 Command

Pranesh Nikhar's personal site. Vim-style keybinds for navigation; theme + font pickers below.

Theme
 Font Body Code
Reader
Keybinds
Navigation
j / โ†“ Next item k / โ†‘ Previous item g First item in region G Last item in region zz Center focused item h / l Move left/right region ] / [ Next/previous heading } / { Next/previous block d / u Half-page down/up
Layout
<zh> / <zl> Toggle left/right sidebar <zr> Toggle reader view <zj> / <zk> Focus main/navbar <S-h/j/k/l> Focus left/main/navbar/right ⌃H / ⌃L Focus left/right sidebar ⌃J / ⌃K Focus main/navbar ⇧C / ⇧E Collapse / expand all sections
Dialogs
⌃P / : Command palette ⌃X Theme picker / Search ? Show keybinds Esc / ⌃C Close dialog
History
n Next document b Previous document ⌃O History back ⌃I History forward
 Search
about: Pranesh Nikhar about/more: ๐Ÿชช More docs/test: Docs Test ideas: ๐Ÿ’ก Ideas more: โž• More now: Now posts: ๐Ÿ“ฌ Posts projects: ๐Ÿ“š Projects webtui: Style posts/agentic-eda: ๐Ÿ“Š AgenticEDA โ€” Automated Exploratory Data Analysis with LangGraph posts/cap-theorem-outage-story: ๐ŸŒ CAP Theorem with a Real Outage Story posts/codepilot: โœˆ๏ธ CodePilot โ€” From Requirements to Deployable FastAPI Backend posts/common-auth-mistakes: ๐Ÿ” Common Auth Mistakes Developers Make posts/compiled-vs-jit-vs-interpreted: โšก Why Is X Language Fast or Slow? โ€” Compiled vs JIT vs Interpreted posts/cs-degree-gaps: ๐ŸŽ“ Things CS Degrees Don't Teach You posts/cve-2025-breach-analysis: ๐Ÿ›ก๏ธ CVE-2025 Breach Analysis โ€” Midnight Blizzard and the 16 Billion Credential Leak posts/fixloop: ๐Ÿ”„ FixLoop โ€” AI Agent Loop for Self-Correcting Code posts/functional-vs-oop: โšก Functional vs OOP โ€” Same Problem, Both Ways posts/getman: ๐Ÿฆพ Getman โ€” Declarative API Tester for CLI & TUI posts/how-compilers-optimize: โš™๏ธ How Compilers Actually Optimize Your Code posts/http3-quic: โšก HTTP/3 and QUIC โ€” Why They Matter posts/leetcode-vs-engineering: ๐Ÿงฉ LeetCode vs Real Engineering Skills posts/llm-from-scratch: ๐Ÿง  LLM from Scratch โ€” GPT-Style Transformer in PyTorch posts/lsm-trees-bloom-filters: ๐ŸŒณ LSM Trees & Bloom Filters โ€” Production Deep Dive posts/mcp-workflow-builder: ๐Ÿ”ง MCP Workflow Builder โ€” Visual DAG for MCP Tools posts/persistent-memory: ๐Ÿง  Persistent Memory โ€” Long-Term Memory for AI Agents via MCP posts/playcli: ๐ŸŽฌ PlayCLI โ€” Terminal Video Player posts/postgres-mvcc: ๐Ÿ—„๏ธ How PostgreSQL MVCC Works โ€” Multi-Version Concurrency Control Deep Dive posts/raft-consensus: โ›ต Raft Consensus Algorithm Explained posts/rust-borrow-checker: ๐Ÿฆ€ Rust Borrow Checker โ€” Catches Real Bugs posts/titan: ๐Ÿค– Titan โ€” Terminal AI Coding Agent posts/what-happens-url: ๐ŸŒ What Happens Between Typing a URL and Seeing the Page posts/what-happens-when-you-run-a-program: โš™๏ธ What Actually Happens When You Run a Program posts/zero-knowledge-proofs: ๐Ÿ” Zero-Knowledge Proofs Explained Simply webtui/components/accordion: Accordion webtui/components/badge: Badge webtui/components/button: Button webtui/components/checkbox: Checkbox webtui/components/dialog: Dialog webtui/components/input: Input webtui/components/popover: Popover webtui/components/pre: Pre webtui/components/progress: Progress webtui/components/radio: Radio webtui/components/range: Range webtui/components/separator: Separator webtui/components/spinner: Spinner webtui/components/switch: Switch webtui/components/table: Table webtui/components/textarea: Textarea webtui/components/tooltip: Popover webtui/components/typography: Typography webtui/components/view: View webtui/contributing/contributing: Contributing webtui/contributing/contributing: ## Local Development webtui/contributing/contributing: ## Issues webtui/contributing/contributing: ## Pull Requests webtui/contributing/style-guide: Style Guide webtui/contributing/style-guide: ## CSS Units webtui/contributing/style-guide: ## Selectors webtui/contributing/style-guide: ## Documentation webtui/installation/astro: Astro webtui/installation/astro: ## Scoping webtui/installation/astro: ### Frontmatter Imports webtui/installation/astro: ### โ€นstyleโ€บ tag webtui/installation/astro: ### Full Library Import webtui/installation/nextjs: Next.js webtui/installation/vite: Vite webtui/plugins/plugin-dev: Developing Plugins webtui/plugins/plugin-dev: ### Style Layers webtui/plugins/plugin-nf: Nerd Font Plugin webtui/plugins/theme-catppuccin: Catppuccin Theme webtui/plugins/theme-custom: Custom Theme webtui/plugins/theme-everforest: Everforest Theme webtui/plugins/theme-gruvbox: Gruvbox Theme webtui/plugins/theme-nord: Nord Theme webtui/plugins/theme-vitesse: Vitesse Theme webtui/start/ascii-boxes: ASCII Boxes webtui/start/changelog: Changelog webtui/start/installation: Installation webtui/start/installation: ## Installation webtui/start/installation: ## Using CSS webtui/start/installation: ## Using ESM webtui/start/installation: ## Using a CDN webtui/start/installation: ## Full Library Import webtui/start/installation: ### CSS webtui/start/installation: ### ESM webtui/start/installation: ### CDN webtui/start/intro: Introduction webtui/start/intro: ## Features webtui/start/plugins: Plugins webtui/start/plugins: ## Official Plugins webtui/start/plugins: ### Themes webtui/start/plugins: ## Community Plugins webtui/start/theming: Theming webtui/start/theming: ## CSS Variables webtui/start/theming: ### Font Styles webtui/start/theming: ### Colors webtui/start/theming: ### Light & Dark webtui/start/theming: ## Theme Plugins webtui/start/theming: ### Using Multiple Theme Accents webtui/start/tuis-vs-guis: TUIs vs GUIs webtui/start/tuis-vs-guis: ## Monospace Fonts webtui/start/tuis-vs-guis: ## Character Cells
 Theme Current: Light j/k or โ†‘/โ†“ + Enter

