# Zero-Knowledge-Proof Mining

**Published by:** [shadowsocksr](https://paragraph.com/@shadowsocksr/)
**Published on:** 2022-07-29
**URL:** https://paragraph.com/@shadowsocksr/zero-knowledge-proof-mining

## Content

The definition of ZKP is very broad. According to “Why and How zk-SNARK Works,” there is a prover who wants to convince a verifier that some statement is true, and the ZKP protocol should satisfy three properties:Completeness — if the statement is true then a prover can convince a verifierSoundness — a cheating prover can not convince a verifier of a false statementZero-knowledge — the interaction only reveals if a statement is true and nothing elseA ZKP protocol For example, Alice wants to convince Bob that she knows Carol’s phone number. She calls Carol. Then Carol’s phone rings and shows it’s Alice calling. In this way, Alice proves to Bob her knowledge of the phone number without revealing what the number is. It is also a ZKP protocol. When we talk about ZKP in the context of blockchain, it often refers to a particular branch of algorithms within the definition. These algorithms are called zkSNARKs (Zero-Knowledge Succinct Non-Interactive Argument of Knowledge) in most cases and have the following properties.Non-Interactive proving process. The proving process only needs the prover to send a proof to the verifier.Succinct proof. The proof has a small size, and verifiers can quickly verify it.Programmable statement. The algorithm can convert any statement into a QAP (Quadratic Arithmetic Program) for proving.You can refer to “awesome zero knowledge proofs” for detailed ZKP algorithms used in blockchains. Their development follows such a trend: the computation speed is getting faster, the reliance on the “trusted setup” is getting lower, and the proof size is getting smaller. Some algorithms and their related projects are listed as follows.Pinocchio (ZCash Sprout version): the earliest introduction of ZKP to the blockchain.Groth16 (ZCash Sapling version, Filecoin): faster than Pinocchio.ZK-STARKs (StarkWare): no trusted setup.PLONK (zkSync), Marlin (Aleo): universal trusted setupHalo 2 (ZCash NU5 version): no trusted setup, recursiveZKP has properties suitable for the blockchain. First, compared to other proving systems like Merkle proof and signatures, ZKP is able to prove any statement, bringing varieties to the on-chain logic. Second, its proof is succinct, costing less gas when verified on-chain. The earliest usage of ZKP emphasizes its feature of zero-knowledge, proving transaction validities without revealing any transaction information, for example, ZCash. Later, ZKP experienced a bottleneck period. People find that blockchain privacy is not strongly needed, and ZKP is not user-friendly because it takes a long time to compute. Recently, ZKP regained people’s attention because of its usage in blockchain scalability. By proving the validity of a large piece of data, ZKP scales the computation and storage capacities of the blockchain. Some proved data and their related projects:L2 transactions: zk-Rollup projects like zkSync, StarkWareL1 transactions: MinaOff-chain data: FilecoinDiscussions on ZKP are very lively these days. Paradigm analyzes the hardware acceleration of ZKP and thinks FPGA is better than GPU and ASIC. a16z summarizes an overview of the ZKP. Presentations at “Zero Knowledge Summit Amsterdam” provide many thoughts and new ideas on ZKP.MiningThis year, Ethereum will switch from PoW to PoS so that the blockchain mining market will shrink significantly. Although storage mining has emerged in recent years, including Filecoin, Chia, and Arweave, it is still unable to meet the market vacancy caused by the exit of Ethereum. On the other hand, ZKP has some early applications in blockchain mining. There is a marketplace in Mina for ZKP workers to submit their generated proofs to earn tokens. In Filecoin, miners need to generate ZKP for every data sector stored off-chain, thus gaining storage power. Mina ZKP marketplace We can see that traditional hash mining is surrounded by controversies about energy-wasting, meaningless computation. Therefore, the blockchain area is trying to find a meaningful mining method. The properties of ZKP (proving arbitrary statement, complex proving but simple verification) provide more possibilities to the blockchain mining market.OpportunitiesWe are focusing on some ZKP mining projects this year.FilecoinFilecoin leverages ZKP to prove off-chain data through algorithms named Proof of Replication and Proof of Spacetime. We think Filecoin mining will continue to be popular this year for three reasons:Due to its economic model, the sector pledge has decreased from 0.25 to 0.16 FIL in the past year.The price of FIL has dropped significantly, further reducing its mining cost.The roadmap of FVM smart contracts brings a positive signal to the project.Sector Initial Pledge Variations (FIL/32GiB)AleoAleo starts the first “Proof of ZKP” mining mode in which the miner’s computing power is determined by how many proofs it can compute per unit of time. The mining algorithm is named PoSW (Proof of Succinct Work) and can be described in short as follows:pseudo_random(zk_prove(nonce)) &#x3C; target_difficulty zk_prove() is to generate a proof of “the current block containing its transactions” with nonce as its input. target_difficulty is adjusted according to the computing power of the whole network. You can see that PoSW and PoW are mostly the same, with the only difference being that PoW computes hashes while PoSW computes ZKPs. In addition, Aleo developed the first “private smart contracts” Leo. Although there are other ZKP-based smart contracts like zkSync’s zkEVM, StarkWare’s Cairo, and Mina’s zkApps, none of them support privacy.Decentralized ZK-RollupsCurrent designs of ZK-Rollups are centralized: only specific operators can submit transaction batches and validity proofs to L1. Vitalik gives several suggestions for making the operator decentralized, like sequencer auction, random selection from PoS set, and DPoS voting. Both zkSync and StarkNet have clear roadmaps to decentralized ZK-Rollups. There are also some cutting-edge researches, like Polygon Hermes, StarkNet, PoVP, and taikocha.in. Decentralized ZK-Rollups bring a new mining mode: miners can submit their generated proofs and thus earn rewards. It’s similar to the ZKP marketplace in Mina. But the marketplace is not the best solution since some proofs will be wasted due to no one buying. We need a parallel computing architecture for ZKP to aggregate power from all miners.

## Publication Information

- [shadowsocksr](https://paragraph.com/@shadowsocksr/): Publication homepage
- [All Posts](https://paragraph.com/@shadowsocksr/): More posts from this publication
- [RSS Feed](https://api.paragraph.com/blogs/rss/@shadowsocksr): Subscribe to updates