Zero-Knowledge Proofs — Core Concepts

The three properties ZKPs must satisfy, how they're actually used in blockchains and identity systems, and why they might kill the password.

What Makes a Proof “Zero-Knowledge”?

A zero-knowledge proof has to satisfy three properties. All three. Miss one and it’s not a ZKP.

Completeness: If the statement is true and you actually know the secret, you can always convince the verifier.

Soundness: If you’re lying — if you don’t know the secret — you can’t fool a verifier (except with astronomically tiny probability).

Zero-knowledge: The verifier learns nothing beyond “this person knows the secret.” The proof itself contains no information that could help you figure out the secret.

That third property is the weird one. How can a proof contain no information, but still be convincing? That’s the mathematical trick at the core of all ZKP systems.

Interactive vs Non-Interactive

Early ZKPs were interactive — like the cave game, where the prover and verifier go back and forth multiple times. This works in person but is impractical for the internet.

Modern systems use non-interactive zero-knowledge proofs (NIZKs), where the prover generates a single proof object that anyone can verify without a back-and-forth exchange. The magic behind this is the Fiat-Shamir heuristic, which converts interactive protocols into non-interactive ones by replacing the verifier’s random challenges with a cryptographic hash function.

The two most widely deployed variants today:

zk-SNARKs (Zero-Knowledge Succinct Non-Interactive ARguments of Knowledge) — tiny proofs, fast to verify, but require a trusted setup ceremony to generate public parameters. Zcash used this starting in 2016, and the “trusted setup” became a famous controversy. If even one participant in the ceremony was honest, the system is secure. If all of them collude, they could forge proofs silently.

zk-STARKs (Scalable Transparent ARguments of Knowledge) — no trusted setup required, more transparent, but larger proofs. Developed by StarkWare. Ethereum’s StarkNet uses STARKs for its Layer 2 rollup.

Where ZKPs Are Actually Used

Blockchain Privacy

Zcash was the first major deployment — users can send “shielded” transactions where the amount, sender, and recipient are all hidden, but the network can still verify no money was created out of thin air.

Ethereum’s zkSync and StarkNet use ZKPs differently: not for privacy, but for scalability. They batch thousands of transactions off-chain, compute a single ZK proof that all those transactions were valid, and post just that proof to Ethereum. Result: Ethereum inherits the security, but at a fraction of the cost.

Identity and Age Verification

This is where it gets genuinely exciting. A government issues you a credential signed with their private key. You want to prove you’re over 18 to a website.

With ZKPs, you generate a proof that says: “I have a valid government credential, and the birthdate in that credential is more than 18 years ago.” The website verifies the proof without ever seeing your name, birthdate, or credential. Not stored. Not logged. Not sold to advertisers.

Microsoft’s Entra Verified ID and the EU’s eIDAS 2.0 digital wallet are building this. It’s not sci-fi anymore.

Voting

A voter can prove their vote was counted correctly without revealing who they voted for, and without revealing anything that could link the vote back to them. Countries including Switzerland have experimented with this.

Common Misconception

“ZKPs only matter for blockchain.”

Blockchain is where most ZKP development money has gone, but the technology is fundamentally about proving statements about private data. The killer app is probably private identity — replacing passwords and username/password databases with cryptographic proofs that reveal nothing.

Every major password breach (RockYou2024 leaked 10 billion credentials in 2024) happens because servers store secrets they shouldn’t need. ZKPs invert this: instead of proving you know your password by sending your password, you send a proof that you know something consistent with what the server already knows. Even if the server is hacked, there’s nothing to steal.

Key Concepts Summary

TermWhat it means
ZKPProve a fact without revealing the underlying data
CompletenessHonest provers always succeed
SoundnessCheaters can’t succeed (except with negligible probability)
Zero-knowledgeVerifier learns nothing except “true” or “false”
zk-SNARKTiny, fast-verify ZKP — needs trusted setup
zk-STARKLarger ZKP — no trusted setup needed
RollupBatching transactions with a ZK proof for scalability

One Thing to Remember

ZKPs are about separating proving a fact from revealing the data behind it. That separation is what makes private identity, private transactions, and verifiable computation possible — without trust in any central party.

securitycryptographyprivacyzkpblockchainidentity

See Also

  • Ssl Tls That little padlock in your browser is doing something wild — here's the secret handshake that keeps your passwords safe from strangers on the internet.

Related Topics

ab-testing How tech companies run thousands of experiments at once to improve their products — the scientific method applied to everything from button colors to recommendation algorithms. 3 levels → activation-functions Why neural networks need these tiny mathematical functions — and how ReLU's simplicity accidentally made deep learning possible. 3 levels → ai-agents-architecture How AI systems go from answering questions to actually doing things — the design patterns that turn language models into autonomous agents that browse, code, and plan. 3 levels →