### BCDV 1013 - Advanced Smart Contract #### Zero knowledge Proof
Dhruvin Parikh, March 2021
### Data science
### Voting
### Sending money
### Topics * Cryptographically provable privacy * Private computation
### Agenda * Privacy on blockchain * Implementation of private computation * Real applications based on privacy * Private computation for DApps
### Privacy on blockchain
### Privacy for web3 application
### Fostering Collaboration
### Private Computation * Zero Knowledge Proofs * Secure Multiparty Computation * zk-Snarks * Homomorphic Encryption * Secure Function Evaluation * Trusted Execution Environments
### Secure Multiparty Computation (SMPC)
### Simulation proofs
### Waldo finder
### Waldo prover
### ZKP * Cryptographic protocol * ZKP is probabilistic rather than deterministic * Participants : prover and Verifier * Goal : Prover has secret X, prove to verifier without revealing information about X
### ZKP Conditions * Completeness * If the statement is true, then the honest verifier — the one that is following the protocol properly — will be convinced of this fact by an honest prover. * Soundness * If the statement is false, then no cheating prover can convince the honest verifier that it is true, except for some small probability. * Zero knowledge * If the statement is true, then no verifier learns anything, except fact that the statements is true.
### ZKP structure * witness * challenge * response
### ZKP structure : witness
### ZKP structure : challenge
### ZKP structure : response
### ZKP structure : response
### Ali baba cave example * Peggy acts as a prover * Victor acts as a verifier
### ZKP types * Interactive * Series of action by verifier to prove * Limited transferability (repetition of process) * Non-Interactive * ZK Snarks * zCASH * Used in blockhains
### non-interactive ZKP
### zk-SNARK * *zk succinct noninteractive argument of knowledge* * **Succinct** - The size of the proof is small enough to be verified in a few milliseconds. * **Noninteractive** - Only one set of information is sent to the verifier for verification, therefore there is no back and forth communication between the prover and verifier. * **Argument of knowledge** - A computationally sound proof: soundness holds against a prover that leverages polynomial-time, i.e. bounded computation.
### Accuracy * ZKP are not 100% accurate * it is minimizing the probability that someone is lying to you.
### Private transactions
### Applications * Sugar Beet Auctions (Denmark, '08') * Spectrum Auctions * Bitcoin + Privacy (Z CASH) * Decentralized Ad Auctions(AdEX) * Algorithmic re distribution of wealth(future) * Crypto-Governance(future) * Nuclear disarmament
### Downsides * Preserving privacy * SMPC is too slow (TEE is solution) * Trusting algorithm
### Exercise * Follow
this
demo, create a smart contract with a proof * Once the proof is sent do something * It can be as simple as flipping a boolean
References
Zero knowledge in web3 summit 2018
Knowledge Complexity Of Interactive Proof-systems
Hopper
by argentlabs
## End