You can make a proof for the statement "I know a secret number such that if you take the word ‘cow', add the number to the end, and SHA256 hash it 100 million times, the output starts with 0x57d00485aa". The verifier can verify the proof far more quickly than it would take for them to run 100 million hashes themselves, and the proof would also not reveal what the secret number is.

In the context of blockchains, this has 2 very powerful applications: Perhaps the most powerful cryptographic technology to come out of the last decade is general-purpose succinct zero knowledge proofs, usually called zk-SNARKs ("zero knowledge succinct arguments of knowledge"). A zk-SNARK allows you to generate a proof that some computation has some particular output, in such a way that the proof can be verified extremely quickly even if the underlying computation takes a very long time to run. The "ZK" part adds an additional feature: the proof can keep some of the inputs to the computation hidden.

You can make a proof for the statement "I know a secret number such that if you take the word ‘cow', add the number to the end, and SHA256 hash it 100 million times, the output starts with 0x57d00485aa". The verifier can verify the proof far more quickly than it would take for them to run 100 million hashes themselves, and the proof would also not reveal what the secret number is.

In the context of blockchains, this has two very powerful applications:

1. Scalability: if a block takes a long time to verify, one person can verify it and generate a proof, and everyone else can just quickly verify the proof instead
2. Privacy: you can prove that you have the right to transfer some asset (you received it, and you didn't already transfer it) without revealing the link to which asset you received. This ensures security without unduly leaking information about who is transacting with whom to the public.

But zk-SNARKs are quite complex; indeed, as recently as in 2014-17 they were still frequently called "moon math". The good news is that since then, the protocols have become simpler and our understanding of them has become much better. This post will try to explain how ZK-SNARKs work, in a way that should be understandable to someone with a medium level of understanding of mathematics.

Why ZK-SNARKs "should" be hard

Let us take the example that we started with: we have a number (we can encode "cow" followed by the secret input as an integer), we take the SHA256 hash of that number, then we do that again another 99,999,999 times, we get the output, and we check what its starting digits are. This is a huge computation.

A "succinct" proof is one where both the size of the proof and the time required to verify it grow much more slowly than the computation to be verified. If we want a "succinct" proof, we cannot require the verifier to do some work per round of hashing (because then the verification time would be proportional to the computation). Instead, the verifier must somehow check the whole computation without peeking into each individual piece of the computation.

One natural technique is random sampling: how about we just have the verifier peek into the computation in 500 different places, check that those parts are correct, and if all 500 checks pass then assume that the rest of the computation must with high probability be fine, too?

Such a procedure could even be turned into a non-interactive proof using the Fiat-Shamir heuristic: the prover computes a Merkle root of the computation, uses the Merkle root to pseudorandomly choose 500 indices, and provides the 500 corresponding Merkle branches of the data. The key idea is that the prover does not know which branches they will need to reveal until they have already "committed to" the data. If a malicious prover tries to fudge the data after learning which indices are going to be checked, that would change the Merkle root, which would result in a new set of random indices, which would require fudging the data again... trapping the malicious prover in an endless cycle.

But unfortunately there is a fatal flaw in naively applying random sampling to spot-check a computation in this way: computation is inherently fragile. If a malicious prover flips one bit somewhere in the middle of a computation, they can make it give a completely different result, and a random sampling verifier would almost never find out.

It only takes one deliberately inserted error, that a random check would almost never catch, to make a computation give a completely incorrect result.

If tasked with the problem of coming up with a zk-SNARK protocol, many people would make their way to this point and then get stuck and give up. How can a verifier possibly check every single piece of the computation, without looking at each piece of the computation individually? There is a clever solution.