๐Ÿ” Zero-Knowledge Proofs Explained Simply

What if you could prove you know a secret without revealing any part of it? Zero-knowledge proofs make this possible โ€” here is how they work, from the Ali Baba cave analogy to zk-SNARKs on Ethereum.

๐ŸŽฏ The Problem ZKPs Solve

Imagine you are at a bar and need to prove you are over 21. Today, you hand over your driverโ€™s license โ€” revealing your name, address, exact birthdate, height, and organ donor status โ€” for a simple yes/no check. The bouncer learns everything about you just to verify one bit.

This is the problem zero-knowledge proofs (ZKPs) solve: prove a statement is true without revealing anything beyond the statementโ€™s truth.

A zero-knowledge proof lets a prover convince a verifier that a statement is true, without revealing any information beyond the validity of the statement itself.

The three mandatory properties of any ZKP are:

PropertyMeaning
CompletenessIf the statement is true, an honest prover can always convince the verifier
SoundnessIf the statement is false, no cheating prover can convince the verifier (except with negligible probability)
Zero-KnowledgeThe verifier learns nothing except that the statement is true

๐ŸŽจ The Ali Baba Cave Analogy

The classic intuition comes from a 1989 story by Jean-Jacques Quisquater:

There is a circular cave with two paths (A and B) that meet at a magic door that only opens with a secret password. Peggy (the prover) wants to prove to Victor (the verifier) that she knows the password without actually saying it out loud.

