Hacker News new | ask | show | jobs
by magicalhippo 658 days ago
The previous article[1] goes a bit into the difference from a simple has function.

It was very long-winded, so I haven't fully read it yet.

The key difference seems to be that a simple has function has a single argument. To verify the output you need the input value. While a ZKP function has two arguments, and one of them is not needed to verify the output.

Not sure if it makes much sense in a direct login scheme, but the alternative scenarios sound more interesting. For example, proving to an adult website you're over 18 without revealing your identity to that website.

[1]: https://zkintro.com/articles/friendly-introduction-to-zero-k...
1 comments
bschmidt1 658 days ago
I can also enter a password without revealing my identity, how is it fundamentally different?

If I use an authentication provider, am I now "using ZKPs" because I can log people in without knowing who they are?

Or if I use any identity verification provider (example: Clear), am I using ZKPs since my app doesn't actually see your identity? We just get the OK from Clear?

link
magicalhippo 658 days ago
Like I said, I'm not sure the simple password scenario is a very good example, because the app doesn't really care about the details of the secret itself, ie your password. Only that it's the same as you presented when you signed up.

I found the Sudoku example more illustrative, where you want to share your knowledge of the solution without sharing the solution itself. In that case, others do indeed care about the details of your knowledge.

You can't just provide a hash of the solved board and say "lol solved it", as only those who had also already solved it could verify your statement. Maybe I don't trust those others who claim they also solved it, how can I verify that indeed you solved it? You could tell me the solution but then you'd ruin the puzzle for me, which is no good.

So as I understand it, the point of ZKP is that they allow you to share proof of your Sudoku solution to me, in a way where I can be certain you do indeed have the right solution, without me learning what exactly the solution is.

link
bschmidt1 658 days ago
> You can't just provide a hash of the solved board

Wait, why not? You could represent the Sudoku board as matrices, here's an example of one block:

    [

      [9, 5, 7]

      [4, 8, 3]

      [6, 1, 2]

    ]
(same idea for 9x9)

Imagine a "Sudoku Online" where we all have our own private boards, but we have a shared public chat like an online game. Any of us can click "Check Solution" which hashes our Suduku board and sends it to the chat. A message might look like:

    *magicalhippo is checking a hash... f3ghziiv × Failed*

    *bschmidt1 is checking a hash... 242eef7z × Failed*

    *magicalhippo is checking a hash... zzw4zq3x  Passed*
All players see the hash activity in the public chat, but none of us can see each others' boards - we only have insight to whether or not the solution was valid.

The validity check could run on a central trusted server, like where the game is hosted, or in a peer-to-peer setup a condition of passing could be that a peer machine must validate it. So no client can validate their own hash. It could even be in an "Unverified" state until some threshold % of players have validated it - could do anything you want, but I don't see how "ZKPs" offer any solutions.

Most of the libraries are either utils that have like generateUUID functions in them, or they're private/public key libraries that let you wrap functions in an additional encrypted layer. Haven't seen a goto ZKP npm yet or heard anything about what it improves/solves.

link