a16z: How to Understand Zero-Knowledge Proofs Through a Magic Show
"Any sufficiently advanced technology is indistinguishable from magic."Original: a16z
Original Author: Michael Blau
Compilation: Odaily Planet Daily Azuma
Editor's Note: As a "secret manual" for the development of Crypto in various directions such as scalability and privacy, zero-knowledge proofs (ZKPs) are highly anticipated in the industry. However, most explanatory content regarding this concept is aimed at individuals with a certain background in computer science or cryptography, making it somewhat challenging for the average user to fully understand the concept itself.
On September 8, a16z partner Michael Blau published a popular science article about zero-knowledge proofs. The article cleverly avoids the more abstract mathematical reasoning behind the concept of zero-knowledge proofs and instead uses magic performances to concretely demonstrate the utility of ZKPs.
The following is a compilation by Odaily Planet Daily of Michael Blau's original content (in the first-person perspective), with some edits for reading fluency.
Arthur C. Clarke, the author of "2001: A Space Odyssey," once said: "Any sufficiently advanced technology is indistinguishable from magic."
Zero-knowledge proofs are one of those technologies that resemble magic; it is actually a cryptographic concept that can be used to solve two major problems in Web3—scalability and privacy.
From a utility perspective, using zero-knowledge proofs helps reduce on-chain transaction costs and design new privacy-preserving apps, thereby promoting the spread of Crypto to a billion users. Apart from Crypto, ZKPs also have the potential to be applied in securely transmitting sensitive data, thus helping combat illegal financial systems or the rampant spread of fraudulent information.
But what exactly are zero-knowledge proofs? For a small number of researchers and developers, there are many detailed explanations available online, but this content is not aimed at ordinary users with little experience in computer science or cryptography. Although some pioneers have written analogy-based popular science articles, as of today, finding a concise and accessible explanation of zero-knowledge proofs that helps the average person accurately grasp their magic is still not an easy task.
So in the following article, I will combine my background in Crypto and magic to explore a new analogy—imagine zero-knowledge proofs as a great magic show.
First, some basic knowledge is needed.
I will first share a "high-level" definition of zero-knowledge proofs (especially its classic algorithm zk-SNARK) and its main characteristics, and then correspond these "components" to a magic show.
a16z research partner Justin Thaler defines zk-SNARK as: "zk-SNARK allows someone (the prover) to prove to another person (the verifier) that they know some data without revealing any information about the data itself."
The Massachusetts Institute of Technology defines it as: "A zero-knowledge protocol allows me to prove to you that I know a fact without having to tell you the fact itself."
This has significant application value under the blockchain narrative because:
(Corresponding to privacy) Zero-knowledge proofs allow others to verify the authenticity of information while protecting private information.
(Corresponding to scalability) Zero-knowledge proofs can "simplify" and "save" workload. "Simplify" means that the size of the "proof" is smaller than the "data" being proven; "save" means that the efficiency of the verifier checking the "proof" is higher than analyzing the original "data" itself. On Ethereum, this means that the data processed by smart contracts will be less, thus lowering users' gas costs, and Layer 2 can leverage these features to allow Dapps to handle more data at a lower cost.
In summary, zero-knowledge proofs have two main characteristics:
First, privacy: The "data" (or "fact," or "knowledge") you are proving is not revealed to the verifier.
Second, scalability: Verifying the "proof" is more efficient than directly analyzing the original "data."
This is the classic explanation of zero-knowledge proofs, but it still sounds like a riddle—how can a person prove they know something without sharing information?
Let’s revisit this definition, but this time, let’s turn it into a magic show.
Magic Itself is a Zero-Knowledge Proof
Simply put, in a magic performance, the "magic" itself is a zero-knowledge proof. To perform a magic trick, the "magician" needs to master the "secret" behind it; only by knowing this secret can they perform, but they certainly do not want to reveal this secret to the "audience"—this would obviously ruin the effect of the magic.
- Odaily Planet Daily Note: Note that the four roles are enclosed in quotation marks.
"Secret" corresponds to the original "data";
"Magic" corresponds to the "proof";
"Magician" corresponds to the "prover";
"Audience" corresponds to the "verifier."
Next, we will take the "high-level" definition of zero-knowledge proofs from the previous paragraph and apply it to this magic show, imagining the magician as the "prover" and the audience as the "verifier."
The magic performance is the process by which the "prover" proves to the "verifier." If the performance is successful, it is equivalent to a valid proof, and the audience can confirm that the magician must know the secret behind it; if the performance fails, it means the proof is invalid, and the audience, in disappointment, will realize that the magician may not know the relevant skills.
Clearly, magic clearly demonstrates the privacy of zero-knowledge proofs, as the audience is never informed of what the secret is. But what about scalability? Let’s continue with this analogy…
If the audience wants to know whether the magician knows the secret (whether the "prover" knows the original "data"), they can completely skip the normal performance and simply ask the magician to share the secret itself. However, the techniques of magic are generally quite complex and cumbersome, making it difficult for the audience to understand the design mechanisms and effects of these techniques in a short time, let alone fully grasp them. Moreover, the magician could easily provide a false technique, and the audience would find it hard to discern its authenticity. Therefore, attempting to complete the proof by analyzing the secret itself often requires a long time and a significant amount of work.
This is akin to how directly analyzing the original "data" is more time-consuming and labor-intensive; verifying the "proof" is more efficient, which reflects the scalability of zero-knowledge proofs.
Using Cards as an Example
Let’s take a simple example: suppose I boast that I have the skill of "reverse shuffling," which allows me to shuffle a deck of cards into a desired order. How would I prove this to you?
The most efficient way would be for me to directly shuffle a deck of cards into a certain order; when you see this deck of cards, you can confirm that I indeed possess this skill. This neither requires me to share the technique with you nor is it slower than you learning it yourself.
In summary, I hope this analogy helps to unveil the mystery of zero-knowledge proofs. The explanation of "magic," "secret," "magician," and "audience" can serve as an effective model for understanding the main characteristics of zero-knowledge proofs, helping more ordinary users engage with this concept.
Once again, I emphasize that magic is essentially a zero-knowledge proof, and zero-knowledge proofs are indistinguishable from magic.
