Zero-Knowledge Cryptography

Details on zk-SNARKS

Bit Bank heavily leverages Zero-Knowledge Proofs (ZKPs). ZKPs allow for advanced logic and contract interactions without any information leakage and are a revolutionary tool for privacy preservation.

What is a zk-SNARK?

Zero-Knowledge proofs are methods whereby one party, the prover, can mathematically satisfy another party, the verifier, the veracity, or truth of information without revealing the originating details of the information. This is achieved by the prover passing components of mathematical problems that relate to the truth of the information being proved onto the verifier multiple times. These interactions occur until the verifier is satisfied that it is statistically impossible for the information to not be true or is being faked by the prover, all without revealing the contents of the verified information.

zk-SNARK stands for “Zero-Knowledge Succinct Non-Interactive Argument of Knowledge”. Put simply, a zk-SNARK is a form of ZKP that does not require direct interaction between the prover and verifier. Rather, they achieve their non-interactivity through the prover simulating the interactions between prover and verifier, and the verifier simply needs to check that the simulation was performed correctly. These proofs rely on computational assumptions that cannot be cracked or will take millions of years to crack with currently available computational power.

For zk-SNARKs to be “succinct”, the proof size and verification cost must be small, logarithmic, or lower. Elliptic curves allow for smaller key generation and therefore more succinct ZK proof outputs. Elliptic Curve Cryptography use points on an elliptic curve graph to generate public and private keys from mathematical equations between the points on the curve. They form the basis of the Bit Bank privacy system as zk-SNARKs allow a smart contract to act as a verifier. The verifiers in Bit Bank privacy system are the smart contracts themselves. This breakthrough was powered by EIP 197 and EIP 198 which together enables Bit Bank to generate zk-SNARK circuits on-chain. These zk-SNARK circuits are created on the client side and can then be submitted for confirmation on-chain.

zk-SNARKs can prove the veracity of any form of information, such as valid unspent token balances or, in other terms, who has the right to spend what asset on a blockchain without revealing details about the person originating the transaction.

What is a circuit?

Within Bit Bank, zk-SNARKs take the form of arithmetic circuits. Arithmetic circuits are like Boolean circuits or even hardware circuits in computers/electronics. Like all other circuits, they contain wires and gates. Wires transmit information and gates are conditions that must be met for information to move through all the way until it reaches an output. In an arithmetic circuit like the ones used in Bit Bank, the gates are mathematical operations like addition or multiplication. In the context of Bit Bank´s zk-SNARKs, circuits are how verifiers can reach mathematical certainty that provers are providing true information.

For Bit Bank´s privacy system, zk-SNARK circuits prove the validity of a transaction senders address and balances by checking they have a corresponding note on the Merkle Tree.

Bit Bank´s zk-SNARK Circuit Design

The advanced cryptography contained in Bit Bank´s privacy system uses multiple circuits to enable complex transaction types. Each circuit is differentiated by the number of inputs and outputs and together they form the cryptographic basis for Bit Bank. Currently, there are approximately 43 circuits.

Multiple circuits are needed to account for different transaction types as circuits require the number of signals (that is inputs and outputs) to be instantiated at the setup phase. For example, a transaction that sends DAI to 2 different 0zk addresses would require a circuit with 1 input to 2 outputs whereas a transaction that sends DAI to only 1 0zk address would require a 1 to 1 circuit. Inputs in these scenarios are equivalent to UTXOs and outputs would be recipients.

Circuits are sometimes linked together where necessary to instantiate different outputs in batch transactions to establish optimal circuit routes. Bit Bank also supports multiple inputs to singular outputs, such as 5 to 1. These circuits are used for multi-sends, where users send more than 1 token type in the same transaction to a singular recipient. They are also useful for swaps where the price of the token has changed, leaving some leftover change in the original swap token or for paying a Relayer fee in a token other than the one being sent, e.g., if WETH is sent as a Relayer fee to send DAI.

Bit Bank´s circuit design is flexible in terms of supporting not just ERC-20 tokens. In an upcoming feature, Bit Bank´s circuits and smart contract will enable the shielding of ERC-721 and ERC-1155 NFTs. The potential for NFTs in finance, arts & culture, and digital ownership is only just beginning to be explored by adventurous developers and Bit Bank will be at the forefront of ensuring privacy as this narrative grows. For example, with Bit Bank´s circuits and smart contracts, users could potentially provide liquidity on Uniswap v3 privately and shield their LP NFT privately as well. This kind of composability is only possible with the flexibility of Bit Bank´s privacy system and is a result of it being designed from the ground up for real world DeFi use cases.

Last updated