This week, the Mina ecosystem was at Consensus for a series of free workshops, talks, and social events.
Whether you were there or not, the mission is the same — spread the magic of zero knowledge (ZK). That’s why a few members of the ecosystem spent some time this week answering questions gathered online and IRL about ZK.
One of Mina’s ecosystem partners, O(1) Labs, kicked us off, by answering a couple of the commonly-asked questions.
Q: What’s one zero knowledge use case people haven’t heard enough about?
A: Proof of Model 👀 pic.twitter.com/2Sa6LfkdHD
— Mina Protocol 🪶 (@MinaProtocol) April 30, 2023
Ask Me Anything: ZK Edition
In no particular order, here are some answers to more commonly asked questions about zero knowledge proofs (ZKPs).
1. Do ZKPs have any benefits for sustainability?
There is no research data to back this – but in theory, using recursive zero knowledge proofs (ZKP) natively on the blockchain is more sustainable than both regular Proof-of-Stake (PoS) and Proof-of-Work (PoW) consensus mechanisms.
For instance, Mina uses recursive ZKPs natively on the blockchain so that it remains ~11KB in size. While legacy blockchains require node operators to use energy-consuming machines to verify hundreds of Gigabytes of data for running a node, Mina’s small and fixed size allows users to run a node from any regular computer which takes much less energy. When you couple that with PoS systems, you should get an incredibly eco-friendly blockchain.
2. What does unlimited composability mean, in reference to recursive ZKPs?
Recursion in relation to ZK is like a looping concept. It’s when you prove something about another proof, about another proof (or the same proof), and so on.
So unlimited composability means you can create a proof about one part of zkApp and use that proof in another part of zkApp to do something else. For example, you can create a proof that you control a Mina account with certain properties, and then pass that into another part of the smart contract that uses this information to allow funds to be transferred under certain conditions.
While recursion tends to be more focused on efficiency at the processing level, composability is more about the richness of what you can do with a proof(s) and reuse them.
3. In regards to gaming, what kind of ZK use cases or applications would you like to see?
Fully verifiable private poker — If you are playing online poker, someone could be seeing the full state of the game, or the person running the server could be communicating with someone on the side to effectively cheat. With zero knowledge proofs, you can build fully verifiable private poker to avoid data being shared, or that kind of negative dynamic.
There are a few gaming zkApps that got funded in the latest round of zkIgnite which are also interesting.
4. What’s the difference between a zkRollup and zk-zkRollup?
A zk-zkRollup refers to the fact that you are taking a ZKP of a ZKP. Basically proving that the proof is correct. It’s a way to enable more anonymity, and is another phrasing for recursive SNARKs, which is Mina in a nutshell.
There is a zkIgnite project, called Anomix, which is doing this and is making a more of a private, on-chain operation. There is another zkIgnite project that got funded called Noord which is a scalable, modular, and interoperable zk-zkRollup.
5. How is it possible that you can compress information using ZK (like Mina does with the blockchain)?
This compression is an approximation that is computationally infeasible to forge. Similar to how cryptographic hashing like SHA256 breaks the pigeonhole principle.
6. Is ZK technology only useful for scalability like rollups?
This is a common misconception. ZK is not solely about scalability— it can also be leveraged for both infrastructure and application-level privacy and attestation.
Infrastructure such as blockchains including rollups, bridges, lite clients, and state channels may use ZK technology. However, ZK is primarily unique as a cryptographic primitive for privacy as it enables information to be verified without revealing the details of that information. zkApps on Mina leverage this technology to apply its privacy-preserving capabilities to real-world applications like proving your credit score without sharing your social security number.
7. What can zero knowledge proofs prove?
Recent advancements in ZKPs have enabled the proof of arbitrary computations. Essentially, modern ZKP systems allow users to prove anything that can be expressed as a program. But there are some caveats.
Due to the unique cryptographic assumptions upon which these systems rely, certain operations that are efficient on real hardware can be inefficient in zero knowledge circuits.
8. Can adding ZKPs make anything completely private?
It would be wonderful if we could just make things private by adding zero knowledge, however, it is more nuanced than that. Zero-knowledge proofs prove computation without revealing the relevant information, but somebody still has to do the computation, and that person has to know the information.
There are a few very interesting branches of cryptography that are generating interest all of a sudden. Three of the most popular are zero knowledge proofs (proof of computation), homomorphic encryption (if A+B=C then encryptedA + encryptedB = encryptedC), and multiparty computation (spread a process across multiple parties, preventing any one party from having direct visibility into the process). Each of these technologies is powerful on its own, but their combined use can be even more potent. For example, ZKPs and homomorphic encryption used in conjunction make robust anonymous voting possible.
Zero knowledge proofs are a cutting-edge technology that is rapidly being innovated and adopted by several projects. Mina Protocol is the leader in the space with a ZK-native chain and ZK smart contract layer for applications.
If you have further questions about zero knowledge, join the #zkapps-questions or general channel on the Mina Discord or subscribe to the monthly Mina newsletter for the latest updates on the progress of ZK within the Mina ecosystem.