Scalability and privacy are top of mind for ethereum developers.
And Jacob Eberhardt’s new programming language, ZoKrates, aims to address these topics – providing ethereum developers with a toolkit that could help the network realize the full potential of privacy tech zk-snarks. Zk-snarks was popularized by anonymous cryptocurrency zcash, but ethereum’s recent hard fork Byzantium included a couple procedures that pave the way for easier use of the tech on its blockchain.
Revealed during Devcon3, ethereum’s annual developer conference, today, ZoKrates allows information to be obscured off-chain and then uploaded into a smart contract that can be verified on the ethereum blockchain without exposing any of the contract’s information.
The implications of ZoKrates are vast. For one, it’s designed to be so simple to use that any ethereum developer can deploy the technology, which could mean privacy features start emerging across ethereum use-cases, from decentralized applications (dapps) to ERC-20 tokens. And second, because zk-snarks compress information, ZoKrates has the potential to help scale the ethereum platform. by moving computations off-chain and lifting some of the burden off the blockchain.
As Eberhardt, a PhD researcher at the Technical University Berlin, told CoinDesk:
“zk-SNARKs were discussed a lot in the community over the last two years, but the gap between the theoretical concept and its practical application seemed huge. This gap, I try to bridge.”
Privacy – which has generally been seen as a shortcoming of ethereum – and scalability are hot topics at this year’s Devcon3 as ethereum developers prepare to put their heads down to make ethereum live up to its high expectations.
Private and smart contracts
With ZoKrates, an ethereum smart contract – which only executes if certain pre-conditions are met – serves as a way to transfer a zk-snark operation onto the blockchain and to verify that that information is valid.
As Eberhardt describes, a ZoKrates contract verifies that an unknown computation occurred correctly, or in his words, a ZoKrates, “transforms a program into a set of conditions.”
This moves ethereum one step closer to offering private transactions on its blockchain, the “practical implementations” that ethereum’s zk-snarks lead Christian Reitwießner, told CoinDesk in September would be missing to make the technology useful directly following the Byzantium hard fork.
But like bringing privacy to ethereum in the first place, the endeavor is complex.
For one, verifying a zk-snark is still expensive. When encrypted information is read and accepted onto the ethereum blockchain, it costs a lot of computational effort, which in ethereum is measured in units of ‘gas’.
While ZoKrates gets around this in some ways by moving privacy computations off-chain, the on-chain verification process is still quite costly.
Although, Eberhardt has said that ethereum could, through future upgrades, make this process less expensive. Byzantium, for example, already introduced some mechanisms for making private transactions more affordable like gas-subsidized pairings.
Steps towards scalability
Although, the cryptography still has hurdles to overcome. Right now it requires quite a lot of “gas”- about a quarter of the overall limit placed on ethereum blocks.
Crucially though, the cost of verifying a ZoKrates contract remains stable at all times, regardless of the complexity of the computation it represents. At present, a ZoKrates verification fee is about 1.6 million gas. Put simply, anything above this figure would be cheaper to run on ZoKrates.
The same applies for anything that can’t fit inside a single block- because the size of a ZoKrates verification is consistent. So if deployed, the blockchain would be filled with strings of verifications, rather than transactional information. Eberhardt explains that this could “lead to higher throughput,” as more verifications could fit inside a block than the computations themselves.
But that’s not to say there aren’t a few roadblocks in the way.
Speaking to CoinDesk, Eberhardt identified two major challenges to the software to date. For one, although Eberhardt is currently dedicated to making the language “more expressive, intuitive and easy to use,” it’s still very much under development.
Eberhardt open sourced the language today, but specifies it’s still in the prototyping stage and is not yet ready for deployment. On top of that, Eberhardt is currently working on the project alone, with some input and discussion from zk-snarks ethereum lead Christian Reitwießner, so for that reason, says he can’t predict the development timeline.
The other major concern- less of a problem with ZoKrates as it is with zk-snarks itself- is the unfortunate “trusted setup.”
In the generation of a zk-snark, information is generated that could totally destroy that data’s integrity. There’s ways around this- for example, zcash used a setup phase in the generation of its blockchain to ensure its integrity- but it’s hard to demonstrate that the process was foolproof, and the zcash team are still putting on audits on the matter.
Zk-snarks on ethereum would require a version of this- and it would need to be flexible enough to work in the generation of every ZoKrates contract. Towards this, Eberhardt attends zk-starks- the lightweight privacy equivalent that as previously detailed by CoinDesk, does away with the set-up phase entirely. This protocol is expected to be released within the next year- and one of its main authors, Eli-Ben Sasson, will be presenting the tech this Thursday at Devcon.
Socrates quote via Shutterstock
The leader in blockchain news, CoinDesk is an independent media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. Interested in offering your expertise or insights to our reporting? Contact us at firstname.lastname@example.org.