Legacy blockchains, such as Bitcoin or Dogecoin, face the problem of long waits to verify the entire chain due to their ever-growing size. However, with Mina, participants will be able to fully verify the network and transactions from their ordinary devices using recursive zero knowledge proofs — or zk-SNARKs.
In this article we are going to break down zk-SNARKs in simple terms by comparing it to a game of “Where’s Waldo?” You will understand what they are, how they work, and how they ensure your privacy.
What is Zero-Knowledge?
zk-SNARKs are a lot like playing an ultra-secure game of “Where’s Waldo?” – the illustrated book series where the reader must find «Waldo,” a character dressed in striped clothes, amongst masses of other characters in a large scene.
Normally, once you find Waldo you would just point to him on the page, proving you know where he is. And your friend (the verifier) could verify your proof is valid by seeing Waldo where you point. However, this sort of proof leaks information by also showing your friend (the verifier) where he is on the page.
What if instead, you wanted to convince your friend that you knew exactly where Waldo was, but didn’t want to spoil the game for them? In other words, you wanted to prove you knew where Waldo was, without pointing to him.
In that case, you would need to change how to construct your proof:
- First, you would need to get a large piece of paper — much larger than the size of the book.
- Next, you would need to place the paper over the book and shuffle the book behind the construction paper randomly.
- Then, since you know where the book is and where Waldo is, you’d cut a small hole in the construction paper — revealing Waldo, but not showing any context around Waldo. This is your proof.
- Finally, your friend, the verifier, would look and only see the construction paper with the hole revealing Waldo — convincing them of your proof. They won’t know the context around Waldo because the construction paper is covering all contextual information about who Waldo is next to.
This proof doesn’t leak any information about Waldo’s location — a verifier seeing this proof wouldn’t have an easier time finding Waldo than someone who hasn’t. It only shows that we know where Waldo is, without revealing Waldo’s location. In other words, we have zero knowledge about the context of information for a given statement, but we don’t have to reveal any knowledge about anything else.
We call this a zero-knowledge proof because it leaks no information to anyone who observes it.
What is a Succinct Non-interactive Argument of Knowledge?
zk-SNARK is an acronym which stands for Zero Knowledge Succinct Non-Interactive Argument of Knowledge.
S- Succinct means that the proofs are small and easy to verify even if the concept being proven is complicated!
N- Non-interactive means that we don’t need a back-and-forth communication between a prover and verifier — like the “Where’s Waldo?” example, a prover can hand over the proof, the construction-paper-contraption, and a verifier can tell if the proof is valid without asking any further questions.
AR- Argument is a formalism for talking about these proofs because there is some fancy cryptography and non-determinism that doesn’t quite make these «formal proofs» in the traditional sense (though we can still think of them as such).
K — Knowledge refers to the fact that the prover actually has the evidence themselves — Not only do they prove that Waldo exists on the page, but as the prover, they know where Waldo is on the page.
All zk-SNARKs have these properties; they don’t leak information, they are tiny and easy to verify even if the notion being proven is complicated, they don’t require back and forth communication, and they are proofs of knowledge — the prover must actually know the thing being claimed, not just that it is true.
Blockchains don’t play a game of “Where’s Waldo?” though. Instead, they prove that the entire blockchain is valid.
Why Does a Blockchain Need Validity?
Blockchains are run by many independent people instead of a central entity. So it’s necessary for many people to verify a blockchain is valid before trusting it. With other chains, people verify a blockchain’s validity by replaying every block one by one.
With Mina however, we do this by proving just that there exists a sequence of blocks that form a valid blockchain.
How Mina Approaches Blockchain Validity
Rather than re-validating the full sequence of blocks every time a new block is created, Mina just tweaks the proof statement slightly – saving time and energy.
Mina proves that there was a valid proof for some sequence of blocks and a new extra one that is also valid. In a sense, every time a new block is created and broadcast throughout the network, we extend the proof to support this extra block.
It’s almost like a collapsible Russian Matryoshka Doll – the initial proof is at the core with additional levels of proof being added to it one by one. Each new layer adds a new layer of validity — think of it like a picture of a picture.
Certain zk-SNARKs, like Pickles that’s used in Mina, support a concept of recursion — that a proof can refer to itself — and doing this doesn’t increase the size of the proof, no matter how many times we refer to the initial one. That recursion, or picture of picture, is what allows Mina to stay small.
Mina’s Approach: Simplified
Admittedly, our approach is a little more complicated than a picture of a picture. The math behind zk-SNARKs is quite complex, but with Mina, we hide the complex details of SNARKs behind a nice programming language, Snarky. If you are technical, you can read more about it here.
Mina’s zk-SNARKs Open Unlimited Possibilities
zk-SNARKs open the possibilities for new blockchain use cases such as sensitive data like your credit score, home address, medical information, and more.