The protocol:

  1. Victor waits outside while Peggy enters the cave and chooses a random path (A or B) โ€” Victor cannot see which.
  2. Victor shouts a random path (โ€œCome out through path A!โ€).
  3. If Peggy knows the password, she can always comply: if she was already on path A she walks out; if she was on path B she uses the password to go through the door and exit via A.
  4. If Peggy does not know the password, she can only comply half the time (the 50% chance she happened to pick the right path initially).

Repeat this 20 times: the probability of Peggy guessing correctly every time is (1/2)^(20) โ‰ˆ 0.0001%. Victor is convinced.

The key insight: Victor learns nothing about the password itself โ€” only that Peggy knows it.


๐Ÿ”„ Interactive vs Non-Interactive Proofs

Peggy and Victor going back and forth 20 times is an interactive proof. This works between two parties, but what about the web โ€” where a prover creates a single message that millions of verifiers must trust?

Enter non-interactive zero-knowledge proofs (NIZK). The prover produces a single proof object that anyone can verify without back-and-forth. This is the breakthrough that made ZKPs practical for blockchain and web applications.

Interactive:
  Prover โ‡„ Verifier (many rounds)
  Prover: "Pick a path"
  Verifier: "Path A"
  Prover: "OK, here I am"
  ... repeat 20x ...

Non-Interactive:
  Prover โ†’ (proof) โ†’ Verifier (one shot)
  Prover: "Here is a proof string. Verify it."
  Verifier: "... checks ... โœ… Valid!"

โšก zk-SNARKs: The Workhorse

zk-SNARK stands for Zero-Knowledge Succinct Non-Interactive Argument of Knowledge.

  • Zero-Knowledge: Verifier learns nothing beyond the statement
  • Succinct: Proof is tiny (a few hundred bytes) and verifies in milliseconds
  • Non-Interactive: Single message from prover to verifier
  • Argument: Computational soundness (secure against polynomial-time adversaries)
  • of Knowledge: Prover must know a witness, not just prove existence

How It Works (High Level)

The pipeline from program to proof is:

Program (e.g., "I have >= 18 years")
  โ†’ Arithmetic Circuit
    โ†’ Rank-1 Constraint System (R1CS)
      โ†’ Quadratic Arithmetic Program (QAP)
        โ†’ Elliptic Curve Pairings (the actual proof)
  1. Arithmetic Circuit: Your program is compiled into a circuit of addition and multiplication gates โ€” like an ASIC for your computation.

  2. R1CS: The circuit is flattened into a system of constraints. Each constraint is of the form Aยทs โˆ˜ Bยทs = Cยทs where s is the witness vector (secret inputs + intermediate values).

  3. QAP: The R1CS constraints are encoded as polynomials using Lagrange interpolation. Instead of checking constraints one-by-one, a verifier can check a single polynomial identity โ€” this is where succinctness comes from.

  4. Elliptic Curve Pairings: The prover commits to the QAP polynomials by sending elliptic curve points. The verifier uses a pairing e(g^a, g^b) = e(g, g)^(ab) to check the polynomial identity without ever seeing the polynomials themselves.

The result: a proof ~200โ€“300 bytes that can be verified in ~2โ€“5 ms, regardless of the original computation size.


๐Ÿงช Real Applications

๐Ÿ’ฐ Zcash: Private Transactions

Zcash uses zk-SNARKs to prove a transaction is valid (sufficient balance, no double-spend) without revealing the sender, receiver, or amount.

Standard Bitcoin:
  From: 1A1zP1... (public)
  To: 1BvBMSE... (public)
  Amount: 0.5 BTC (public)

Zcash Shielded:
  From: [hidden]
  To: [hidden]
  Amount: [hidden]
  Proof:  [valid transaction proof, ~200 bytes]

The proof ensures: the sender has the private keys, the balance exists, and the transaction doesnโ€™t create money โ€” all without exposing any details.

๐Ÿ“ฆ zk-Rollups: Ethereum Scaling

Ethereum L1 processes ~15 transactions/second. zk-Rollups batch thousands of transactions off-chain and submit a single validity proof to L1.