This is a YouTube video:

Transcript:

[Reporter] The Russian invasion of Ukraine.
Momentum is building for a war between Ukraine and Russia.
[Reporter] Tensions between Russia and the West
are growing rapidly.
[Reporter] President Biden considering deploying
thousands of troops to Eastern Europe.
There are now 100,000 troops
on the Eastern border of Ukraine.
Russia is setting up field hospitals on this border.
Like this is what preparation for war looks like.
A legitimate war.
Ukrainian troops are watching and waiting,
saying they are preparing for a fight.
The U.S. has ordered the families of embassy staff
to leave Ukraine.
Britain has sent all of their nonessential staff home.
And now the U.S. is sending tons of weapons and munitions
to Ukraine's army.
And we're even considering deploying
our own troops to the region.
I mean, this thing is heating up.
Meanwhile, Russia and the West have been in Geneva
and Brussels trying to talk it out,
and sort of getting nowhere.
The message is very clear.
Should Russia take further aggressive actions
against Ukraine the costs will be severe
and the consequences serious.
It's a scary, grim momentum that is unpredictable.
And the chances of miscalculation
and escalation are growing.

I want to explain what's going on here,
but I want to show you that this isn't just
typical geopolitical behavior.
Stuff that can just be explained on the map.
Instead, to understand why 100,000 troops are camped out
on Ukraine's Eastern border, ready for war,
you have to understand Russia
and how it's been cut down over the ages
from the Slavic empire that dominated this whole region
to then the Soviet Union,
which was defeated in the nineties.
And what you really have to understand here
is how that history is transposed
onto the brain of one man.
This guy, Vladimir Putin.
This is a story about regional domination
and struggles between big powers,
but really it's the story about
what Vladimir Putin really wants.
[Reporter] Russian troops moving swiftly
to take control of military bases in Crimea.
[Reporter] Russia has amassed more than 100,000 troops
and a lot of military hardware
at the border with Ukraine.

Let's dive back in.
Okay. Let's get up to speed on what's happening here.
And I'm just going to quickly give you the highlight version
of like the news that's happening,
because I want to get into the juicy part,
which is like why, the roots of all of this.
So let's go.
A few months ago, Russia started sending
more and more troops to this border.
It's this massive border between Ukraine and Russia.
They said they were doing a military exercise,
but the rest of the world was like,
"Yeah, we totally believe you Russia. Pshaw."
This was right before this big meeting
where North American and European countries
were coming together to talk about a lot
of different things, like these countries often do
in these diplomatic summits.
But soon, because of Russia's aggressive behavior
coming in and setting up 100,000 troops
on the border with Ukraine,
the entire summit turned into a whole, "WTF Russia,
what are you doing on the border of Ukraine," meeting.
Before the meeting Putin comes out and says,
"Listen, I have some demands for the West."
And everyone's like, "Okay, Russia, what are your demands?
You know, we have like, COVID19 right now.
And like, that's like surging.

So like, we don't need your like,
bluster about what your demands are."
And Putin's like, "No, here's my list of demands."
Putin's demands for the summit were this:
number one, that NATO, which is this big military alliance
between U.S., Canada, and Europe stop expanding,
meaning they don't let any new members in, okay.
So, Russia is like, "No more new members to your, like,
cool military club that I don't like.
You can't have any more members."
Number two, that NATO withdraw all of their troops
from anywhere in Eastern Europe.
Basically Putin is saying,
"I can veto any military cooperation
or troops going between countries
that have to do with Eastern Europe,
the place that used to be the Soviet Union."
Okay, and number three, Putin demands that America vow
not to protect its allies in Eastern Europe
with nuclear weapons.
"LOL," said all of the other countries,
"You're literally nuts, Vladimir Putin.
Like these are the most ridiculous demands, ever."
But there he is, Putin, with these demands.
These very, very aggressive demands.
And he sort of is implying that if his demands aren't met,
he's going to invade Ukraine.
I mean, it doesn't work like this.
This is not how international relations work.
You don't just show up and say like,
"I'm not gonna allow other countries to join your alliance
because it makes me feel uncomfortable."
But what I love about this list of demands
from Vladimir Putin for this summit
is that it gives us a clue
on what Vladimir Putin really wants.

