Skip to content
Gallery
Blockchain One Pager
Getting Started
important ppts
AMAs
More
Share
Explore
Starkware

icon picker
SNARK to STARK

SNARK

zk-SNARK = “Zero-Knowledge Succinct Non-Interactive Argument of Knowledge”
A proof construction where one can prove possession of certain information, without revealing that information, and without any interaction between the prover and verifier.

What is Zk-SNARKS – Making ZKP non-interactive

One of the main problems with the traditional ZKP is that it’s a highly interactive system.
Prover (P): This algorithm takes in three terms as inputs – proving key (pk), a random input (x), and the statement (w) that they want to prove.
Verifier (V): Takes in the prf from the P algorithm and returns TRUE if valid or FALSE if not. Along with the prf, this algorithm takes in two more values – the random input “x” and verifying key “vk.”
Key Generator (G): Taken in a secret “Lambda” value and a program “C” to generate pk and vk. The lambda value has to be kept private and confidential. If someone gets their hands on this value, they can use it to generate proving and verifying keys. They can use this to build counterfeit proofs, at will.
The verifier uses generator G to create the proving and verifying keys.
They’re generated during a so-called trusted setup ceremony: a joint computation performed in an arranged time by a group of voluntary participants.

Pain point of ZK-SNARK

image.png
Not fast enough
Need trusted set up: It comes from a generated randomnized number, which not supposed to be known by anyone. If someone does, it is a safety issue

What is ZK-STARK?

ZK-STARKs, invented by StarkWare, enforce the integrity and privacy of computations on blockchains, using novel cryptographic proofs and modern algebra.
ZK-STARKs allow blockchains to move computations to a single off-chain STARK prover and then verify the integrity of those computations using an on-chain STARK Verifier.

Zero-knowledge

Inputs used by the off-chain prover are not exposed on the blockchain, thus protecting user’s privacy.

Scalable

Moving a computation off-chain reduces blockchain verification costs exponentially, while the creation process of off-chain proof costs roughly the same as asking a single blockchain node to run the computation.

Transparent

The security of ZK-STARKs does not rely on elaborate setup ceremonies (ceremonies that involve hazardous cryptographic “toxic waste”).

Argument of Knowledge

STARK proofs can only be generated by an off-chain prover that actually executed the computation, along with all needed auxiliary inputs required by it.

Bibliography:
https://www.reddit.com/r/MinaProtocol/comments/m2sgxm/what_is_the_difference_between_zksnark_and/
https://academy.moralis.io/blog/breaking-down-eth-2-0-zk-snarks-and-zk-rollups
Want to print your doc?
This is not the way.
Try clicking the ⋯ next to your doc name or using a keyboard shortcut (
CtrlP
) instead.