Since 2015, Least Authority has been working with zero-knowledge proofs (ZKPs) to further enable privacy, improve security, and encourage the implementation of zero-knowledge proofs in Web3 technologies and beyond. Although Zcash spun out of Least Authority with the Electric Coin Company in 2016, we continued to work on zero-knowledge proofs by performing security audits for our clients, implementing ZKPs in our products, and providing educational resources – we’ve accomplished a great deal to advance and promote the use of zero-knowledge proofs throughout the years.
Security Audits of Zero-Knowledge Proof Technology
We began performing security audits of products and projects utilizing ZKPs in 2018. Since then, we have published many audit reports on ZKP implementations and performed even more reviews that are not published. The following collection of ZKP related audits is taken from our complete list of published audits, which you can find here.
Published Audit Reports:
- Mina Transaction Logic and Transaction Pool – August 2023
- Groth16 Verifier in EVM Smart Contract – August 2023
- Worldcoin Protocol Cryptography – July 2023
- Aleo Trusted Setup: Phase 1 – July 2021
- Zkopru zk-SNARK Circuits + Smart Contracts for Ethereum Foundation – June 2021
- cLabs’ Plumo Protocol: Arithmetic Optimizations – June 2021
- Venus for Filecoin Foundation – June 2021
- Loopring 3.6 Design + Implementation: Circuit – March 2021
- Loopring 3.6 Design + Implementation: Smart Contracts – March 2021
- O(1) Labs’ Mina Ledger Application – February 2021
- Zcash Security Audit Reports – December 2018
Conducting security audits and providing consulting services for projects utilizing ZKPs allows us to advance the security of systems and contribute to the community of developers who build them.
We also contribute to the community by giving workshops on security best practices for ZKPs as well as common mistakes and attacks on ZKP implementations. In 2022, we started the conversation about attacks on ZKPs at the 5th ZKProof Workshop, and in 2023, we presented a workshop on auditing cryptography and ZKPs at Crypto Lounge Experience for ZKWeek in Barcelona.
Using Zero-Knowledge Proofs in Privacy Enhancing Technologies (PETs)
In 2021, we released our Whitepaper on Zero-Knowledge Access Passes (ZKAPs), which we use in PrivateStorage. This anonymous, token-based authorization protocol based on Privacy Pass for use by PrivateStorage helps facilitate an online exchange of value while disconnecting the payment and service data that is gathered on customers.
PrivateStorage is a privacy-focused, secure, and end-to-end encrypted, data synchronization application that aims to minimize the collection of any data related to its users.
Although we created ZKAPs to better address the access-control issue in Tahoe-LAFS for the development of PrivateStorage, we see many possibilities for the use of ZKAPs to help protect user privacy in other services that need to accept online payments.
For additional insight and information, we encourage you to read our other blog posts about ZKAPs here.
Facilitating Learning About Zero-Knowledge Proofs
Resources for learning about zero-knowledge Succinct Non-Interactive Argument of Knowledge (zk-SNARKs) are scattered across blog posts and GitHub libraries. This results in a high barrier to entry, thereby slowing the widespread adoption of zk-SNARKs and associated privacy-enhancing technologies.
In 2022, we published the first version of the MoonMath Manual. It covers mathematical concepts for zero-knowledge proofs and helps you learn to construct zk-SNARKs using simple pen-and-paper computations.
Since publishing, it has been downloaded more than 8,000 times and has been utilized by a number of study clubs as a resource and guide to learn the foundational building blocks of zk-SNARKs.
As we develop future versions of the manual, we encourage readers to contribute technically to the production and improvement of the manual by submitting a PR via GitHub. Our FAQs page can provide further background and information about the MoonMath Manual.
Along with the release of the MoonMath Manual, we began using it for workshops and training on the basics of ZKPs. At Zcon3, we held the workshop, “Understanding the Moon Math of ZK Snarks,” and later in 2022, we delivered the training “Zero-Knowledge Proof Technology Explained” at the Singapore University of Social Sciences.
Prior to the MoonMath Manual, we gave talks about ZKPs, such as Anna Kaplan’s presentation on Zero-Knowledge Proofs in the Wild at the ZK Proof Standards conference and Mirco Richter’s workshop on the Mathematics behind zkSNARKs.
If you’d like to work with us or learn more about zero-knowledge proof technologies, reach out to us at consulting@leastauthority.com or schedule a call.