AFAIU SNARKs may be introduced into the Bitcoin protocol as a soft fork (e.g. a new segwit version number), and this would enable many new use cases, such as verifying very advanced computations that are executed off-chain, directly on the chain. Unfortunately, SNARKs are known to be computationally very expensive, or to require some level of centralized trust. How big is the scientific advancement that we need in order to get SNARKs into Bitcoin? Do we have recent significant technological discoveries that let us think that in the next 10 years it will be feasible to introduce SNARKs into Bitcoin?
Asked
Active
Viewed 23 times
1 Answers
1
SNARK is a specific implementation of a zero knowledge proof. There are lots of different implementations that try to avoid this scaling trade-off and it is likely that the ultimate solution for such a thing has not been discovered. You might look at zkSTARK or Bulletproofs for some generic zkproof models that are robust and come with their own sets of trade-offs but generally do not involve trusted setup as SNARK does. From what I understand most of the overhead here is in the size of the proof as verification tends to be fast. There are also privacy and quantum resistance concerns, IMO privacy is more relevant for now. I think the answer will lie in what is the most practical application of this and does it require a base-layer interaction or could we do all these proofs on a side-chain or l2?
Poseidon
- 599
- 2
- 20