ZK Snarks Programming 101: Your Friendly Starter Guide

In the world of cryptocurrency and blockchain, zero-knowledge proofs (ZKPs) can be particularly challenging for beginners. This article dives into the author's exploration of ZKPs, the hurdles faced in the cryptocurrency landscape, and the barriers encountered in unraveling the mysteries of zero-knowledge.

   Embarking on a journey to acquire new skills is most effectively achieved through hands-on experience. In the realm of zero-knowledge proofs (ZKPs), the process of building tangible applications emerges as a pivotal bridge between theoretical understanding and practical expertise. While traditional learning methods often involve poring over abstract concepts and theoretical frameworks, the transformative power of actively constructing something with the newfound knowledge cannot be overstated.

   Learning through building not only cements theoretical concepts but also provides a real-world context for their application. The cryptocurrency and blockchain space, with its rapid evolution and innovation, particularly underscores the need for developers to be adept at translating theoretical knowledge into functional solutions. The ability to construct and implement solutions is not only empowering but also vital in navigating the challenges of emerging technologies.

   The landscape of cryptocurrency and blockchain development is rife with challenges that can be daunting for newcomers. Accessible documentation and user-friendly software libraries often lag behind the fast-paced advancements in research and development. This gap between theory and practice can present a significant hurdle for those seeking to delve into specialized areas such as zero-knowledge proofs.

   As developers strive to harness the transformative potential of blockchain and cryptographic technologies, they are met with complexities that extend beyond the conventional barriers encountered in other programming domains. The unique nature of blockchain, coupled with its decentralized and trustless architecture, demands a profound understanding of specialized concepts like zero-knowledge proofs. This necessitates not only theoretical comprehension but also the ability to navigate the practical intricacies involved in implementing cryptographic solutions.

   Zero-knowledge proofs, with their inherently esoteric nature, pose formidable barriers to entry for aspiring developers. The concept of proving possession of certain information without revealing that information requires a deep understanding of advanced mathematical principles. To beginners, the field of zero-knowledge proofs may initially seem like a complex enigma, akin to unraveling a riddle wrapped in mystery.

   The learning curve in zero-knowledge proofs is steep, particularly for those without prior experience in advanced mathematics. The intricate interplay of cryptographic principles, coupled with the need for precise implementation, demands a dedicated effort to overcome these barriers. However, the rewards of mastering zero-knowledge proofs are significant, with applications ranging from untraceable cryptocurrencies to privacy-preserving identity proofs.

   In the subsequent sections, the article will delve into the author's personal journey of learning zero-knowledge proofs, navigating through challenges, and ultimately building a practical application to showcase the transformative potential of this fascinating field.

   The exploration of zero-knowledge proofs (ZKPs) took a crucial turn when the author stumbled upon snarkjs and circom, two open-source JavaScript libraries developed by Jordi Baylina, an Ethereum developer contributing to the iden3 project. This serendipitous discovery proved to be a valuable entry point into the world of ZKPs, offering accessible tools for developers looking to integrate cryptographic functionalities into their projects.

   Snarkjs and circom, being written in JavaScript, held immediate appeal for the author due to the familiarity of the language. This familiarity meant a reduced learning curve, enabling quicker immersion into the intricacies of zero-knowledge proofs. The decision to utilize these libraries was further reinforced by their potential applications, not only in the realm of cryptocurrency but also in decentralized applications (dApps), where JavaScript is a prevalent language for frontend development.

   While snarkjs and circom presented an inviting entry point, the author also considered alternative libraries in the ZKP landscape. Libsnark, a comprehensive library for zk-SNARKs, and Zokrates, a toolbox for zk-SNARKs on Ethereum, were among the contenders. Each library came with its own set of advantages and complexities.

   Libsnark, although powerful, was temporarily set aside due to its perceived complexity, providing the author an opportunity to prioritize a more approachable starting point. Zokrates, while offering interesting features, was ultimately not chosen in favor of snarkjs and circom. The decision-making process reflected not only the functionalities of these libraries but also the practical considerations of the author's familiarity with JavaScript and the potential for in-browser verification.

