@adlrocha - The ZKP game

ZKP = Zero Knowledge Proofs. End of the first lesson.

I wanted to write an introduction to help people learn about Zero Knowledge Proofs, and specifically zkSNARKs (a common buzzword in the world of crypto these days). As for the case of the lattice cryptography game, instead of writing my own introduction to the topic (which could be too much for a single publication), I wanted to share a curated list of references to help people learn, up to the point they wanted to (from just getting a grasp to going really deep).

I was starting to search for references when I found this post from the eth.research forum. It contained everything (and more) of what I wanted to share in this publication so I said, “why bothering reinventing the wheel when we have a ZKP reference list that is already awesome?” Hence, I decided to build the ZKP game using this list as a base, structuring and adding some additional links and comments to guide (and ease) your study.

So without further ado, let’s enter the world of ZKP.

A present for everyone

When I was trying to learn about Zero Knowledge Proofs a few years ago, I ended by chance in some of these great references. I would have loved to have this list back when I was starting to learn (or at least I wish I had been smart enough to compile such a high quality list to make every ZKP neophyte live better).

The goal of this list is to serve as an entry point for anyone interested to make their baby steps towards understanding the core technical layers of zero-knowledge-whatever. It is important to note that this is definitely not an exhaustive list, but rather a set of supportive resources for ZKPs that have a connection to the blockchain ecosystem.

Level 0: Legend

• ZKP = Zero-Knowledge Proof

• zkSNARK = Zero-Knowledge Succinct Non-Interactive ARgument of Knowledge

• zkSTARK = Zero-Knowledge Scalable Transparent ARgument of Knowledge

• AZTEC = Anonymous Zero-knowledge Transactions with Efficient Communication

Level 1: Introduction

I didn’t know about these resources when I started learning. They are great to get a quick grasp about what ZKP is all about.

• [Deck] Elena Nadolinski: Demystifying Zero-Knowledge Proofs

• [Article] Matthew Green: An illustrated primer

• [Podcast] Zero Knowledge FM: Intro to Zero-Knowledge Proofs with Anna Rose & Fredrik Harrysson

• [Video] What Are Zero-Knowledge Proofs

• [Video] Elad Verbin: Zero-Knowledge Proofs and Their Future Applications at Web3 Summit 2018

• [StackExchange] Comparison between SNARKs, STARKs and Bulletproofs

Level 2 - Door X: zkSNARKs

If I had to recommend a single resource to learn zkSNARKs I would start reading Vitalik’s article series. Vitalik’s articles are dense and extensive, but a perfect guide through zkSNARKs. If you prefer smaller knowledge pills to go deep in the topic, I would go for ZCash article series.

• [Article Series] Vitalik Buterin: zkSNARKs Under the Hood [Part1, Part2, Part3]

• [Article] Zcash: What are zkSNARKs?

• [Podcast] Zero Knowledge FM: Intro to zkSNARKs with Howard Wu

• [Video] Howard Wu: Rise of the SNARKs

Level 2 - Door Y: zkSTARKs

In this case I would go straight to Vitalik’s article series. Again they are highly technical and extensive, but they are a great resource to understand in detail zkSTARKs.

• [Video] Eli Ben Sasson: Introduction of zkSTARKs at Technion Cyber and Computer Security Summer School

• [Deck] State of the STARK at Devcon4

• [Article Series] By Vitalik Buterin [Part1, Part2, Part3]

Level 2 - Door Z: Bulletproofs

This is the ZKP primitive I have most neglected, so I can not recommend you any target reference to go to in order to start learning. Unfortunately, in this level you are alone.

• [Podcast] Zero Knowledge FM: Benedikt Bünz on Bulletproofs and Verifiable Delay Functions

• [Video] Bulletproofs: Short Proofs for Confidential Transactions and More

• [Video] Benedikt Bünz at SF Bitcoin Devs

Level 3.1: AZTEC

Actually AZTEC is a protocol I really enjoyed reading about, I even managed to read its white paper a few times. As you will shortly find out, is a protocol that enables the use of confidential transaction in Ethereum. From my point of view it is a pretty elegant piece of tech.

• [Article] Zachary Williamson: A dive into the AZTEC protocol

• [Podcast] The Smartest Contract: Confidential transactions on Ethereum via range proof

Level 3.2: MimbleWimble

To end with the list of ZKP primitives, another neglected topic from my part that has been in my backlog for a while. I will try to find the time to go through it (and if I don’t, my dearest reader, you can always summarize it for me once you finish the game ;) ).

• [Video] Jackson Palmer: What is MimbleWimble

• [Video] Andreas Antonopoulos: Bitcoin Q&A: MimbleWimble and Schnorr signatures

• [Article] Conor O’Higgins: MimbleWimble explained like you’re 12

Bonus Level: Papers

And in case you love the hard stuff, the technical papers for all the primitives explained above. Some of them are extremely difficult to follow even with a good level of maths. My favorites in bold:

• Zerocash: Decentralized Anonymous Payments from Bitcoin

• Scalable, transparent, and post-quantum secure computational integrity

• Bulletproofs: Short Proofs for Confidential Transactions and More

• The AZTEC Protocol

• MimbleWimble

References

• Original post from which the reference links where extracted.

• An awesome github repo with a list of ZKP resources. It is periodically updated with new content, so it is the perfect way to keep up to date with this field.