Bringing security, scalability, and privacy to the blockchain
DCVC has made a strong commitment to StarkWare’s $30M Series A to support their zero knowledge proofs platform for dramatically improved blockchain scalability and security. We invested in StarkWare because of their expert team, the speed and scale improvements they’ve achieved, and the post-quantum security they bring to blockchain identity and transactions — a necessary step for this technology. As one of the world’s leading investors in quantum computing hardware, systems software, and applications, DCVC knows this “quantum insecurity” is on the horizon, and we want to help harden the blockchain realm against it.
A blockchain is an unalterable way of storing information: each block in the chain influences the structure of the next. If someone tries to change a block, they will trigger other changes along the rest of the chain. This makes tampering immediately evident. Copies of the blockchain are stored on multiple computers, which jointly agree a new block is valid before updating each of their chains. Here’s a quick breakdown of how blockchains support cryptocurrencies, their most popular application (Source).
Untamperable records are valuable for many types of data — contracts, banking, medical records — but since (most) blockchains are public, anyone can see the information they hold. Every Bitcoin transaction that has ever happened is visible in its blockchain. You can watch new ones live here. You can see anyone’s account balance and entire transaction history. Some people aren’t too keen on having their entire financial lives exposed, let alone their medical records, which is completely understandable. If we want to use blockchain for sensitive applications, we need to solve its privacy problem first.
Unfortunately, self-serving parties can use veils of “privacy” to conceal dishonesty. For instance, the police might be inclined to misreport whether a certain political candidate’s DNA is in their private forensics database. This integrity problem is difficult to overcome while preserving the privacy of the database. If the public can’t trust the police or examine their data directly, they have to find a new way to know if the answer is true.
Computational integrity makes sure that a query run on data returns the correct answer rather than the answer favorable to the data’s owner. In public blockchains, computers provide computational integrity by re-executing a query (“Is this transaction valid?”) on the data (entire blockchain). You can’t run this query on confidential data because it would compromise its privacy. (Naïve approaches like this also scale poorly, since as data size grows, the time the computer needs to spend processing it grows linearly.)
StarkWare has developed a way to ensure computational integrity while keeping private information private. Their technique also decreases the time computers spend verifying information (logarithmic scaling instead of linear). StarkWare has done this with zero knowledge proofs. Put simply, zero knowledge proofs let you (the verifier) ask the confidential data owner (the prover) “Can you tell me something about X?” instead of “Can you tell me X?” This lets you learn about their data without them actually sending it to you — hence “zero knowledge”.
Zero knowledge proofs work because the verifier repeatedly questions the prover about their data. Imagine your friend has a red ball and a green ball, but you are color blind and can’t tell the difference. She hands you the balls and asks you to put them behind your back. You can choose to switch the balls, or not, then show her them and ask “Did I switch the balls?” If she answers correctly once, she has a 50% chance of guessing the right answer. If she answers correctly 5 times, though, there’s only a 3% chance she’s guessing. By the end of this process, you know the balls are different colors, even though you can’t see the colors yourself.
Zero knowledge proofs applied to data do the same thing, but the verifier’s questions are mathematical calculations that the prover answers about its data. We’ll leave the exact math to the experts (to avoid butchering it), but the result is the verifier confidently querying the prover’s confidential information without accessing it directly. Zero knowledge proofs enable the sharing of private information — without actually sharing private information.
StarkWare’s new system, ZK-STARK (zero knowledge scalable transparent arguments of knowledge), uses zero knowledge proofs to make blockchains private, scalable, and transparent. Compared to other zero knowledge proof systems, ZK-STARK has the fastest prover time — 10x faster than the next runner-up — and the lowest verification time and communication complexity\* for general large-scale computations.
*completely independent of outside trusted parties for setup or verification
**the amount of information transferred between prover and verifier
We invested in StarkWare because the encryption which cryptocurrency — and computer security — rest on will be undermined by multiple aspects quantum computing. We know this to be a highly likely outcome from our position as one of the world’s leading investors in quantum computing hardware, systems software, and applications. StarkWare is building the post-quantum infrastructure we’ll need to remedy that problem. Their system’s privacy will spur blockchain’s adoption in sensitive applications, and their breakthroughs in speed and scale will make existing blockchains more efficient. We’re excited to support the company as they fundamentally improve cryptography. Congratulations to the StarkWare team!