   The significance of JavaScript in the realm of ZKP development cannot be overstated. While other languages may offer specific advantages, JavaScript's ubiquity and accessibility make it a pragmatic choice for developers venturing into the cryptographic space. The ability to seamlessly integrate ZKP functionalities into web-based applications, especially dApps, positions JavaScript as a crucial language for harnessing the potential of zero-knowledge proofs.

   Notably, the author recognized that the ability to verify ZKP proofs directly in a web browser could have profound implications for decentralized applications. While Ethereum smart contracts could already verify snarks on-chain, the unique proposition of JavaScript libraries lay in the potential to perform verification within web apps. Given that many dApps serve as web-based frontends for smart contracts, the integration of ZKPs through JavaScript libraries could unlock innovative use cases and enhance the privacy and security features of decentralized applications.

   In the upcoming sections, the article will delve deeper into the author's journey of implementing zero-knowledge proofs using snarkjs and circom, shedding light on the technical aspects, challenges faced, and the potential applications in the world of decentralized technologies.

   With a newfound understanding of zero-knowledge proofs and the capabilities offered by snarkjs and circom, the author set out to find a practical application that struck a balance between complexity and feasibility. The goal was to identify a use case that not only showcased the capabilities of zero-knowledge proofs but also provided a tangible and relatable example for developers and enthusiasts alike.

   After consulting with fellow developers at ConsenSys, the Mastermind board game emerged as a fitting choice. The game's mechanics, which involve one player setting a secret combination of colored pegs and another player attempting to deduce the combination through a series of guesses and clues, presented an intriguing challenge for implementation with zero-knowledge proofs. The complexity of Mastermind, combined with its popularity and simplicity, made it an ideal candidate for demonstrating the power and versatility of ZKPs.

   The Mastermind board game, a classic of deduction and logic, provided an excellent canvas for incorporating zero-knowledge proofs. The primary objective was to utilize snarkjs and circom to construct a proof that could verify the accuracy of the clues given in the game without revealing the secret combination itself.

   In the traditional setup of Mastermind, the physical game board prevents cheating, but translating this trust into an online environment introduces challenges. The potential for a remote server or client to manipulate the game state poses a significant threat. Additionally, hashing the solution and revealing it only at the end of the game proves insufficient, as there is no way for the codebreaker to ensure, mid-game, that the codemaster is not cheating.

   Zero-knowledge proofs offer an elegant solution to this problem. By applying snarks to the Mastermind board game, the cryptographic proofs can demonstrate the accuracy of clues about a secret combination without exposing the combination itself. This not only adds a layer of trust to the online gameplay but also surpasses the security measures of traditional in-person gameplay.

   In the following sections, the article will delve into the technical intricacies of designing circuits for the Mastermind game, the challenges faced during implementation, and the ultimate success in creating a practical application that showcases the unique capabilities of zero-knowledge proofs. The Mastermind board game serves as a compelling use case, highlighting the potential applications of ZKPs in real-world scenarios.

   Armed with the decision to use the Mastermind board game as a practical application for zero-knowledge proofs (ZKPs), the author delved into the intricate process of designing circuits to represent the game's dynamics. Leveraging the snarkjs and circom libraries, the task involved mapping the various elements of Mastermind—such as the secret combination, the codebreaker's guess, and the resulting clues—into a structured and verifiable form.

   The initial steps included defining the public and secret inputs for the circuit. Public inputs encompassed the codebreaker's guess, a salted hash of the secret combination, the number of black pegs in the clue (representing correct pegs in the correct positions), and the number of white pegs in the clue (representing correct pegs in different positions). The secret input comprised the actual secret and salted combination.

   The circuit design then proceeded to calculate the number of black and white pegs based on the codebreaker's guess and the secret combination, establishing constraints that mirrored the rules of the Mastermind game. This process involved hashing the secret combination and ensuring it matched the provided hash. In essence, the circuit encapsulated the logic of the game and created a framework for verifying the accuracy of clues without revealing the secret.

   As with any complex development endeavor, the journey was not without its challenges. Navigating the snarkjs and circom libraries, the author encountered unexpected issues, including problems with if statements, a lack of support for variable block scope, and memory-related errors with intricate circuits. Each challenge was meticulously documented, and bug reports were filed.

