introduce

In the rapidly evolving world of Web3, two key challenges arise: privacy and scalability. The immutability of blockchain has raised concerns about the privacy of user and corporate data, while the growing popularity of central bank digital currencies (CBDCs) has increased concerns about surveillance.

At the same time, achieving scalability in blockchain networks is critical to handle growing transaction volumes. Faced with these challenges, zero-knowledge (ZK) payments offer a promising solution to privacy and scalability issues. This blog explores how ZK Payments bridges the gap between Web3 transaction confidentiality and transparency, giving users the privacy they need without compromising the basic functionality of the blockchain. Additionally, it delves into the potential of ZK-based protocols to enhance scalability, making decentralized applications more practical and accessible.

Understanding privacy challenges in Web3 transactions

Web3 has given rise to a large number of decentralized applications, DeFi platforms and NFT markets. However, the transparency of blockchain transactions means that wallet addresses and transaction history are visible to anyone with access to the network.

Imagine if your traditional bank account was public and anyone could access details about your financial transactions, including where your money was spent and how much you received. This situation is shocking and unacceptable to most people as it compromises their privacy and security.

There are several reasons that emphasize the importance of privacy in Web3 transactions:

1. Security and Protection: Privacy is critical to protecting users from potential hackers, phishing attacks, and other malicious activities such as doxxing. Masking financial data ensures users are less vulnerable to targeted threats.
2. Trade Confidentiality: For companies operating in the Web3 space, keeping transaction details private is critical to maintaining a competitive advantage and protecting sensitive business information.
3. Individual Rights: Just like traditional finance, individuals have a right to financial privacy. Web3 should respect and uphold these rights, giving users control over their data.

The rise of zero-knowledge payments

Zero-knowledge proofs can be traced back to the original paper Zero-Knowledge Proofs [GMR85] in 1985. Subsequently, a simplified proof of ZK [K92] was proposed in 1992. By 2013, zero-knowledge proofs could be used in real life, but at a slower pace. In 2016, Groth proposed the Groth 16 algorithm, which greatly reduced the computational complexity. Since then, zero-knowledge proofs have gradually been put into real commercial use.

In the cryptocurrency space, Monero and Zcash are pioneers in prioritizing privacy for blockchain transactions. Monero (XMR) introduced ring signatures and stealth addresses in 2014, providing a higher level of privacy than traditional blockchains. Zcash (ZEC) emerged in 2016 with zk-SNARK, offering users a choice between transparent and shielded transactions to strike a balance between privacy and transparency.

Now, zero-knowledge (ZK) rollups and protocols have emerged as promising solutions to privacy and scalability issues in Web3 transactions. ZK Payments uses a cryptographic protocol called zero-knowledge proofs, which allows one party to prove the validity of a statement to another party without revealing any sensitive information.

How does ZK achieve scalability and privacy?

Imagine you have a magic box that can secretly perform calculations. This box can prove to anyone that a certain statement is true without revealing any details about how it came to that conclusion. This is the basic idea behind zero-knowledge proofs.

Now, let’s connect this to blockchain payments. When you want to make a payment using blockchain, you usually need to prove that you have enough funds to cover the transaction. In traditional blockchains like Bitcoin, this involves leaking your account balance.

In its basic form, a zero-knowledge proof consists of three elements: a witness (confidential information) , a challenge , and a response .

• Witness : Through zero-knowledge proof, the prover wants to prove the knowledge of some hidden information. The secret information is the "witness" to the proof, and the prover's assumed knowledge of the witness sets up a series of questions that can only be answered by a party with knowledge of the information. Therefore, the prover starts the proof process by randomly selecting a question, calculating the answer, and sending it to the verifier.
• Challenge : The verifier randomly selects another question from the set and asks the prover to answer it.
• Response : The prover accepts the question, computes the answer, and returns it to the verifier. The prover's response allows the verifier to check whether the former actually has access to the witness. To ensure that the prover doesn't blindly guess and get the correct answer by accident, the verifier chooses more questions to ask. By repeating this interaction many times, the probability of the prover falsifying the witness's knowledge decreases significantly until the verifier is satisfied.

