zkShip Me Some Merch

8 min readApr 21, 2022

I’ve had 9 different shipping addresses in the past 10 years.

My physical address is associated with so many products and entities and it’s not uncommon for me to log in to something and find an address that I haven’t lived at for years. I keep having this idea about having a pointer address that I could provide to entities and organizations. I could then update what it points to as I move.

One pointer, one address. Pointer stays the same and points to one address which can be updated in one place.

I recognize that this expects a lot of the US Postal Service (or a new entrant to the logistics space) so I’ll keep dealing with the frustration of having to maintain this information in many databases.

But I had another idea this week that feels connected (and similarly unlikely to be implemented).

Over the past year or so, I’ve been more conscious of my opsec — not good but more aware. Throughout this time I’ve also been fascinated by the concept of zero knowledge proofs and how a credential or truth can be shared with someone without supplying the information that may be safer kept personal.

How Much Do You Know About zkProofs?

Personally, I’ve watched this video and that’s about it.

I’ll just copy pasta what I said in my last article…

I don’t know if this is technically accurate… Consider this non-technical writing about technical concepts — I am attempting to explore potential paths forward and their implications.
Feel free to roast me on Twitter for not knowing anything!

What Is This?

Remember the blockchains for shipping logistics? The private chains that would track where products were and store them on a blockchain?

Yeah, that’s not this. But those ideas from 2017 came up in one of my chats this week along with some other silly ideas about tokenizing cool crypto merch and fractionalizing. This is also not about that though.

This is about how to get crypto merch from my online friends without having to share my personal address.

The thought is what if I could supply a hash to my frens that would allow them to put something in the mail without me telling them where I live.

What if I could maintain a single public address pointer that I use with highly trusted (or regularly trusted) parties such as my employer, the government, Amazon, etc.

What if I could generate hashes of that pointer that I can provide to others who want to ship me something without letting them know what my physical address is or what my pointer is?

Reminds me of how Bitcoin generates a new address each time but how you can still use the old addresses if needed — everything goes to the same place.

What is a zkProof?

I’m going to go back to the video that I linked at the top and break it down for myself so that I can better understand if my idea makes any sense in this context under a bit of self-scrutiny.

Initially, Dr. Sahai tells the viewer that there is a puffin amongst all of the penguins. Similar to my issue with my personal shipping address, Dr. Sahai does not want to tell the viewer where the information is. He wants to prove the existence of the puffin in the photo without providing the puffin’s context in the photo.

By laying a viewing board over the photo with a small hole placed over the puffin, Dr. Sahai is able to prove the existence of the puffin without showing where the puffin is.

Alright, that’s the child explanation. Let’s go to the teenager level.

Here, Dr. Sahai describes a zkProof as a way for a prover to convince a verifier to prove that something is true without giving away anything about why it is true. The demonstration is performed with a combination safe that has a slot at the top where a verifier can input information.

Dr. Sahai wants to prove that he knows the combination to the safe without letting the verifier know how to unlock the safe. He asks the verifier to write a secret on a piece of paper and to drop it through the slot. If he is able to open the safe and re-produce the secret to the verifier, he has proved his knowledge of the combination.

So nowhere in this interaction did you see any information that you didn’t already know. And yet I convinced you that I know the combination.

On to the college student explanation.

In this demonstration, Dr. Sahai uses map three coloring as an example of an NP-complete problem. Each space in the map must not border another space with the same color. He suggests that he can create a proof of information (in this case a 0.2 BTC balance) if and only if he can provide a mapping that meets the three color map problem.

He then goes on to show how he can use proofs within this type of problem to prove his ability to create a valid mapping without giving away all of the information regarding all of the colors.

He allows the verifier to check only two spaces, asks the verifier to turn around, adjusts the colors in the envelopes, and allows the verifier to choose two spaces again. He suggests that by performing this action thousands of times, we can trust that the map meetings the three color conditions without needing to see all of the spaces at once.

Interestingly, throughout the teenage and college student explanations, Dr. Sahai discusses the importance of building trust over time. As each action takes place showing more knowledge more trust is built without showing the secret information.

Now is where I’m going to get truly lost. There are two more demonstrations, one with a graduate student studying cryptography and one with an expert.

Let’s do our (my) best…

Here we start to talk about multi-party computation and more about how to prove honest behavior without revealing secrets involved with that behavior.

Randomness is also introduced — approaching the concept of “proof” from another direction — enabling proof through a seemingly counterintuitive method. The graduate student identifies the prover as the main bottleneck in the efficiency of zk. Dr. Sahai dives into the problem and capability of bringing distrustful parties together to prove truths in multi-party computation.

No demonstration in this one, so on to the expert.

They didn’t say zero information proof or zero data proof! Cleary there is data there! So can’t be zero data…

Now we introduce some distinctions between Knowledge, Information, and Data as well as recognizing the non-interactive nature of zkProofs that goes along with verifiability.

Dr. Sahai and Dr. Teng discuss zk at a high level and talk about the distinction between the math and the application of that math — they talk about finding hard problems and about the difficulty introduced by the specter of quantum computing.

I’m not worried about quantum computing yet personally — but I am curious where my problem falls on the spectrum of difficulty and implementability.

Amongst all of these conversations, the demonstrations are the most helpful to me to understand what a zero knowledge proof is and the conversations with the graduate student and expert provide some framing and fuel for more research.

What is a zero knowledge proof?

A way for a prover to demonstrate knowledge to a verifier without giving the verifier new information.

What should we look at next?

Verifiers
Provers
Multi-Party Computing
Knowledge
Information
Data

Wait, What About The Address Thing?

Let’s swing back to the idea of providing information to a friend so that they can ship me something without knowing my address. How has the above breakdown informed that problem and idea?

In this case, who is the prover and who is the verifier?

I don’t need to prove my address to my friend. If they ship to the wrong place, that’s on me. My friend doesn’t need to prove my address to the logistics provider, right?

Back to research…

What are Zero Knowledge Proofs?

Zero-Knowledge Proofs (ZKPs) allow data to be verified without revealing that data.

towardsdatascience.com

Each transaction has a ‘verifier’ and a ‘prover’. In a transaction using ZKPs, the prover attempts to prove something to the verifier without telling the verifier anything else about that thing.
By providing the final output, the prover proves that they are able to compute something without revealing the input or the computational process. Meanwhile, the verifier only learns about the output.

Shaan Ray also helped me finally understand that ZK-SNARK stands for something and isn’t just a cool brand name (you learn something everyday).

Zero-Knowledge Succinct Non-interactive ARguments of Knowledge (Zk-SNARKs, a type of non-interactive ZKP) are Zero-Knowledge because they don’t reveal any knowledge to the verifier, succinct because the proof can be verified quickly, non interactive because repeated interaction is not required between prover and verifier and arguments of knowledge because they present sound proof.

ZK: we’ve covered
S: Succint, quick
NARK: Non-interactive due to sound arguments

Is this a Zero Knowledge Proof?!

I really don’t know.

I want to provide my friend with information that allows them to get a physical good to me without them knowing my address.

I could provide them the hash to include in a shipment to a forwarder who has privileged access to a function to reverse the hash and find the pointer or true address. The forwarder is then able to send the goods to the address in their privileged database and I can receive my goods without telling my friend what my address is.

As I look into zk more, I continue to find theoretical examples with simple demonstrations. The concept of a zero knowledge proof makes sense but I’m still struggling to understand real world applications — particularly those that cross into meatspace.

If you have any examples that address this, please share them with me!