ApproachThroughputCost per txFinality
Ethereum L1~15 TPS$5โ€“50~12s
Optimistic Rollup~2,000 TPS$0.01โ€“0.05~7 days (challenge period)
zk-Rollup~2,000โ€“10,000 TPS$0.001โ€“0.01~10 min (proof generation)

zkSync and StarkNet are the leading zk-rollups:

  • zkSync uses zk-SNARKs with the Groth16 proving system (fast verification, requires trusted setup).
  • StarkNet uses zk-STARKs (transparent โ€” no trusted setup, larger proofs, quantum-resistant).

๐Ÿ†” Digital Identity

A real-world ZKP identity flow:

# Verifier asks: "Is user over 18?"
# Prover responds with a ZKP, not the birthdate

def prove_age_over(threshold: int, birthdate: date, issuer_sig: bytes) -> Proof:
    """
    Generates a proof that:
    - The issuer (e.g., DMV) signed this birthdate
    - current_date - birthdate >= threshold * 365
    - Without revealing the actual birthdate
    """
    circuit = AgeCircuit(birthdate, issuer_sig, threshold)
    return zk_prove(circuit)

# Verifier checks the proof
assert zk_verify(proof, public_inputs=[threshold])
# Output: โœ… Valid (user is over 18)
# Verifier learns: nothing except "user โ‰ฅ 18"

๐Ÿ—ณ๏ธ Secure Voting

ZKPs enable verifiable voting: a voter proves their vote is valid (registered voter, voted at most once, within allowed options) without revealing how they voted. The election result can be publicly verified while every ballot remains secret.


๐Ÿšง Real-World Constraints

ZKPs are transformative, but they are not magic.

Trusted Setup

Many zk-SNARK systems (including Groth16 used by Zcash and zkSync) require a trusted setup ceremony โ€” a one-time process that generates proving and verification keys. If the randomness used during setup is compromised, fake proofs can be generated.

Zcashโ€™s 2016 ceremony involved 6 participants in physically shielded rooms. They ran software on air-gapped computers, then destroyed the toxic waste (random values). As long as one participant destroyed their randomness, the setup is secure.

Systems like STARKs and Bulletproofs avoid trusted setup entirely (transparent), at the cost of larger proof sizes or slower verification.

Proving Time

Generating a ZKP is computationally expensive โ€” often 10,000โ€“100,000ร— slower than the original computation. A transaction that takes 1ms to execute might take 10โ€“20 seconds to prove.

ComputationExecuteProve (Groth16)Prove (PLONK)
Simple payment0.1 ms1โ€“3 s5โ€“15 s
EVM block (~500 txs)50 ms5โ€“30 min20โ€“60 min

Hardware acceleration (FPGAs, ASICs) is an active area โ€” companies like Cysic build custom accelerator boards.

Quantum Resistance

Most deployed ZKPs rely on elliptic curve cryptography and discrete logarithm assumptions, both vulnerable to Shorโ€™s algorithm on a sufficiently large quantum computer. STARKs use hash-based cryptography (conjectured quantum-safe), and post-quantum SNARKs are an active research area.


๐Ÿ”ฎ The Future

ZKPs are evolving rapidly:

  • zk-EVM: Proving Ethereum block execution inside a ZKP โ€” so L2 blocks are instantly verifiable by L1. Scroll, Polygon zkEVM, and others compete.
  • ZKML: Proving that a machine learning inference ran correctly without revealing the model weights or input data. Modulus Labs uses this for on-chain AI.
  • zk-Bridge: Trustless cross-chain bridging โ€” proving on Chain A that a transaction happened on Chain B.
  • zk-Email: Prove an email came from a specific domain and contains certain content, without revealing the rest of the email.

๐Ÿ“š Further Reading

ResourceLink
Micali & Goldwasserโ€™s original paper (1985)The Knowledge Complexity of Interactive Proof-Systems
Why and How zk-SNARK Works (vitalik.ca)Link
Zcash ZKP explainerHow zk-SNARKs Work
StarkWareโ€™s STARK explainerSTARKs vs SNARKs
ZK Podcastzero-knowledge.fm

๐Ÿ“– Series Navigation

 praneshnikhar.site / posts / zero-knowledge-proofs ยท Top 1:1