A Comprehensive Overview and Future Prospects of zk-SNARKs Technology

Summary

zk-SNARKs ( ZKP ) technology is widely regarded as one of the most important technological innovations in the blockchain field after distributed ledger technology, and it is also a key focus area for venture capital. This article provides a systematic review of nearly forty years of historical literature and recent research on zk-SNARKs technology.

First, the basic concepts and historical background of zk-SNARKs are introduced. Then, the focus is on analyzing circuit-based zk-SNARKs technologies, including the design, application, and optimization methods of models such as zkSNARK, Ben-Sasson, Pinocchio, Bulletproofs, and Ligero. In the field of computational environments, this paper introduces ZKVM and ZKEVM, exploring how they enhance transaction processing capabilities, protect privacy, and improve verification efficiency. The article also discusses the working mechanisms and optimization methods of zero-knowledge Rollup(ZK Rollup) as a Layer 2 scaling solution, as well as the latest advancements in hardware acceleration, hybrid solutions, and dedicated ZK EVM.

Finally, this article looks forward to emerging concepts such as ZKCoprocessor, ZKML, ZKThreads, ZK Sharding, and ZK StateChannels, and explores their potential in blockchain scalability, interoperability, and privacy protection.

By analyzing these latest technologies and development trends, this article provides a comprehensive perspective for understanding and applying zk-SNARKs technology, demonstrating its great potential in enhancing the efficiency and security of blockchain systems, and offering important references for future investment decisions.

Directory

Preface

1. Basics of zk-SNARKs

2. Overview

3. zk-SNARKs Example

4. Non-interactive zk-SNARKs

5. Background

6. The proposal of NIZK

7. Fiat-Shamir Transformation

8. Jens Groth and his research

9. Other Research

10. Circuit-based zk-SNARKs

11. Background

12. Basic Concepts and Characteristics of Circuit Models

13. Circuit Design and Applications in zk-SNARKs

14. Potential Defects and Challenges

IV. zk-SNARKs Model

1. Background

2. Common Algorithm Models

3. Scheme based on linear PCP and discrete logarithm problem

4. Solutions Based on Ordinary People's Proofs

5. Probabilistically Checkable Proof of ( PCP ) zk-SNARKs

6. Classify the setup phase of the general proof construction based on CPC( ).

7. Overview and Development of the zk-SNARKs Virtual Machine

8. Background

9. Existing classifications of ZKVM

10. Frontend and Backend Paradigms

11. Advantages and Disadvantages of the ZKVM Paradigm

12. Overview and Development of zk-SNARKs Ethereum Virtual Machine

13. Background

14. The working principle of ZKEVM

15. The implementation process of ZKEVM

16. Features of ZKEVM

17. Overview and Development of Zero-Knowledge Layer 2 Network Solutions

18. Background

19. The Working Mechanism of ZK Rollup

20. Disadvantages and Optimizations of ZK Rollup

21. The Future Development Direction of zk-SNARKs

22. Accelerate the development of computing environments

23. The Proposal and Development of ZKML

24. Development Related to ZKP Scalability Technology

25. The Development of ZKP Interoperability

26. Conclusion

References

Preface

The internet is entering the Web3 era, and blockchain applications (DApps) are developing rapidly, with new applications emerging every day. In recent years, blockchain platforms have been handling millions of user activities daily, processing billions of transactions. The vast amount of data generated by these transactions often includes sensitive personal information such as user identities, transaction amounts, account addresses, and account balances. Given the characteristics of openness and transparency of blockchain, this stored data is open to everyone, which has led to various security and privacy issues.

Currently, there are several cryptographic technologies that can address these challenges, including homomorphic encryption, ring signatures, secure multi-party computation, and zk-SNARKs. Homomorphic encryption allows for operations to be performed on ciphertext without decrypting it, helping to protect the security of account balances and transaction amounts, but it cannot protect the security of account addresses. Ring signatures provide a special form of digital signature that can hide the identity of the signer, thereby protecting the security of account addresses, but they are ineffective in protecting account balances and transaction amounts. Secure multi-party computation allows for the distribution of computational tasks among multiple participants without any participant knowing the data of other participants, effectively protecting the security of account balances and transaction amounts, but it also cannot protect the security of account addresses. Furthermore, homomorphic encryption, ring signatures, and secure multi-party computation cannot be used to verify whether the prover has sufficient transaction amounts in a blockchain environment without revealing transaction amounts, account addresses, and account balances.

zk-SNARKs is a more comprehensive solution that allows for the verification of certain propositions without disclosing any intermediary data. This verification protocol does not require complex public key infrastructure, and its repeated implementation does not provide malicious users with opportunities to gain additional useful information. Through ZKP, the verifier is able to confirm whether the prover has sufficient transaction amounts without revealing any private transaction data. The verification process includes generating a proof containing the amount of transaction claimed by the prover, which is then passed to the verifier. The verifier performs predefined calculations on the proof and produces a final calculation result, thereby determining whether to accept the prover's statement. If the prover's statement is accepted, it means they possess sufficient transaction amounts. The above verification process can be recorded on the blockchain, with no forgery.

The ZKP feature plays a core role in blockchain transactions and cryptocurrency applications, especially in privacy protection and network scalability, making it not only a focal point of academic research but also widely regarded as one of the most important technological innovations since the successful implementation of distributed ledger technology—particularly Bitcoin. It is also a key track for industry applications and venture capital.

As a result, many network projects based on ZKP have emerged one after another, such as ZkSync, StarkNet, Mina, Filecoin, and Aleo. With the development of these projects, innovative algorithms related to ZKP are constantly being reported, with new algorithms emerging almost every week. In addition, the hardware development related to ZKP technology is also progressing rapidly, including chips specifically optimized for ZKP. For example, projects like Ingonyama, Irreducible, and Cysic have completed large-scale fundraising, and these developments not only showcase the rapid advancement of ZKP technology but also reflect the shift from general-purpose hardware to dedicated hardware such as GPUs, FPGAs, and ASICs.

