zk-STARKs
There are two popular types of
zero-knowledge (zk) proofs, sometimes also referred to as zk protocols –
SNARKs and STARKs. A zero-knowledge proof is a cryptographic verification method whereby one party (the prover) can prove to the other party (the verifier) that a given statement is true without the need to provide any supporting information apart from the fact that the statement is indeed true.
zk-STARK stands for “zero-knowledge scalable transparent argument of knowledge.” zk-STARKs were conceived by Eli-Ben Sasson, a professor at the Technion-Israel Institute of Technology. Unlike zk-SNARKs that are dependent on an initial trusted setup between a prover and a verifier, zk-STARKs do not require an initial trusted setup as they rely on leaner
cryptography through collision-resistant
hash functions. This approach also eliminates the number-theoretic assumptions of zk-SNARKs that are computationally expensive and theoretically can be prone to attack by
quantum computers.
In simple terms, zk-STARK proofs present a more straightforward structure in terms of cryptographic assumptions. However, this comes with a significant disadvantage: they have a large proof size, usually 10 to 100 times larger than zk-SNARKs. Such a difference in data size makes them more expensive and may present limitations when utilizing the technology to send over the wire for
cryptocurrencies and other applications.
Common use cases for zero-knowledge proofs are where both privacy and security are essential. An example is identity authentication. Using certain online services requires proving your identity and right to access those platforms. This often requires providing personal information such as name, email, birth date, and more.
Zero-knowledge proofs can simplify authentication for both platforms and users. Once a zk-proof has been generated using public inputs (data confirming the user's membership of the platform) and private inputs (the user's details), the user can simply present it to authenticate their identity whenever they need to access the service. This improves the experience for users and frees organizations from the duty to store huge amounts of personal information.