Understanding what the “zk” in zkSNACKs means gives you insight about the inner workings of Wasabi Wallet.
Particularly, it gives you a perspective on how Wasabi wallet enables coinjoins without gaining access to your bitcoin or collecting and revealing your private financial data.
The “zk” stands for Zero-Knowledge. zkSNACKs is a pun originating from the cryptographic techniques zk-SNARKS (Zero-Knowledge Succinct Non-Interactive Argument of Knowledge) and zk-STARKS (Zero-Knowledge Succinct Transparent Argument of Knowledge).
In simplistic terms, zero knowledge refers to cryptographic methods that allow sharing of secrets between two parties without ever revealing the secret.
Zero-knowledge is the base on which the WabiSabi coinjoin protocol runs. This article highlights the following:
1. How zero knowledge works
2. Other ways Wasabi Wallet implements zero knowledge
3. Why Wasabi and the future of technology rely on zero knowledge
Problem: What To Know vs What Not To Know
The goal of a coinjoin is to achieve privacy. That said, a coinjoin would defeat its practical application if it divulges any information about the user to anyone, even to the coordinator.
Yet for the coinjoin transaction to happen, the coordinator would have to:
1. Know the users’ input amounts and addresses from the inbound transactions
2. Know the amount and output addresses to map the coinjoined bitcoin
3. Access the network information of user wallets connecting to the coordinator
But even with the challenges posed, Wasabi Wallet always enables coinjoins while remaining blind to your private transaction details.
So how does the wallet achieve this?
The Magic Behind Zero Knowledge Proofs
The whole idea behind zero-knowledge proofs is that you don’t have to reveal something if you can prove that you know something. And in the context of the zkSNACKs coordinator, you don’t have to pass your private information if you have proof that the information you’re sending to the coordinator is true.
Wasabi Wallet implements cryptographic proofs to allow you to prove your transactional details such as the amount and output addresses, so you never disclose your information to the zkSNACKs coordinator.
Having these zero-knowledge proofs also means that you never have to send/trust the zkSNACKS coordinator with your bitcoin to coinjoin. In the background, wallets send proofs which are verified by the coordinator to allow your bitcoin to be included in the jointly spent transaction.
Zero Knowledge Doesn’t Stop With Coinjoins, Your Network Privacy Matters
If privacy-enhancing measures ended at the blockchain level, then Wasabi Wallet would still leak your network information and reveal your IP address or location.
This flaw happens to be the chink in the armor for many bitcoin wallets when they access and broadcast transactions over unshielded Internet connections. Transmitting to other peers over the Internet gives away your network information and as a result, your wallet becomes easy to fingerprint for surveillance.
Similarly, connecting to the coordinator for coinjoins over the Internet would reveal your network information. To circumnavigate this privacy flaw, Wasabi Wallet integrates Tor to uphold its zero-knowledge policy.
Tor achieves privacy by passing communications over multiple hops, separating your identity from its original source. Each hop contains no information about the starting or ending point, it only provides information about the next hop on the route. Or put simply, Tor cloaks the communication by adding layers (Onion Layers) on top of your Internet connection when connecting to Wasabi Wallet.
How Tor Is Used To Preserve Zero Knowledge
1. Using Tor during the registration of inputs and outputs to the coordinator
When the inputs and outputs are registered for a coinjoin through one connection, they become linked. The link will tell the coordinator the network identity of the user associated with the inputs and outputs. By using different Tor connections for inputs and outputs, there is no single network identity that is revealed to the coordinator.
Zero-knowledge between inputs and outputs is necessary for the coinjoin to gain any privacy. Wasabi takes this a step further by also using a new Tor identity for registering each individual input or output. For example, since up to 10 inputs and 8 outputs can be registered by a single client in a single round, this uses 18 unique Tor addresses to prevent any two addresses from being matched.
2. Using Tor when making queries to the public ledger
When Wasabi Wallet is querying ledger data from peers, it downloads one block per Tor identity so that peers do not become aware the same user received transactions in multiple blocks. To further prevent linking or building associations with specific peers, queries are made to random peers while including random data that does not necessarily relate to your query.
“False positive” blocks downloaded by your wallet prevent spies from “narrowing down” any transactions recorded by you on the blockchain since the data you download may include blocks you are not interested in at all.
Conveniently, Tor found a perfect use case in Wasabi Wallet. Without it, all your transaction information would remain tied to your network identity, negating the purpose of participating in a coinjoin.
Beyond Zero Knowledge in Wasabi Wallet
What is extraordinary about the application of zero knowledge in Wasabi Wallet is that it effectively adds a thick layer of privacy on top of bitcoin while still remaining a bitcoin wallet.
Ironically, the most groundbreaking applications of zero-knowledge are best suited, and even much more needed outside the realm of bitcoin. In particular, Internet applications collect more data than they could ever use. The application of zero-knowledge would mean that users can use applications without revealing data they would prefer not to share.
Some interesting ways zero knowledge improves applications include;
1. Creation of digital identities without giving away personal details such as date of birth or phone numbers by using a public/private key pair, such as Nostr.
2. Data privacy: zero-knowledge could allow you to complete a credit card payment without revealing your credit card number or personal information.
3. Secure data sharing: data could be shared between two parties without revealing more information about the data itself. For example, drug companies could reveal that their drugs are effective on various test models without revealing the structure of the drug’s proprietary compounds.
Using zero-knowledge software reduces the amount of data collected by companies and therefore, reduces attack vectors in case of a cyber breach. Additionally, the future application of zero-knowledge is what will save Internet privacy from its potential demise.
Wasabi Wallet ensures users achieve zero knowledge for the maximum level of financial privacy without needing extra tools.