These developments indicate that zk-SNARKs technology is not only an important breakthrough in the field of cryptography but also a key driving force for achieving broader applications of blockchain technology—especially in enhancing privacy protection and processing capabilities.

Therefore, we have decided to systematically organize the knowledge related to zk-SNARKs ( ZKP ) to better assist us in making future investment decisions. To this end, we have comprehensively reviewed the core academic papers related to ZKP, ranking them based on relevance and citation counts (; at the same time, we have also conducted a detailed analysis of the materials and white papers of leading projects in the field, ranking them according to their financing scale ). This comprehensive collection and analysis of materials has provided a solid foundation for the writing of this article.

( 1. Basics of zk-SNARKs

)# 1. Overview

In 1985, scholars Goldwasser, Micali, and Rackoff first proposed zk-SNARKs in their paper "The Knowledge Complexity of Interactive Proof-Systems". This paper laid the foundation for zero-knowledge proofs, defining many concepts that influenced subsequent academic research. For example, the definition of knowledge is the output of "unfeasible computation", which means knowledge must be an output, and it must be an unfeasible computation, indicating that it cannot be a simple function but must be a complex function. Unfeasible computation can generally be understood as an NP problem, which is a problem for which the correctness of its solution can be verified in polynomial time; polynomial time refers to the time an algorithm takes to run, which can be expressed as a polynomial function of the input size. This is an important criterion for measuring the efficiency and feasibility of algorithms in computer science. Since the process of solving NP problems is complex, they are considered unfeasible computations; however, their verification process is relatively simple, making them very suitable for zero-knowledge proof verification.

A classic example of an NP problem is the Traveling Salesman Problem, where the goal is to find the shortest path that visits a series of cities and returns to the starting point. While finding the shortest path can be difficult, verifying whether a given path is the shortest is relatively easy. This is because the total distance of a specific path can be verified in polynomial time.

Goldwasser et al. introduced the concept of "knowledge complexity" ### knowledge complexity ### in their paper to quantify the amount of knowledge that the prover leaks to the verifier in interactive proof systems. They also proposed interactive proof systems ( Interactive Proof Systems, IPS ), in which the prover ( Prover ) and the verifier ( Verifier ) prove the truth of a statement through multiple rounds of interaction.

In summary, the definition of zk-SNARKs summarized by Goldwasser et al. is a special type of interactive proof, where the verifier does not gain any additional information other than the truth value of the statement during the verification process; and three basic properties are proposed, including:

1. Completeness ( completeness ): If the proof is true, a honest prover can convince an honest verifier of this fact;

2. Reliability ( soundness ): If the prover does not know the content of the statement, he can only deceive the verifier with negligible probability;

3.zk-SNARKs(zero-knowledge): After the proof process is completed, the verifier only obtains the information "the prover possesses this knowledge" and cannot obtain any additional content.

(# 2.zk-SNARKs example

To better understand zk-SNARKs and their properties, here is an example of verifying whether a prover possesses certain private information, which is divided into three stages: setup, challenge, and response.

Step 1: Set )Setup(

At this step, the prover's goal is to create a proof that he knows a secret number s, without directly revealing s. Let s be the secret number;

Choose two large prime numbers p and q, and calculate their product n. Let the prime numbers p and q, calculate the resulting n.

Calculate v=s^2 mod n, here, v is sent to the verifier as part of the proof, but it is not sufficient for the verifier or any bystander to infer s.

Randomly choose an integer r, calculate x = r^2 mod n and send it to the verifier. This value x is used for the subsequent verification process, but does not expose s either. Let the random integer r, and calculate the obtained x.

Step 2: Challenge )Challenge(

The validator randomly selects a position a) which can be 0 or 1(, and then sends it to the prover. This "challenge" determines the steps the prover needs to take next.

Step 3: Respond )Response###

According to the a value sent by the validator, the prover responds:

If a=0, the prover sends g=r( where r is the random number he selected earlier ).

If a=1, the prover calculates g=rs mod n and sends it. Let the random bit a sent by the verifier, based on the value of a, the prover calculates g;

Finally, the verifier checks whether g^2 mod n is equal to xa^v mod n based on the received g. If the equation holds, the verifier accepts this proof. When a=0, the verifier calculates g^2 mod n and verifies the right side xa^v mod n; when a=1, the verifier calculates g^2 mod n and verifies the right side xa^v mod n.

Here, we see that the g^2 mod n=xa^v mod n calculated by the verifier indicates that the prover has successfully passed the verification process without revealing his secret number s. Here, since a can only take the values 0 or 1, there are only two possibilities, and the probability that the prover passes the verification by chance when a is 0 is 1/2. However, the verifier then challenges the prover n times, and the prover continuously changes the relevant numbers and submits them to the verifier, successfully passing the verification process each time. Thus, the probability that the prover passes the verification by chance approaches 0 as n tends to infinity, leading to the conclusion that the prover indeed knows a secret number s. This example demonstrates the completeness, soundness, and zero-knowledge property of the zero-knowledge proof system.

( 2. Non-interactive zk-SNARKs

)# 1. Background

zk-SNARKs(ZKP) is typically an interactive and online protocol in traditional concepts; for example, Sigma protocols usually require three to five rounds of interaction to complete the authentication. However, in scenarios such as instant transactions or voting, there is often no opportunity for multiple rounds of interaction, especially in the application of blockchain technology, where offline verification capabilities are particularly important.

(# 2. The Proposal of NIZK

1