What is a zero-knowledge proof?
A zero-knowledge proof (ZKP) is a cryptographic protocol that lets one party (the prover) convince another (the verifier) that a statement is true — without revealing any information beyond the statement’s validity itself. ZKPs were formalised by Goldwasser, Micali and Rackoff in 1985 and became commercially relevant in blockchain with zk-SNARK constructions (Zcash 2016, Ethereum L2s 2022-25).
ZKP families in production
- zk-SNARKs (Succinct Non-interactive Argument of Knowledge): small proofs, fast verification; require trusted setup (Groth16) or universal setup (PLONK). Used by Zcash, zkSync, Polygon zkEVM, Mina.
- zk-STARKs (Scalable Transparent Argument of Knowledge): no trusted setup, post-quantum candidate; larger proofs. Used by Starknet, Polygon Miden.
- Bulletproofs: no setup, smaller than STARKs but slower verification; used by Monero confidential transactions.
Use cases beyond scaling
- Privacy: shielded transactions (Zcash, Aztec, Railway).
- Identity: selective-disclosure credentials (zkPassport, Sismo, World ID).
- Compliance: proving regulatory eligibility (accredited investor, sanctions clearance) without revealing identity.
- ZK-rollups: compressing L2 execution into a single validity proof posted to L1.
Where ZK proofs meet regulation
Zero-knowledge systems are moving from cryptography papers into compliance architecture. They offer a genuine reconciliation of two pressures: proving a fact to a counterparty or regulator (age, solvency, sanctions-list absence, reserve backing) without disclosing the underlying data — privacy-by-design in the literal sense, aligned with KVKK/GDPR data-minimisation principles. The open questions are practical: a proof is only as good as the attested data behind it (oracle problem), verifiers must accept cryptographic evidence in processes built for documents, and AML frameworks still expect identifiable audit trails at defined points — which is why current deployments cluster in layered designs: ZK privacy for users, selective disclosure capability for regulators. Counsel evaluating ZK-based products should ask what is proven, what remains hidden, and who can pierce the proof under legal compulsion.