The full technical article is available here.

## Introduction

Payment confidentiality is a property for cryptocurrencies which allows the user to hide the sender and receiver, as well as the amount of a transaction in the blockchain. ** Monero Research Lab** invented Ring Confidential Transactions, while

**uses a different approach based on recent scientific progress in the field of ‘**

*Zcash**Non-Interactive Proof systems*’:

**zk-SNARK**protocol for circuits.

Circuits are basically ‘*programs*’ which take values as inputs and result in an output value. The corresponding decisional problem is to determine whether a given assignment for the inputs and output of a specific circuit is valid. Such a problem can be *reduced *to an algebraic problem about polynomials which allows a ‘shorter’ verification and, at the same time, can hide the correct assignment from the verifier. This might sound unlikely, but we will see how it is possible.

Our aim is to illustrate the reduction of the decisional problem for circuits to an algebraic property of polynomials, which C. Reitwießner’s excellent survey zkSNARKs in a Nutshell leaves out, and to show how this reduction can be used for zk-SNARK. Please see M. Green’s blog post Zero-Knowledge-Proofs: An illustrated Primer for a good survey of Zero-Knowledge-Proof.

We will discuss the security assumptions behind **zk-SNARKs** in a future article.

Monero doesn’t use ring confidential transactions yet! Just rings 🙂

Thank you for your comment!

Thank you for your comment! Adjusted the text.

Permalink

Permalink

Permalink