What he's after here.
You read them closely and you can grasp his intentions.
But to grasp those intentions
you have to understand what NATO is.
and what Russia and Ukraine used to be.
(dramatic music)
Okay, so a while back I made this video
about why Russia is so damn big,
where I explain how modern day Russia started here in Kiev,
which is actually modern day Ukraine.
In other words, modern day Russia, as we know it,
has its original roots in Ukraine.
These places grew up together
and they eventually became a part
of the same mega empire called the Soviet Union.
They were deeply intertwined,
not just in their history and their culture,
but also in their economy and their politics.
So it's after World War II,
it's like the '50s, '60s, '70s, and NATO was formed,
the North Atlantic Treaty Organization.
This was a military alliance between all of these countries,
that was meant to sort of deter the Soviet Union
from expanding and taking over the world.
But as we all know, the Soviet Union,
which was Russia and all of these other countries,
collapsed in 1991.
And all of these Soviet republics,
including Ukraine, became independent,
meaning they were not now a part
of one big block of countries anymore.
But just because the border's all split up,
it doesn't mean that these cultural ties actually broke.
Like for example, the Soviet leader at the time
of the collapse of the Soviet Union, this guy, Gorbachev,
he was the son of a Ukrainian mother and a Russian father.
Like he grew up with his mother singing him
Ukrainian folk songs.

In his mind, Ukraine and Russia were like one thing.
So there was a major reluctance to accept Ukraine
as a separate thing from Russia.
In so many ways, they are one.
There was another Russian at the time
who did not accept this new division.
This young intelligence officer, Vladimir Putin,
who was starting to rise up in the ranks
of postSoviet Russia.
There's this amazing quote from 2005
where Putin is giving this stateoftheunionlike address,
where Putin declares the collapse of the Soviet Union,
quote, "The greatest catastrophe of the 20th century.
And as for the Russian people, it became a genuine tragedy.
Tens of millions of fellow citizens and countrymen
found themselves beyond the fringes of Russian territory."
Do you see how he frames this?
The Soviet Union were all one people in his mind.
And after it collapsed, all of these people
who are a part of the motherland were now outside
of the fringes or the boundaries of Russian territory.
First off, fact check.
Greatest catastrophe of the 20th century?
Like, do you remember what else happened
in the 20th century, Vladimir?
(ominous music)

Putin's worry about the collapse of this one people
starts to get way worse when the West, his enemy,
starts showing up to his neighborhood
to all these exSoviet countries that are now independent.
The West starts selling their ideology
of democracy and capitalism and inviting them
to join their military alliance called NATO.
And guess what?
These countries are totally buying it.
All these exSoviet countries are now joining NATO.
And some of them, the EU.
And Putin is hating this.
He's like not only did the Soviet Union divide
and all of these people are now outside
of the Russia motherland,
but now they're being persuaded by the West
to join their military alliance.
This is terrible news.
Over the years, this continues to happen,
while Putin himself starts to chip away
at Russian institutions, making them weaker and weaker.
He's silencing his rivals
and he's consolidating power in himself.
(triumphant music)

And in the past few years,
he's effectively silenced anyone who can challenge him;
any institution, any court,
or any political rival have all been silenced.
It's been decades since the Soviet Union fell,
but as Putin gains more power,
he still sees the region through the lens
of the old Cold War, Soviet, Slavic empire view.
He sees this region as one big block
that has been torn apart by outside forces.
"The greatest catastrophe of the 20th century."
And the worst situation of all of these,
according to Putin, is Ukraine,
which was like the gem of the Soviet Union.
There was tons of cultural heritage.
Again, Russia sort of started in Ukraine,
not to mention it was a very populous
and industrious, resourcerich place.
And over the years Ukraine has been drifting west.
It hasn't joined NATO yet, but more and more,
it's been electing proWestern presidents.
It's been flirting with membership in NATO.
It's becoming less and less attached
to the Russian heritage that Putin so adores.
And more than half of Ukrainians say
that they'd be down to join the EU.
64% of them say that it would be cool joining NATO.
But Putin can't handle this. He is in total denial.
Like an exboyfriend who handle his exgirlfriend
starting to date someone else,
Putin can't let Ukraine go.
He won't let go.

