Jump to content

Zero Knowledge Proofs: An illustrated primer


Recommended Posts

What are they, how do they work, and are they fast yet?


Introduction: One of the best things about modern cryptography is the beautiful terminology. You could start any number of punk bands (or Tumblrs) named after cryptography terms like ‘hard-core predicate’, ‘trapdoor function’, or ‘impossible differential cryptanalysis’. And of course, I haven’t even mentioned the one term that surpasses all of these. That term is ‘zero knowledge‘.


In fact, the term ‘zero knowledge’ is so appealing that it leads to problems. People misuse it, assuming that zero knowledge must be synonymous with ‘really, really secure‘. Hence it gets tacked onto all kinds of stuff — like encryption systems and anonymity networks — that really have nothing to do with true zero knowledge protocols.


This all serves to underscore a point: zero-knowledge proofs are one of the most powerful tools cryptographers have ever devised. But unfortunately they’re also relatively poorly understood. In this series of posts I’m going try to give a (mostly) nonmathematical description of what ZK proofs are, and what makes them so special. In this post and the next I’ll talk about some of the ZK protocols we actually use.



What is a zero-knowledge proof?

Zero-knowledge proving systems

Implementations of proving systems

Low-level libraries/languages for writing circuits

  • libsnark’s gadgetlib1 and gadgetlib2 - C++ libraries for for building circuits for preprocessing zk-SNARKs
  • jsnark - Java library for building circuits for preprocessing zk-SNARKs, backed by libsnark
  • ZoKrates - Toolbox for zk-SNARKs on Ethereum, backed by libsnark
  • Snarky - OCaml front-end for writing R1CS SNARKs, currently backed by libsnark

General-purpose compilers from high-level languages

Example circuits

Standardization efforts


If interested, please read the primer < here >.



Link to comment
Share on other sites

  • Replies 0
  • Views 527
  • Created
  • Last Reply


This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...