Skip to main content

Zero-Knowledge Proofs (ZKPs)

ZK proofs are a type of cryptographic proof that allows one party to prove to another party that they know a certain piece of information without revealing that information. They are often used in web 3 for their computational integrity benefits where one untrusted party can prove that they correctly executed a program to another party without needing the latter to re-execute the original program to accept the results as accurate.

Broadly speaking, there are four approaches to generating ZK proofs:

  1. Client-side: Games, payment or DID apps can choose to generate proofs directly at the end user's devices. But, depending on the complexity of the program, proof generation can cause stalling and drain the device's battery leading to a poor user experience.
  2. Server-side: Teams building ZK bridges, DEXes or oracles can purchase or rent machines and generate proofs for their users by exposing an endpoint. Operating such servers reliably, however, is time-consuming and may lead to poor resource utilization and excessive idle time for use cases where proofs are generated infrequently.
  3. Proof networks: Many rollups plan on bootstrapping their own network of provers which can be an overkill in terms of cost and effort. Moreover, such a degree of redundancy isn't always required.
  4. Proof markets: Open markets like Kalypso allow proof generation to be outsourced to dedicated hardware operators. It is compatible with the other approaches mentioned above as clients, server side operators or nodes in proof networks can proxy the requests to dedicated proof markets.

The generation of ZK proofs is usually bottlenecked on Fast Fourier Transforms (FFTs) and multi-scalar multiplications (MSMs). Research into new algorithms have made such computations more efficient. However, proof generation for a block in a ZK rollup still takes between 10 to 20 minutes while sending a privacy-preserving transaction can take above a minute due to the time it takes to generate the proof in a local wallet or browser.

Proof generation can be accelerated by using hardware optimized for ZK computations - GPUs, FPGAs and ASICs. FPGAs are cheaper and more energy efficient than GPUs. ASICs, on the other hand, are less flexible than FPGAs and involve expensive development cycles for each ZK circuit at a time when proving systems themselves are at a nascent stage of design and fast evolving.