So for the past decade,
he's been trying to keep the West out
and bring Ukraine back into the motherland of Russia.
This usually takes the form of Putin sending
secret soldiers from Russia into Ukraine
to help the people in Ukraine who want to like separate
from Ukraine and join Russia.
It also takes the form of, oh yeah,
stealing entire parts of Ukraine for Russia.
Russian troops moving swiftly to take control
of military bases in Crimea.
Like in 2014, Putin just did this.
To what America is officially calling
a Russian invasion of Ukraine.
He went down and just snatched this bit of Ukraine
and folded it into Russia.
So you're starting to see what's going on here.
Putin's life's work is to salvage what he calls
the greatest catastrophe of the 20th century,
the division and the separation
of the Soviet republics from Russia.
So let's get to present day. It's 2022.
Putin is at it again.
And honestly, if you really want to understand
the mind of Vladimir Putin and his whole view on this,
you have to read this.
"On the History of Unity of Russians and Ukrainians,"
by Vladimir Putin.
A blog post that kind of sounds
like a ninth grade history essay.
In this essay, Vladimir Putin argues
that Russia and Ukraine are one people.
He calls them essentially the same historical
and spiritual space.

Kind of beautiful writing, honestly.
Anyway, he argues that the division
between the two countries is due to quote,
"a deliberate effort by those forces
that have always sought to undermine our unity."
And that the formula they use, these outside forces,
is a classic one: divide and rule.
And then he launches into this super indepth,
like 10page argument, as to every single historical beat
of Ukraine and Russia's history
to make this argument that like,
this is one people and the division is totally because
of outside powers, i.e. the West.
Okay, but listen, there's this moment
at the end of the post,
that actually kind of hit me in a big way.
He says this, "Just have a look at Austria and Germany,
or the U.S. and Canada, how they live next to each other.
Close in ethnic composition, culture,
and in fact, sharing one language,
they remain sovereign states with their own interests,
with their own foreign policy.
But this does not prevent them
from the closest integration or allied relations.
They have very conditional, transparent borders.
And when crossing them citizens feel at home.
They create families, study, work, do business.
Incidentally, so do millions of those born in Ukraine
who now live in Russia.
We see them as our own close people."
I mean, listen, like,
I'm not in support of what Putin is doing,
but like that, it's like a pretty solid like analogy.
If China suddenly showed up and started like
coaxing Canada into being a part of its alliance,
I would be a little bit like, "What's going on here?"
That's what Putin feels.
And so I kind of get what he means there.
There's a deep heritage and connection between these people.
And he's seen that falter and dissolve
and he doesn't like it.
He clearly genuinely feels a brotherhood
and this deep heritage connection
with the people of Ukraine.
Okay, okay, okay, okay. Putin, I get it.
Your essay is compelling there at the end.
You're clearly very smart and wellread.
But this does not justify what you've been up to. Okay?
It doesn't justify sending 100,000 troops to the border
or sending cyber soldiers to sabotage
the Ukrainian government, or annexing territory,
fueling a conflict that has killed
tens of thousands of people in Eastern Ukraine.
No. Okay.

