We are very excited to present to you The Hunting of the SNARK, a treasure hunt consisting of cryptographic challenges that will guide you through a zero-knowledge proof (ZKP) learning experience. As a reminder, Zero-Knowledge Proofs, invented decades ago , allow verifiers to validate a computation on private data by allowing a prover to generate a cryptographic proof that asserts to the correctness of the computed output. zk-SNARK, a sub-class of zero-knowledge proofs , further makes these proofs succinct and noninteractive — as needed in many applications. In these riddles, we will explore the definition of zk-SNARK and how it can be correctly used in applications. We will then look at the state-of-the-art approach to constructing zk-SNARKs. Check out our latest tech post  or our recent meetup  to get a feeling of how powerful ZKPs can be.
We have seen plenty of other great posts and articles explaining ZKPs, including an overview , detailed technical tutorials [16, 8, 9], and a video-recorded workshop . Yet, just like with all math, it is not enough to read about it, you need to practice it. At QED-it we have come up with an innovative way to learn cryptography, while at the same time understanding its implications in practice.
How it Works
Every once in a while we will publish a new challenge set, composed of several riddles, which will increase in difficulty with each new set. Every riddle is designed to teach you a new aspect of zk-SNARKs by making you discover the intricacies of the protocol and its smart design features.
If you complete the treasure hunt, you will gain an understanding of zk-SNARKs, how they work, what the security assumptions mean for the scheme and how to properly define the statements to be proven. The more difficult riddles will guide you towards generating proofs that can verify a false claim (when a security assumption is broken) and how to break some of the security assumptions, while at the same time understanding how to prevent other people from doing so. You will learn all this and much more.
If this was not enough motivation, some of the riddles will be accompanied with a prize, awarded to the first ones that solve them. With each riddle we will specify the prize and how many of them will be given.
Here are the links to the challenge sets:
- Challenge One: The Functionality of zk-SNARK
- Challenge Two: to be released…
The QED-it team wants to thank Dr. Eran Tromer, a co-author of The Hunting of the SNARK, for helping us make this treasure hunt a reality. He not only advised us in designing the riddles and perfecting the educational content, but also instantiated the details in the problems and wrote the riddle descriptions. We are happy to have him as a scientific advisor.
Sign up to our mailing list here in order to receive notifications when we release the riddles.
-  E. Ben-Sasson, A. Chiesa, C. Garman, Green, I. Miers, E. Tromer and M. Virza (2014), Zerocash: decentralized anonymous payments from Bitcoin. In Proceedings of the 2014 IEEE Symposium on Security and Privacy, SP ’14, pp. 459–474. External Links:
-  E. Ben-Sasson, A. Chiesa, D. Genkin, E. Tromer and M. Virza (2013), SNARKs for C: verifying program executions succinctly and in zero knowledge (extended version). Note: Cryptology ePrint Archive, Report 2013/507. External Links:
-  E. Ben-Sasson, A. Chiesa, D. Genkin, E. Tromer and M. Virza (2013), SNARKs for C: verifying program executions succinctly and in zero knowledge. In Proceedings of the 33rd Annual International Cryptology Conference, CRYPTO ’13, pp. 90–108.
-  E. Ben-Sasson, A. Chiesa, D. Genkin, E. Tromer and M. Virza (2013), SNARKs for C: verifying program executions succinctly and in zero knowledge. In CRYPTO ’13, pp. 90–108. Note: Extended version: .
-  E. Ben-Sasson, A. Chiesa, E. Tromer and M. Virza (2014), Succinct non-interactive zero knowledge for a von Neumann architecture. In USENIX Security 2014, pp. 781–796. External Links:
-  N. Bitansky, R. Canetti, A. Chiesa, S. Goldwasser, H. Lin, A. Rubinstein and E. Tromer, The hunting of the SNARK. Journal of Cryptology. Note: to appear. External Links:
-  (2016) BIU winter school: cryptography in the cloud — verifiable computation and special encryption. Note: workshop (with video recording). External Links:
-  V. Buterin (2017), zk-SNARKs: under the hood. Note: blog posts. External Links:
-  A. Gabizon (2017), Explaining snarks (parts i through vii). Note: blog posts. External Links:
-  R. Gennaro, C. Gentry, B. Parno and M. Raykova (2013), Quadratic span programs and succinct NIZKs without PCPs. In EUROCRYPT ’13, pp. 626–645. External Links:
-  S. Goldwasser, S. Micali and C. Rackoff (1985), The knowledge complexity of interactive proof-systems. In STOC 1985, pp. 291–304. External Links:
-  M. Green (2014), Zero knowledge proofs: an illustrated primer. Note: blog post. External Links:
-  M. Naor, Y. Naor and O. Reingold (1999), Applied kid cryptography or how to convince your children you are not cheating. In Eurocrypt ’94, pp. 1–12.
-  M. Naor(Website). External Links:
-  B. Parno, J. Howell, C. Gentry and M. Raykova (2013), Pinocchio: nearly practical verifiable computation. In IEEE Symposium on Security and Privacy, pp. 238–252. External Links:
-  C. Reitwiessner (2016), zkSNARKs in a nutshell. Note: blog post. External Links:
-  D. Benarroch and A. Zohar (2017), Trustless Computing on Private Data. Note: blog post. External Links:
-  (2017) QED-it Meetup, Prove-it, Blockchain-it: ZKP in Action. Note: Tel Aviv Meetup (with video recording). External Links: