[SomeStupidPoint]

> zk-SNARKs are totally private even if ... the cryptographic assumptions underlying zk-SNARKs fall apart

On the face of it, that sounds very wrong. Could you elaborate on what you were saying?

[ewillbefull]

Zero-knowledge proofs for a given statement, by definition, reveal nothing about its witness. zk-SNARKs (used by Zcash) are statistically zero-knowledge; there are no cryptographic assumptions involved.

[EGreg]

As a slight aside, I always wondered if zero-knowledge proofs really reveal "slight" knowledge.

That is, if I ask 1 billion questions about a resource, and get true, verifiable answers, can't I find out something about it? For example, some projection onto a linear subspace or something.