There are currently several popular ZK-based protocols, including zk-SNARKs (Zero-Knowledge Succinct Non-Interactive Knowledge Arguments), zk-STARKs (Zero-Knowledge Scalable Transparent Knowledge Arguments), and Bulletproofs.

In the context of blockchain, they allow users to prove the validity of a transaction without revealing the sender's true address. This feature can batch multiple transactions into a single proof, thereby reducing computational overhead and significantly improving scalability. By aggregating multiple transactions into a single proof, ZK payments can reduce the burden on the blockchain network and increase the throughput of transactions. This enhanced scalability can lead to faster confirmation times and lower transaction fees, making decentralized applications more useful and accessible to users.

What is Zero-Knowledge Proof (ZKP)? https://ethereum.org/en/zero-knowledge-proofs/

Zero knowledge rollup? https://ethereum.org/en/developers/docs/scaling/zk-rollups/

Case Study - ZkBob

zkBob is a privacy-focused application that leverages zero-knowledge proofs (zkSNARKs) and stablecoins for confidential transactions. Its core parts include the zkBob contract for processing transactions, the BOB token with privacy functions, the Relayer for secure transmission and Gas fee abstraction, the AccessManager for access control, and the UI for user interaction. It ensures private transactions and base layer neutrality.

Let's look at the scenario where Alice and Carl use zkBob to conduct a private transaction.

Situation: Alice wants to send a transaction to Carl without revealing the transaction details such as amount, sender or receiver information. They decided to use zkBob to achieve this privacy.

Transaction process

1. Create account:

• Alice and Carl each create their zkBob accounts using their private keys.
• These private keys are used to generate proofs, access balances and execute transactions.

1. Generate address:

• Alice generates a new private zkBob address through the application's UI to receive incoming transactions.
• This address is unique to this transaction and cannot be linked to Alice's main account.

2. Deposit:

• Alice initiates a deposit transaction from her regular Ethereum wallet to the zkBob Pool contract.
• She approves the contract to obtain the funds and then completes the deposit.

3. Transfer requirements:

• Alice wants to send Carl a private transaction.
• She uses her private key and the zkBob application to generate a zk proof for this transaction.

4. Relay interaction:

• Alice anonymously sends the zk proof to the relayer (a trusted intermediary).
• The relayer receives this proof and processes it without knowing the details of the transaction.

5. Transaction release:

• Relayers publish transactions to the zkBob contract without revealing the details of the transaction.
• The zkBob contract verifies the zk proof and updates the transaction details without revealing the amount or participants.

6. Receive transaction:

• Carl on the receiving end generates a new private zkBob address through the application's UI to receive incoming transactions.
• This ensures that his receiving address is not linked to his main account.

7. Transaction completed:

• The zkBob contract updates Alice and Carl's balances but does not reveal transaction details.
• Carl can now see that he has received a deal, but the details of the deal remain confidential.

8. Withdrawal options:

• If Carl wants to use the received transaction in public, he can initiate a withdrawal transaction.
• This withdrawal will generate a zk-proof showing ownership of the transaction, allowing him to convert it into a publicly usable form.

Throughout the process, transaction details, sender and receiver information remain private thanks to the use of zero-knowledge proofs (zkSNARKs). The relayer ensures that transactions are processed without revealing sensitive details, and the zkBob contract maintains the integrity of transactions while maintaining the privacy of the users involved.

