What problems can the zk-SNARK technology promoted by Vitalik solve?

At the Montenegro EDCON conference, @VitalikButerin systematically elaborated on the technical challenges of Ethereum network in terms of expansion, privacy, security, etc., and finally concluded that zk-SNARK will be as important as blockchain in the next 10 years. What exactly is zk-SNARK that Vitalik has spared no effort to promote? What current blockchain problems can zk-SNARK technology solve? In the next Thread, I will throw out some ideas for everyone to discuss together. 1/n
SNARK stands for succinct non-interactive argument of knowledge, which is a concise non-interactive argument of knowledge. Its core is to build a proof system through mathematical algorithms, so that the verifier can verify the correctness of the data itself without knowing the original data. Its implementation process involves complex technologies such as verifiable circuits, elliptic curve cryptography principles, hash functions, encryption algorithms, etc., and I will not go into too much detail here.
Since SNARK can compress the original data into a very small proof to verify the correctness of its input data, coupled with the technical foundation of zk zero-knowledge, zk-SNARK can make great strides in scalability, privacy, security, etc. Especially after Ethereum enabled the Makarov random algorithm (MAST) in 2018, zk-SNARK can be directly integrated into the Ethereum system to solve the current bottleneck problem of the Ethereum network. 3/n
This is why, although zk-STARK technology native to @Statrknet can handle more complex computing problems (avoiding quantum computing attacks, etc.), zk-SNARK is given greater expectations. In particular, some blockchain paradoxes that confuse everyone can be effectively solved after replacing the underlying layer of zk-SNARK, such as: protecting privacy, potential money laundering by hackers, and the problem of centralized institution interference that social recovery cannot escape, etc.
Let’s talk about scalability first. zk-rollup is far ahead of op-rollup and is a final solution for Ethereum’s second layer. op first assumes that all transactions are optimistic, and then conducts a 7-day fraud proof challenge period after submitting them to the chain, while zk can directly ensure the legitimacy of every transaction on the chain quickly and securely based on mathematical algorithms. 5/n
https://twitter.com/tmel0211/status/1649274901596094464?s=20 Here, zk-SNARK solves a paradox of Ethereum scalability, the contradiction between scalability and centralization. Although the actual implementation scenario of the op-rollup solution is more mature, it still has the potential risk of centralization in the process of sequencer and optimistic challenge verification. We can certainly be "optimistic", but to achieve an absolutely decentralized rollup, SNARK is still necessary. 6/n
Let's look at privacy. Based on the current blockchain technology context, our development of privacy technology will fall into a logical paradox. Will it ultimately serve hackers? But if it is based on zk-SNARK, we can make a Proof of innocence (POI) solution, which can protect users' deposits and withdrawals through privacy while preventing criminals from using it for evil. Specifically, POI technology can be applied to Tornado-like protocols; 7/n
POI technology provides each user with a digital fingerprint generated based on the blockchain status history and private key. When a hacker attempts to launder money through Tornado's mixed currency trading pool, if the withdrawal request address he provides is inconsistent with the deposit address (different private keys), it will be intercepted and returned to the original mixed currency address. This means that the hacker's unknown assets cannot escape tracking through the mixed currency system; 8/n
Of course, as Vitalik mentioned in his speech, we can directly build an exclusion list Merkle tree, which is equivalent to adding a blacklist mechanism to the Tornado protocol. If the deposit of a normal user is not on the list, an innocent proof can be generated and Tornado can be used normally. Otherwise, the opposite is true. Although adding a blacklist is effective, it has the risk of centralization. It is more effective to block transactions with inconsistent deposit and withdrawal private keys.
9/n Finally, let’s talk about the third-party anti-censorship paradox (security). The Social Recovery function is undoubtedly the inevitable path for large-scale blockchain applications, but from the community protests that Leaguer encountered when opening this function two days ago, it is not difficult to see that Social Recovery cannot be established on the premise that the third party is centralized. The zk-SNARK technology can solve this problem. 10/n
In simple terms, when a user generates multiple private key shards, the shards can be encrypted and a zk-SNARK proof system can be used to generate proofs, which can then be distributed to trusted institutions or friends. If the user's private key is lost, a third party can be requested to provide proof of the shard data, and zk-SNARK can then be used to verify the accuracy of these proofs, thereby achieving the function of social recovery without revealing the private key shards.
After fully understanding the above content, it is not difficult to see the importance of zk-SNARK technology to the blockchain system. It can solve the current development paradoxes of the Ethereum network, such as scalability and centralization, privacy and maliciousness, security and anti-censorship. Therefore, Vitalik said that zk-SNARK will be as important as blockchain in 10 years. Maybe the bottom layer of Ethereum will also be zk-SNARK-ized. Well, zk-SNARKS rule everything around me. 12/12