How Zero-Knowledge Proof Enables Trustless Transactions and Increases Your Privacy
While the challenges facing the future viability of Bitcoin and other cryptocurrencies remain unresolved, the underpinning technology that supports Bitcoin, Blockchain, has the potential to revolutionise the way we leverage trust- and even the way we think about trust.
Trust is a fundamental good that, while largely intangible, is key to the functioning of practically every meaningful interaction in society. We tend to think of trust concerning business, banking, relationships and finance since the necessity of trust in these areas is clear and undeniable. In fact, without trust, no transaction can go forward – indeed, the very idea of even the simplest negotiations becomes implausible without it. Without trust, the law becomes tyranny and business become piracy.
At present, trust has been made diffuse across systems. We have our system of credit, various checks and balances, laws, and regulations, as well as whatever security measures we have in place. We extend credit to people and organisations in whom we have trust. To establish this trust, we rely on reputation, proven track records of trustworthiness, and other vague notions. This allows us to do business with people whom we may not necessarily trust – in the strictest sense of the word. But there are still loopholes in our systems and flaws in security that enable bad actors to commit fraud, theft, perjury, and so on.
Trust and Privacy
Blockchain technology has the potential to change the nature of trust – not only in digitally rendered transactions but also in everyday life. Traditionally, trust and credit are relatively synonymous. However, trust also has a victim, called privacy. To trust one another, we have to give away some of our privacy. As such, trust is closely related to your identity. If I am to trust you, I want to know who you are.
The problem with this becomes quite clear with a simple example; if you want to buy alcohol, the shop or bar needs to know whether you are legally allowed to do so. Since the shop or bar owner does not know you, he/she does not trust you if you simply state that you are old enough to do so. Fair enough, as you might be lying. To solve the issue, you are asked for your government-issued identity card, which states your date of birth. Unfortunately, it also states your name, identity number and a whole bunch of other, private, information. When purchasing alcohol, your name really is not relevant to determine whether you are legally allowed to buy alcohol, not even is your date of birth. Unfortunately, it was never possible to offer a level of trust that you are old enough, without also revealing sensitive information. Until now.
Zero-Knowledge Proof to Ensure Privacy
Zero-Knowledge Proof (ZKP) is a method used in cryptography to prove ownership of a specific piece of knowledge without revealing the content of that knowledge. In other words, you can get your alcohol without revealing who you are and when you were born but with proof that you are old enough to buy alcohol. Zero-Knowledge Proof ensures that data can be shared without leaking personal information and one party can prove a certain fact without revealing that information, thereby creating the required trust to perform a transaction. Zero-Knowledge Proof creates trustless transactions that protect users’ privacy using mathematics. As such, ZKP improves verification processes to such an extent that one party can prove to another party that a given statement is true, without revealing any information about that statement. It offers a statistically (probabilistically) checkable proof.
Key Characteristics of ZKP
For a Zero-Knowledge Proof to be sound and thorough, it has to have three characteristics; completeness, soundness, and zero-knowledge.
Completeness: assuming the statement is true, an honest verifier who is faithfully and correctly following the protocol, will be rightly convinced of the fact sought by the actions of an honest prover which is faithfully and correctly following the protocol.
Soundness: Falsification by the prover must be impossible. There should be no way for the prover to falsify knowledge and falsely convince the verifier. That is to say- the verifier cannot be deceived given the perimeters of the ZKP.
True Zero Knowledge: If it is the case that the statement is true, the verifier can learn nothing other than the truth of the statement. In the example above, the verifier (the shop or bar) can learn that the prover (the customer) is old enough to purchase alcohol, without revealing any information including the date of birth. If the verifier learns anything other than the fact that the prover is old enough, the condition of zero-knowledge will have been violated- and you no longer have a true ZKP.
Blockchain Startups Currently Working on ZKP
ZKP techniques are currently being developed and used by various cryptocurrencies including Zcash, SmartCash, ZeroVert, and Zerocash. Ethereum is also experimenting with ZKP, called as zk-SNARKS, originally developed by Zcash, and zk-STARKS to ensure privacy and auditability on the Ethereum blockchain. Another lesser-known digital currency called PIVX is also developing its own ZKP. PIVX is now using a security protocol they refer to as wallet coin mixing- a more highly developed version of CoinJoin, a specialised anonymising wallet service. This provides a degree of anonymity by mixing units of value into a semi-common wallet. PIVX is moving toward ZKP for the simple reason that the user’s identities cannot be traced back to their source. Although Bitcoin officially logged its first zero-knowledge contingent payment (ZKCP) in 2016, is unlikely that Bitcoin will move to ZKP anytime soon.
How ZKP Can Change Improve Privacy
At present, most current blockchain technologies are only pseudonymous. User’s identities can be traced back to their transactions by linking blockchain transactions if a hacker, or the government, can link a real name with a network address. Despite the sterling reputation of blockchain as the perfect cybersecurity solution, many in the know are aware of this weakness. In fact, law enforcement all over the world has been exploiting this vulnerability to catch criminals, such as the proprietors of the Silk Road, an infamous online black market.
But Zero-Knowledge Proof could fill the gaps left vulnerable by the flawed anonymity provided by some distributed ledger technologies. ZKP raises the bar for certainty in cryptography because a true piece of zero proof knowledge is- in theory- unbreakable. It transforms the basic commodity of trust from being synonymous with crossing your fingers and lack of privacy, into a real, unbreakable and 100% private, virtual, good. As such, Zero Knowledge Proof enables self-sovereign identities, which I discussed earlier.
ZKP still has some (technical) challenges to overcome, not the least of which is cultural. Not having to show your government-issued identity to proof your age will require many people to get used to and at first, many will remain sceptical. Nevertheless, a society where trust is created using Zero-Knowledge Proof is a more private society. It will bring back control of your privacy to the consumer instead of leaving it in the hands of organisations. As such, trustless transactions will improve your privacy.