How ZK brings scalability, privacy, and security to DeFi, DAOs, Bridges and more.
Zero-Knowledge Proofs and Web3
In 2008, the mysterious figure known as “Satoshi” revolutionized the financial world with the groundbreaking Bitcoin Whitepaper. From its inception, however, Bitcoin has suffered from a lack of scalability and privacy, two problems Satoshi likely understood but lacked the ability to solve. Today, zero-knowledge proofs offer the cryptography to fix both issues and the potential to revolutionize DeFi, DAOs, CEXes, cross-chain bridges, and Web3 as a whole.
But what are zero-knowledge proofs (ZKPs)? How can they possibly have such a major impact on so many different areas? Besides privacy and scalability, what are the other potential impacts ZKPs can have on Web3?
Table of Contents:
Simply put, ZKPs are a way to validate data without revealing it. They can allow DAOs to issue private payroll and payments to contractors or help protect your trading movements on DEXs. They can massively increase the throughput of major chains by allowing them to store the proofs of transactions rather than the transaction data itself. It can help make Web3 more decentralized and may even help prevent bridge hacks and DeFi hacks.
After years of research, projects like Findora are putting ZKPs into production. To see what’s coming around the corner for Web3 in 2023, let’s take a look at what ZKPs are and what their impact will be.
Start Building On Findora
Creating a dApp is easy on Findora’s EVM. Are you ready to expand your user base or interested in integrating ZK? Apply for a grant to build, port, or launch a dApp on Findora.
What are Zero-Knowledge Proofs?
Zero-knowledge proofs (ZKPs) allow information to be proven true without that information being revealed. They are a method of cryptography that allows one person or party (the prover) to demonstrate to another person or party (the verifier) that certain data is valid without revealing any of that data.
For example, suppose there was a circular cave that had a magic door at the far end that could only be opened with a magic password. Bob claims to know the password, but Alice doesn’t believe him.
How can Bob prove he knows the password without revealing it to Alice?
Bob could enter the cave and head down one of the two legs, A or B. Alice doesn’t see which side he went down, but tells him to come out of one of the sides. If Bob can consistently exit from the side she shouts, then she can be certain that he does know the password to the door at the far end of the cave. She can be sure because, after 20 tests like this, it is mathematically impossible that Bob wasn’t forced to use the password at least once.
That’s a basic example of how a zero-knowledge proof (ZKP) works, and it is why they are called “zero-knowledge:” they can prove something while sharing “zero knowledge” about the data being proved. In other words, ZKPs are mathematical algorithms that allow a prover to demonstrate to a verifier that they have a certain piece of information without actually revealing that information. They help protect access to information, as 101 Blockchain explains:
In the event of a true statement, the verifier cannot access any other information beyond the fact that the prover has offered a true statement. The verifier can request statements from the prover, and the probabilistic nature implies that the verifier must be convinced with their information.
ZKPs have various applications in blockchains, such as improving privacy by allowing transaction data to be validated on-chain without being revealed and increasing scalability through ZK-rollups. Their application, however, extends beyond transactions to all kinds of data. For example, they could allow users to access a password-protected site by proving they have the password without actually providing it.
ZKPs hold an immense amount of potential for online and on-chain systems, which is why projects like Findora have spent so much time and effort developing the technology. Here are some specific ways ZKPs will advance Web3 in 2023.
Zero-Knowledge Proofs and Web3 Scalability
Scalability, not privacy, was the original narrative surrounding ZKPs when Ethereum gas fees started skyrocketing. ZK-rollups offered a solution to reduce network congestion.
There are two kinds of rollups – optimistic rollups and zk-rollups.
Optimistic rollups are a layer-2 scaling solution for blockchains that increase transaction speed by optimistically assuming all bundled transactions are valid. However, there is a 7-day waiting period for fraudulent transactions to be contested, during which time no assets can be exited from the system. So, although transactions execute quickly, they take a long time to settle. Arbitrum and Optimism are popular examples of optimistic rollups.
ZK-rollups, on the other hand, are a trustless form of scaling. A validity proof is submitted to to a verifier, which, if the proof is valid, will then execute and settle transactions instantly – no need to wait seven days. Though more complex to build, ZK-rollups allow for smaller proof sizes by using predefined rules (think of the two paths of the cave).
Findora uses zk-SNARKs for their small proof size and proven record.
ZK-rollups come in two forms: zk-SNARKS and zk-STARKS, with STARKs being trustless and SNARKs requiring a trusted setup. However, proof sizes are smaller with SNARKs, and they have a more proven track record in scaling and privacy, two reasons why Findora has chosen to implement SNARKs on its privacy layer.
Whichever type of ZK-rollup is used, both are significantly faster than optimistic rollups. Plus, since transaction data can be validated without being individually examined, it is naturally conducive to privacy.
Zero-Knowledge Proofs and Web3 Privacy
Though scalability first captured the imagination of Web3 users, projects like Findora, Mina, and Oasis have focused on using ZKPs for privacy.
Because ZKPs allows data, like transactions, to be validated without being revealed, it is perfect for blockchain privacy. For example, on the Findora network, users are able to send transactions where the token type and token amount are only visible to the sender and receiver. Upcoming privacy features on Findora will enable senders and receivers to protect their wallet addresses on-chain as well.
As mentioned above, zero-knowledge proofs are not limited to transaction data. It will soon be possible for users to selectively reveal their personal information to 3rd party dApps. For instance, take an example from a recent Findora hackathon. A developer created a game-chat app that would allow players to be grouped by skill level or age without needing to collect user data, creating more competitive and safer environments for players.
