In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-04-05 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Internet Technology >
Share
Shulou(Shulou.com)06/01 Report--
This article mainly explains "what is the knowledge of zk-SNARKs". The content of the explanation is simple and clear, and it is easy to learn and understand. Please follow the editor's train of thought to study and learn "what is the knowledge of zk-SNARKs"?
1. Trust settings
Traditional zk-SNARK, such as Groth26, has a major disadvantage: it relies on a common reference string, which is created with an one-time trust setting. This setting creates a reference string for both the certifier and the verifier to use. There are three main problems:
The "toxic waste" generated by the trusted setting, if leaked, can be used to generate forged certificates that cannot be detected. Multi-party computation usually ignores this problem, but the coordination of rituals is extremely complex.
A reference string created by a trusted setting is usually bound to a circuit (basically a program). It is not possible to create a separate trusted setting for any computing, which makes many applications, such as smart contracts, not feasible.
The trust setting is one-time, and the generated reference string cannot be upgraded, which means that if Zcash needs to fix even a small bug in its zk-SNARK circuit, it needs a new ceremony to deploy the repair.
2. General zk-SNARK
The new zk-SNARK build addresses the need for trust settings, which means that arbitrary code such as smart contracts can run as zk-SNARK. There are currently two different approaches:
Transparency settin
The setting creates a common reference string that is exposed and does not create toxic waste. This is similar to the mechanism of zk-STARK. Fractal, Halo, and SuperSonic-CG use transparency settings. The disadvantage of this method is to prove that the amount of data will be very large. Fractal and zk-STARK prove that 250KB can be achieved, which is not realistic for blockchain applications. The Fractal team told me that they were working on the problem of proving too much data. The proof of Halo and SuperSonic is smaller, less than 10KB.
General Settin
This setting creates a structured reference string and also produces toxic waste, but the setting is no longer limited to a single circuit, a reference string can be used in an unlimited number of circuits. For example, Marlin, SuperSonic-RSA, and Plonk. The reference strings generated by these three builds can be upgraded to improve security. If the current toxic waste is leaked, you only need to upgrade the settings to ensure the security of the system again.
3. Zk-SNARK classification
How to compare the emerging zk-SNARK? On the proving person side, it takes O (n log n) time to generate a certificate for each zk-SNARK build. The main difference lies in the amount of data proved, the verification time, and the size of the reference string.
The compilers used by all these zk-SNARKS can be divided into three categories: preprocessing, DARK, and traditional SNARK (non-generic):
4. Existing zk-SNARK construction
As a reference, I will introduce three existing builds. Groth26 is non-generic, it depends on one-time settings that cannot be upgraded, and Sonic is a general-purpose zk-SNARK.
Groth26:Groth26 is the fastest and smallest zk-SNARK at present, and it is used in Zcash and so on. Groth26 is not universal and its settings need to be bound to a specific circuit. Because of its speed and proven small amount of data, it is often used by new zk-SNARK to compare performance.
Sonic:Sonic is an early general zk-SNARK protocol. The paper was published in January 2019. Sonic supports generic, upgradeable reference strings. The size of the proof of Sonic is fixed, but the cost of verification is high. In theory, multiple proofs can be verified in batches to achieve better performance.
5. New zk-SNARK construction
Fractal:Fractal is a zk-SNARK that allows recursion. The transparent setting is realized through the preprocessing of the circuit. To prove the maximum 250KB, the other build-generated proofs are much larger.
Halo:Halo supports recursive evidence organization without the need for trust settings. Unlike other new zk-SNARK builds, the validation time for Halo is linear.
SuperSonic:SuperSonic is an improved version of Sonic and is the first transparent zk-SNARK to be practical in terms of validation time and the amount of proven data.
Marlin:Marlin is an improved version of Sonic, which shortens the proof time by 10 times and the verification time by 4 times.
A big question is: how do you compare the performance of these different zk-SNARK builds? Unfortunately, I'm not aware of any benchmarks for zk-SNARK, but even if there are, not all new builds have a reference implementation. So please don't take the figures in the table below too seriously, they are based on the benchmark indicators in the paper, or on the estimates provided by the inventors.
By looking at the size of the certificate, the run time of the certificate, and verifying the run time, there are some aspects that are worth noting:
Builds that use transparent settings usually have a large amount of proof data
The validation time of Halo is not constant, which is different from other new zk-SNARK builds
Groth26 is still invincible in proving the size and speed of data.
Thank you for your reading, the above is the content of "what is the knowledge of zk-SNARKs?" after the study of this article, I believe you have a deeper understanding of what is the knowledge of zk-SNARKs, and the specific use needs to be verified in practice. Here is, the editor will push for you more related knowledge points of the article, welcome to follow!
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.