Jul 9, 2026 · 8:59 PM
Subscribe
Home Crypto

What Is a Zero-Knowledge Proof and Why Crypto Runs On It Now

What is a zero-knowledge proof? It's a cryptographic method that lets one party prove a statement is true without revealing any of the underlying data, and it now powers everything from Ethereum's zk-rollups to Zcash's private payments and Worldcoin's identity checks. Here's the plain-English breakdown of how it works and where it's actually being used.

Julian Lim
· 6 min read · 53 views
What Is a Zero-Knowledge Proof and Why Crypto Runs On It Now

A zero-knowledge proof lets you prove a fact is true without handing over the fact itself, and that one idea now underpins Ethereum's scaling roadmap, private payments, and a growing slice of digital identity.

Here's the plain version. Say you know a password. You want to prove you know it without typing it into a form that could get hacked, logged, or subpoenaed. A zero-knowledge proof lets you do exactly that: you run a bit of math against the password, hand someone the output, and they can verify you know the real thing without ever seeing it. No password crosses the wire. That's it. That's the whole concept, and everything else is engineering built on top of it.

Cryptographers call the three properties completeness, soundness, and zero-knowledge. Completeness means a true statement can always be proven. Soundness means you can't fake a false one. Zero-knowledge means the verifier learns nothing beyond the fact that you're right. Those three words show up in every academic paper on the subject, and they're also why the tech took decades to leave the lab. The math was published in 1985 by Shafi Goldwasser, Silvio Micali, and Charles Rackoff. It sat mostly as a theoretical curiosity until blockchains gave it an obvious job: proving a transaction is valid without publishing everyone's balance to the world.

Blockchains have a privacy problem and a scaling problem, and zero-knowledge tech happens to fix both, which is why it's everywhere in crypto right now.

The privacy problem is obvious. Every transaction on Ethereum or Bitcoin is public by default. Anyone can look up your wallet and see your entire financial history. Zcash, launched in 2016, was the first major chain to fix this with zk-SNARKs, letting users prove a transaction is valid, the sender has the funds, nothing was double-spent, without revealing the sender, receiver, or amount. You don't have to trust Zcash's word on this. The math is public and auditable, which is the entire point.

The scaling problem is less obvious but it's the bigger business story in 2026. Ethereum can only process roughly 15 to 30 transactions per second on its base layer. A zero-knowledge rollup, or zk-rollup, bundles thousands of transactions off-chain, then generates a single proof that all of them followed the rules, and posts just that proof back to Ethereum. The chain doesn't need to re-execute every transaction. It just checks the proof, which takes a fraction of a second. StarkWare's StarkEx and zkSync, built by Matter Labs, both run on this model, and Ethereum co-founder Vitalik Buterin has said publicly that zk-rollups are likely to become the dominant scaling path over their older cousin, optimistic rollups, precisely because the proof is checked instantly instead of waiting through a week-long fraud-challenge window.

zk-SNARK vs zk-STARK: the trade-off that actually matters

Once you're past the basic idea, the real technical fork in the road is SNARKs against STARKs, and the difference is not academic hair-splitting. It changes what you can build.

A zk-SNARK, short for Succinct Non-Interactive Argument of Knowledge, produces tiny proofs that verify fast and cheap. Zcash uses them. So does Polygon zkEVM. The catch is that most SNARK systems need a trusted setup, a one-time ceremony where participants generate secret randomness and then have to destroy it. If even one participant kept a copy and colluded, they could theoretically forge proofs. Projects handle this by running elaborate multi-party ceremonies with dozens of independent participants across the globe, on the logic that all of them would have to be corrupt at once for the setup to be compromised.

A zk-STARK, developed by Eli Ben-Sasson and the team that became StarkWare, skips the trusted setup entirely and relies only on hashing, which also makes it resistant to quantum computers in a way elliptic-curve-based SNARKs are not. The trade-off is size. STARK proofs run larger and cost more gas to verify on-chain. StarkNet bet on STARKs anyway, judging the trust-minimization worth the extra bytes. Neither approach is simply better. SNARKs win when proof size and verification cost matter most, STARKs win when you don't want to trust a ceremony you can't personally audit.

Where this shows up outside of rollups

Rollups get the headlines, but identity is where zero-knowledge tech is quietly becoming a consumer product. Worldcoin, the project co-founded by Sam Altman, uses zero-knowledge proofs to let a person prove they're a unique human, verified by an iris scan at one of its Orb devices, without transmitting the biometric data itself to any app that checks it. You prove uniqueness. The iris pattern stays out of the picture entirely.

Regulated finance is testing the same trick from the other direction. Instead of hiding a wallet balance from the world, banks want to prove compliance without dumping customer data on a counterparty. JPMorgan's Onyx unit has piloted zero-knowledge proofs so a bank can demonstrate a client passed KYC checks without handing the client's actual documents to every institution in a transaction chain. That's a genuinely different use case from Zcash or StarkNet, and it's the clearest sign the technology has outgrown its crypto-native origins.

None of this means zero-knowledge proofs are simple to build or cheap to run. Generating a SNARK or STARK proof takes real computation, sometimes minutes, and specialized proving hardware has become its own small industry, with firms like Ingonyama building chips specifically to speed up proof generation. The verification side is cheap. The proving side is where the engineering difficulty and the cost still live, and that's the honest caveat behind most of the marketing.

Frankly, the reason this technology keeps showing up in unrelated headlines, Ethereum's roadmap, a biometric identity startup, a bank's compliance pilot, is that it solves a genuinely old problem: how do you trust a claim without trusting the person making it, or exposing everything behind it. That's not a crypto-specific question. It's a question every digital system eventually runs into, which is why zero-knowledge proofs are likely to keep spreading well past the chains that popularized them.

Also read: What Is MCP, the Model Context Protocol Powering AI Agents NowHow Your Onchain Credit Score Could Replace a Bank Loan OfficerWhat Is a Yield-Bearing Stablecoin and How It Actually Pays You

TOPICS
Julian Lim is an entrepreneur, technology writer, and a researcher. He started JL Data Analysis after graduating from NUS in Intelligent Systems. Julian writes about technology innovations and entrepreneurship on Business Times, Asia Pacific Magazine and occasionally contributes to Startup Fortune.
Related Articles
More posts →
Loading next article…
You're all caught up