Imagine if Aave or Compound offered a preferred rate to users with a credit level above a certain score. ZKPs would allow you to prove your credit score is within a qualifying range without giving Aave your specific credit level. Credit bureaus, which have suffered some catastrophic data breaches, could use ZKPs to store user data without putting millions of consumers at risk.
Zero-Knowledge Proofs and Web3 Security
By requiring the storage of data proofs, not the data itself, ZKPs bring an added layer of protection for Web2 and Web3 users.
Data leaks and hacks have become increasingly common; the number of data breaches affecting US customers has increased from 157 in 2005 to 1,473 in 2019. In 2017, 147 million US consumers – a third of the nation – were affected by the Equifax data leak.
However, with zero-knowledge proofs, such breaches wouldn’t be possible. By storing only proofs of customer data, there would be no large servers full of actual customer data to hack – principle that applies to cross-chain bridges in Web3 as well.
Several devastating bridge hacks in 2022 resulted in the theft of over $2.5 billion, burdening an already turbulent crypto environment at the time. In the future, however, ZKPs could mitigate such attacks. By protecting the address holding a cross-chain bridge’s liquidity, hackers would have a harder time finding a target. Additionally, if they weren’t able to see how much was held on an address, they wouldn’t know if an attack would be worth the risk or effort.
Privacy helps deter attacks in DeFi and Web3 by making it difficult for hackers to target their victims.
Zero Knowledge and Mass Adoption of Web3
More security, better privacy, and higher scalability are some of prerequisites for mass adoption, but one key feature is still missing: auditability.
Auditability is a critical component in any financial system because regulators and institutions are wary of the lack of transparency and accountability. Fortunately, zero-knowledge proofs offer a solution.
ZK-systems like Findora are not token mixers. In fact, Findora prioritizes auditability and offers a balance between privacy and accountability through viewing keys. It creates a platform where users have an option for privacy while making information available to necessary auditors.
As more Web3 ecosystems adopt ZK features, users will come to expect privacy.
Stablecoin issuers, in particular, will benefit from auditability as it would help them avoid regulatory penalties. With viewing keys, they would have the ability to audit transactions made with their tokens while keeping those transactions private to the public.
By incorporating auditability along with security, privacy, and scalability, Web3 can support the demands of institutional financial systems. And, as more Web3 ecosystems adopt zero-knowledge proofs for their benefits, we predict more and more users will come to expect ZK-privacy.
More than Privacy: Data Ownership and Governing our Relationships
Findora’s approach to privacy is a little different: privacy isn’t about the information you want to keep hidden, it’s about the information you want to reveal. The concept of privacy implies that there are people with whom you want to share information — and some you don’t.
Hiding information from everyone is secrecy. Privacy, on the other hand, is about choosing how much information to reveal, to whom, and when. When you can choose the personal data you share, you control your relationships with the people and institutions around you.
Privacy isn’t about the information you want to keep hidden; it’s about the information you want to reveal.
You reveal different information about yourself to a spouse than to a random cashier. If we regulate information with those around us, shouldn’t we be able to regulate it with businesses and institutions? We should expect the ability to choose how much of ourselves to share based on what context we are in.
Privacy is the ability to choose how much of ourselves we want to share, and its an ability we should expect. Only by controlling our personal data can we control our relationship to the environments around us.
Stay up to date!
See how Findora is building ZK in the Web3 space by signing up for our newsletter
The Horizontal Touching Every Vertical
DAOs, bridges, gaming, NFTs, and nearly all verticals of Web3 can benefit from zero-knowledge proofs; it provides the privacy, security, and scalability that are essential for all these verticals.
We mentioned how ZK can improve security for cross-chain bridges, but the same principle applies to DeFi generally. As people start to protect their wallet addresses on-chain, phishing attacks, and other targeted attacks become less likely and more difficult.
DAOs will soon use ZKPs for anonymous voting and private payroll. CEXes can use it for proof of reserves without revealing to their competitors the exact amount of assets they’re holding. One day, users will be able to use it to interact with Aave and other lending platforms to get more favorable rates without revealing their credit scores. Wallets with ZKP transactions enabled will become the preferred way for businesses and individuals to interact because it is safer and Web3 games will use it to create unique game-play.
Privacy through ZKPs will help make DeFi a more viable economic system. The adoption of ZKP technology in Web3 will likely be gradual, then sudden. As more and more projects begin to offer the scalability, privacy, and security through ZK, more and more users will come to expect and demand it until it is the norm. Just as the adoption of SSL certificates started slowly and then suddenly became a standard after being required by Google, ZKPs are just one major ecosystem away from becoming the expectation for all users.
The upshot is that the ZK revolution in Web3 is upon us. By the end of 2023, we will all be much more likely, in all our transactions and interactions, to #ExpectPrivacy thanks to zero-knowledge proofs.
Findora is a Layer-1 building a future for Web3 where you can #ExpectPrivacy that’s auditable and programmable.
It combines an EVM layer for programmability and interoperability with a UTXO layer optimized for privacy. Developers can leverage either chain model as they build dApps with auditable privacy. By combining privacy with auditability, Findora prepares Web3 for mass adoption, empowering developers to protect users and comply with regulations.
We appreciate our developers and would love to onboard you to the Findora ecosystem. Please reach out, and join our social channels for more.
Discord | Twitter | Reddit | Telegram | YouTube | LinkedIn | Facebook | Newsletter