Quite often we hear about privacy preserving protocols. And their application in many different cryptos. Cyphers and code breakers are not new, however, the medium through which we use them has been evolving. Privacy-preserving protocols are the backbone of blockchain technology, a technology that has promised secure transactions and communication.
Let us compare two popular protocols.
Zk-SNARK stands for Zero-Knowledge Succinct Non-Interactive Argument of Knowledge.
Zk-SNARKs involve the construction of a proof of some specific knowledge without revealing the information. In other words, ZK-SNARKs allow for any entity to prove something to another that a statement is true without having to reveal any information other than the statement itself.
The “succinct” in zk-SNARKS is related to the amount of space required for a proof, only a few hundred bytes. This makes storing ZK-SNARKS on a blockchain more reasonable.
The drawback of zk-SNARKs is that they require a trusted setup. If a malicious actor has access to all the information used to generate the initial keys, that actor can then create proofs that look valid to the verifiers but are false. Many participants in a SNARK setup go to great lengths to ensure the randomness of the key generation is protected.
Imagine a situation in which you must prove membership of a specific group (i.e., individuals over the age of 18), however due to privacy concerns, you do not wish to reveal the exact date of your birth; then, you can use a zk-SNARK to prove this.
There have been various different projects employing ZK-SNARKS in different ways. Good examples are ZCash for its baselayer protocl, Ethereum for scaling strategies,Coda to have a succinct blockchain, Concordium to enable privacy amongst a regulated public chain with identity and regulation at a protocol level.
STARKs are like SNARKs, but there are some very critical distinctions. First STARKs do not require a trusted set up to work. Secondly, zk-STARKs are post-quantum secure.
This is because STARKs rely on cryptographic functions that are not known to be susceptible to large quantum computations.
In other words, STARKs rely on weaker cryptographic assumptions than SNARKs. This feature is very important if we seek to build digital protocols that will stand the test of time. However, these features come at a cost. STARK proofs are at a minimum an order of magnitude larger than SNARK proofs. ZK Starks was manily introduced through Starkware.
The size of STARKs could lead to unnecessary blockchain bloat or worse, turn into a bandwidth sink for an active network.