Case Study - WaaS Pay

WaaS Pay is a smart contract account deployment platform leveraging the Safe{Core} protocol suite and Safe{Core} Account Abstraction SDK, designed for organizations seeking instant blockchain payments while prioritizing privacy. It provides a user-friendly code-free interface to customize smart contract account features such as social login, fiat on/off ramps, and gas-free transactions for recipients. With zkBob facilitating anonymous transactions via Zero-Knowledge Proofs (ZKP), WaaS Pay ensures sensitive financial data remains secure and private. The platform is powered by Polygon zkEVM to ensure scalability and efficiency, while self-hosted IPFS nodes with Helia protect sensitive metadata.

For more information: https://ethglobal.com/showcase/waas-pay-br0qs

Advantages of zero-knowledge payment

1. Enhanced Privacy: ZKPayments provides a high level of privacy by keeping transaction details private, protecting users from potential privacy breaches and data exploitation.
2. Improved security: By hiding sensitive transaction data, users can reduce the risk of targeted attacks, ensuring a more secure environment for conducting Web3 transactions. For ex. ZKPayments can help alleviate the front-running and maximizing extractable value (MEV) issues prevalent in web3.
3. Transparency and Compliance: ZKPayments strikes a balance by providing transaction transparency to relevant parties while protecting user privacy. This helps businesses meet regulatory compliance requirements without sacrificing confidentiality.
4. Enhanced user experience: Reduced computational requirements for ZKPayments mean lower transaction fees and increased scalability. As shown in the above case study, these use cases combined with ERC4337 provide a smoother experience for users and enterprises, thus encouraging higher adoption and usage.

Main use cases

1. Confidential Personal Transactions: These agreements ensure private purchases and payments without revealing financial details to third parties, thus ensuring maximum privacy.
2. Privacy-preserving token swaps: These protocols enable private token swaps, protecting transaction history and holdings, thereby enhancing financial privacy.
3. Private crowdfunding campaigns: Through these protocols, crowdfunding campaigns can maintain the anonymity of donors while disbursing funds transparently, ensuring a trustworthy private fundraising process.
4. Private Payroll: These agreements allow businesses to discreetly pay contractors or employees, protecting payment amounts and payee details.
5. Audit rewards for contributors: These protocols simplify private multiple transfers, ensuring confidentiality while auditing contributions.
6. Open Source Fundraising and Grants: These protocols provide investors with secure and private token requests, verifying the security of funds through proof of solvency while maintaining transaction confidentiality and fostering trust in fundraising and grant management.

challenge

Zero-knowledge (ZK) payments provide private Web3 transactions but pose compliance challenges. Meeting AML/KYC requirements, tax compliance, sanctions screening, data retention, cross-border regulations, and addressing criminal use issues are critical. Cooperation with regulators, dynamic compliance and strong security ensure responsible use. ZKPayments reinvents digital finance while protecting user privacy and complying with the law.

How to resolve compliance issues? Case study(zk.money)

To ensure compliance with UK laws and regulations, Aztec Network has implemented a comprehensive approach that balances privacy with blocking illegal activity on its privacy-focused DeFi dApp zk.money.

Practical methods of deterrence:

• Ensuring users have access to on-chain privacy while blocking money laundering and illegal activities.
• Current efforts: Deposit limits per transaction on http://zk.money .

Actions:

• System-wide daily asset deposit limit.
• IP specific deposit interest rate limits.
• Pending deposit limit for a single address.
• Escape hatch window restrictions.
• Deposits and withdrawals are slow.
• Easily identify risky addresses.
• Prevent illegal users from bypassing Aztec's summary Falafel.

in conclusion

In summary, ZKPayments provides a transformative solution to the growing need for privacy-focused and scalable options in Web3 finance. With zero-knowledge proofs seamlessly blending privacy and transparency, users can conduct secure and efficient transactions while retaining sensitive information. Committed to compliance and user-centric principles, ZKPayments paves the way for a decentralized future that prioritizes privacy, fosters trust, and responsibly reshapes the digital financial landscape. Embracing ZKPayments opens the door to a safer, more user-friendly web3 ecosystem, leading to a brighter and more inclusive financial future for everyone.