Zero-Knowledge Proofs What are they, how do they work, and are they fast yet?

What is a zero-knowledge proof?

History of Zero-knowledge proofs

Recent Zero-Knowledge proving systems

GGPR13 Pinocchio (PGHR13) BCGTV13 Geppetto (CFHKKNPZ14) BCTV14a

BCTV14b Coda (MS18)

CTV15

ZKBoo (GMO16)

Groth16 GM17 BG18 DIZK (WZCPS18) Distributed implementation of Groth16 Enables zkSNARK computations of up to billions of logical gates (100x larger than prior art) at a cost of 10μs per gate (100x faster than prior art) Implements distributed polynomial evaluation/interpolation, distributed Lagrange polynomial computations, and distributed multi-scalar multiplication

BCCGP16 Bulletproofs (BBBPWM17)

Hybrid Interactive ZK (CCM16)

ZKB++ / Picnic (CDGORRSZ17)

Ligero (AHIV17)

Hyrax (WTSTW17)

zk-STARKs (BBHR18)

Updatable Universal CRSs (GKMMM18) Sonic (MBKM19)

Hybrid NIZK (ACM18)

Aurora (BCRSVW18)

Libra (XZZPS19)

Implementations of proving systems

Other implementations:

Generating structured reference strings

Some proving systems require a structured reference string (SRS). The following works discuss secure SRS generation.

[BCGTV15] - MPC for generating the SRS for PGHR13/BCGTV13

[BGG17] - improved MPC for generating the SRS for PGHR13/BCGTV13

[BGM18] - “Powers of Tau” protocol for scalable generation of structured reference string for Groth16

Libraries for writing circuits

Name DSL Host Language Backed by Description libsnark’s gadgetlib1/2 C++ libsnark Libraries for building circuits for preprocessing zk-SNARKs bellman Rust bellman Library for building circuits; various gadgets in sapling-crypto jsnark Java libsnark Library for building circuits for preprocessing zk-SNARKs ZoKrates Python subset Rust libsnark, bellman Toolbox for zk-SNARKs on Ethereum Snarky Embedded OCaml OCaml libsnark Front-end for writing R1CS SNARKs Circom Typed JS JavaScript snarkjs Language for writing R1CS SNARKs Circomlib Typed JS JavaScript Library of basic circuits for Circom ZEXE’s snark-gadgets Rust ZEXE Module for building circuits, comes with pre-built algebra circuits ZkVM Rust bulletproofs Language for writing confidential smart contracts that create Bulletproofs R1CS proofs

General-purpose compilers from high-level languages

Example circuits

Circuit optimization

Standardization efforts

So are they fast yet?

Stay tuned! 😁

Improve this page

Additions, corrections and other suggestions are welcome! You can propose an edit to this page here. (Note that after making your edits, there are 3 confirmations to click through in order to create the “pull request” in the Git repository underlying this page.)

For more broad changes, you can make a pull request here!