No matter how much affection you feel for Ukrainian heritage
and its connection to Russia, this is not okay.
Again, it's like the boyfriend
who genuinely loves his girlfriend.
They had a great relationship,
but they broke up and she's free to see whomever she wants.
But Putin is not ready to let go.
[Man In Blue Shirt] What the hell's wrong with you?
I love you, Jessica.
What the hell is wrong with you?
Dude, don't fucking touch me.
I love you. Worldstar!
What is wrong with you? Just stop!
Putin has constructed his own reality here.
One in which Ukraine is actually being controlled
by shadowy Western forces
who are holding the people of Ukraine hostage.
And if that he invades, it will be a swift victory
because Ukrainians will accept him with open arms.
The great liberator.
(triumphant music)

Like, this guy's a total romantic.
He's a history buff and a romantic.
And he has a hill to die on here.
And it is liberating the people
who have been taken from the Russian motherland.
Kind of like the abusive boyfriend, who's like,
"She actually really loves me,
but it's her annoying friends
who were planting all these ideas in her head.
That's why she broke up with me."
And it's like, "No, dude, she's over you."
[Man In Blue Shirt] What the hell is wrong with you?
I love you, Jessica.
I mean, maybe this video should be called
Putin is just like your abusive exboyfriend.
[Man In Blue Shirt] What the hell is wrong with you?
I love you, Jessica!
Worldstar! What's wrong with you?
Okay. So where does this leave us?
It's 2022, Putin is showing up to these meetings in Europe
to tell them where he stands.
He says, "NATO, you cannot expand anymore. No new members.
And you need to withdraw all your troops
from Eastern Europe, my neighborhood."
He knows these demands will never be accepted
because they're ludicrous.
But what he's doing is showing a false effort to say,
"Well, we tried to negotiate with the West,
but they didn't want to."
Hence giving a little bit more justification
to a Russian invasion.
So will Russia invade? Is there war coming?
Maybe; it's impossible to know
because it's all inside of the head of this guy.
But, if I were to make the best argument
that war is not coming tomorrow,
I would look at a few things.
Number one, war in Ukraine would be incredibly costly
for Vladimir Putin.
Russia has a far superior army to Ukraine's,
but still, Ukraine has a very good army
that is supported by the West
and would give Putin a pretty bad bloody nose
in any invasion.

Controlling territory in Ukraine would be very hard.
Ukraine is a giant country.
They would fight back and it would be very hard
to actually conquer and take over territory.
Another major point here is that if Russia invades Ukraine,
this gives NATO new purpose.
If you remember, NATO was created because of the Cold War,
because the Soviet Union was big and nuclear powered.
Once the Soviet Union fell,
NATO sort of has been looking for a new purpose
over the past couple of decades.
If Russia invades Ukraine,
NATO suddenly has a brand new purpose to unite
and to invest in becoming more powerful than ever.
Putin knows that.
And it would be very bad news for him if that happened.
But most importantly, perhaps the easiest clue
for me to believe that war isn't coming tomorrow
is the Russian propaganda machine
is not preparing the Russian people for an invasion.
In 2014, when Russia was about to invade
and take over Crimea, this part of Ukraine,
there was a barrage of state propaganda
that prepared the Russian people
that this was a justified attack.
So when it happened, it wasn't a surprise
and it felt very normal.

That isn't happening right now in Russia.
At least for now. It may start happening tomorrow.
But for now, I think Putin is showing up to the border,
flexing his muscles and showing the West that he is earnest.
I'm not sure that he's going to invade tomorrow,
but he very well could.
I mean, read the guy's blog post
and you'll realize that he is a romantic about this.
He is incredibly idealistic about the glory days
of the Slavic empires, and he wants to get it back.
So there is dangerous momentum towards war.
And the way war works is even a small little, like, fight,
can turn into the other guy
doing something bigger and crazier.
And then the other person has to respond
with something a little bit bigger.
That's called escalation.
And there's not really a ceiling
to how much that momentum can spin out of control.
That is why it's so scary when two nuclear countries
go to war with each other,
because there's kind of no ceiling.
So yeah, it's dangerous. This is scary.
I'm not sure what happens next here,
but the best we can do is keep an eye on this.
At least for now, we better understand
what Putin really wants out of all of this.

Thanks for watching.