. In the past decade, with the rise of cryptography in the cryptocurrency field, zero-knowledge proofs have experienced rapid development.

The key breakthrough of zk-SNARKs is the theory proposed by Groth in 2010. In 2015, Zcash applied zk-SNARKs to transaction privacy protection, opening up broader application scenarios. Other important advancements include:

• 2013 Pinocchio protocol: compressed proof and verification time
• Groth16 in 2016: simplified proof size and improved verification efficiency
• 2017 Bulletproofs: Proposed short non-interactive zk-SNARKs
• 2018 zk-STARKs: Protocols that require no trusted setup

In addition, PLONK, Halo2, and others have also made significant improvements to zk-SNARKs.

2. Main Applications of zk-SNARKs

zk-SNARKs are currently mainly applied in two areas: privacy protection and scalability.

Privacy Protection

Early privacy trading projects like Zcash and Monero attracted a lot of attention, but as demand has weakened, they have gradually fallen to the back line. The main privacy trading projects include:

• Zcash: uses zk-SNARKs
• Monero: Use Bulletproof
• Tornado Cash: A mixing pool based on Ethereum

scalability

The application of zk-SNARKs in scaling is mainly zk-rollup. zk-rollup includes two types of roles: Sequencer and Aggregator.

• The sequencer is responsible for packaging transactions.
• The aggregator is responsible for merging transactions and generating zk-SNARKs.

The advantages of zk-rollups are low costs and fast finality, while the disadvantages include large computational requirements and the need for trusted setups.

Mainstream zk-rollup projects include: StarkNet, zkSync, Aztec Connect, Polygon Hermez, Loopring, Scroll, etc. They differ in their choice of SNARK/STARK and EVM compatibility.

3. The Basic Principles of zk-SNARKs

zk-SNARK stands for Zero-Knowledge Succinct Non-Interactive Argument of Knowledge, with the following characteristics:

• Zero Knowledge: The proof process does not reveal additional information.
• Succinct: verification succinct
• Non-interactive: Non-interactive
• Arguments of Knowledge: The prover needs to know valid information

The zk-SNARK proof process of Groth16 is as follows:

1. Convert the problem into a circuit
2. Convert the circuit to R1CS form
3. Converting R1CS to QAP form
4. Generate trusted setup parameters
5. Generate and Verify Proof

zk-SNARKs are still rapidly developing and are expected to play an important role in more fields in the future.