   The collaborative nature of open-source development proved invaluable during this phase. The libraries' creator, Jordi Baylina, actively addressed and resolved many of these issues. This trial-and-error process not only honed the author's understanding of the libraries but also contributed to their improvement, making them more robust for future developers venturing into the world of ZKPs.

   With the circuit design solidified, the author transitioned to building the frontend and backend components of the Mastermind application. A quick-and-dirty web frontend, coupled with a backend server, was developed to create a functional and interactive environment for the game.

   The frontend allowed users to make guesses, while the backend processed these guesses, generated clues using the zero-knowledge proofs, and maintained the state of the game. The culmination of these efforts resulted in a working prototype of the Mastermind board game, enhanced with the cryptographic assurances provided by ZKPs.

   The journey from conceptualization to implementation was not kept in isolation. The author actively shared their newfound knowledge and the developed Mastermind application within the ConsenSys community. This sharing of insights fostered collaborative learning and sparked discussions within the development community.

   Furthermore, the author presented their work at notable events such as the ETHSingapore hackathon and the ETHKL meetup. These platforms provided opportunities to showcase the practical applications of zero-knowledge proofs, fostering awareness and interest in the broader blockchain and cryptography communities.

   In the upcoming sections, the article will delve into the performance improvements implemented during the later stages of development, shedding light on the iterative nature of the learning process and the continuous pursuit of refinement and optimization in the world of zero-knowledge proofs.

   While the author was satisfied with the progress made in building the Mastermind application, one aspect that demanded attention was its performance. Initial benchmarks revealed extended durations for crucial operations, with the setup phase of the circuit taking approximately 15 minutes to generate proving and verification keys. Additionally, the generation of proofs consumed around 2 minutes.

   These performance challenges, while not unexpected in a complex cryptographic application, prompted the exploration of avenues for optimization to enhance the overall efficiency of the system.

   A breakthrough in performance improvement occurred when the author was introduced to alternative hash functions with superior efficiency within zero-knowledge proofs. Connecting with BarryWhiteHat, the author learned about Pedersen and MiMC hash functions, which were known for their improved performance in the context of ZKPs.

   The existing SHA256 hash function circuit, identified as a bottleneck, was replaced with the Pedersen hash function. This switch, although requiring careful consideration due to the unique nature of the Pedersen hash output, proved to be a pivotal optimization step.

   To accommodate the Pedersen hash output, which included an x- and y-coordinate on a specific elliptic curve, the author crafted an additional circuit to encode this point into a single big-integer. This meticulous process involved retaining the first byte of the x-point and the last 31 bytes of the y-point, leveraging the symmetrical nature of the curve across the y-axis.

   The integration of the Pedersen hash function resulted in a remarkable performance boost. The proof generation time was significantly reduced to approximately 18 seconds, and the setup phase time was cut down to about 30 seconds. This represented a substantial 6x improvement, marking a pivotal moment in the optimization journey.

   The newfound efficiency not only enhanced the user experience by reducing wait times but also showcased the critical role that underlying mathematical primitives play in the performance characteristics of zero-knowledge proofs.

   The experience with performance improvements highlighted a broader lesson about the intricacies of emerging technologies, especially in the realm of cryptocurrencies and blockchains. The concept of "leaky abstractions," wherein the complexities of underlying systems impact the usability of higher-level abstractions, became evident.

   The author reflected on the fact that understanding how zero-knowledge proofs function under the hood was crucial in making informed decisions about optimizations. While theoretical knowledge can provide a foundation, hands-on experience and experimentation proved essential in uncovering nuances and optimizing the application for real-world scenarios.

   In the subsequent sections, the article will distill key takeaways from this learning journey. It will explore the significance of practical engagement, the iterative nature of optimization, and the broader implications for developers navigating the intricate landscape of zero-knowledge proofs and emerging technologies.

The journey into ZK 101 not only unveils the intricacies of zero-knowledge proofs but also emphasizes the significance of practical engagement in mastering complex technological domains. With each challenge faced and lesson learned, the author's experience serves as a guide for those venturing into the fascinating world of ZKPs.