We look at zero-knowledge proofs and how they can be used with smart contracts to enable a USDC transaction triggered by an off-chain event.
One of the current challenges in blockchain is how to integrate off-chain triggers with on-chain activities without adding the requirement for third-party trust. For example, how can we—in a trustless manner—use an off-chain attestation to trigger an on-chain event? How can we trigger a transaction when a contract is signed, a driver’s license is issued, a CAPTCHA is completed, or even when a review is entered on Amazon?
Zero-knowledge proofs may be an ideal solution. They can prove that an event occurred, relay that proof to blockchain, and keep the details of the event private. In this article, we’ll look at zero-knowledge proofs and how they reinvent the concept of trustworthy transactions. We’ll also look at how they can be used in conjunction with smart contracts to enable a USDC transaction triggered by an off-chain event.
First, let’s begin with a quick primer on zero-knowledge proofs and how they work.
What are zero-knowledge proofs?
Zero-knowledge proofs (ZK proofs) are mathematical processes that allow one party (the prover) to prove to another party (the verifier) that something is true—but without revealing any of the underlying information.
For example, traditionally, a website might require that you prove your age by sending a photo of your driver's license. But by sending it, you expose all the personal data on your license. With ZK proofs, you can use algorithms to prove that you meet the age requirement, but without revealing your date of birth, name, address, or any other information.
(The underlying math and architecture of exactly how ZK proofs work can be complicated. For more background information, including several classic examples that can help you to understand how this is possible, check out this article and this video.)
ZK proofs are especially useful in Web3, where we value privacy and remove trust as often as possible. You might have seen reference to ZK proofs in crypto by way of STARKs or SNARKs (two different types of ZK proofs) or through L2s, such as Starknet or zkSync (both chains built on ZK rollups). With ZK proofs, you can prove you own a certain amount of digital tokens, prove your identity, prove you are compliant, and more, all while retaining your privacy and without revealing other information.
Let’s look at several use cases that ZK proofs enable in crypto.
How can we use ZK proofs?
ZK proofs are widely useful in Web3. For example, ZK proofs enable:
- Privacy - ZK proofs can be used to anonymize transactions on public blockchains or even create new blockchains with privacy baked in. They can also be used to prove user identity without revealing any personal details.
- Regulatory Compliance - Along with the privacy and identity above comes regulatory compliance. ZK proofs can enable the regulatory standards many protocols need while maintaining the security and privacy users desire.
- Integration - Developers can integrate services without connecting to APIs by using ZK proofs that can prove the output of a service or oracle is true.
- Cross-Chain Transactions - A protocol can be sure that a transaction actually occurred on one chain, allowing it to apply the transaction to a second chain, powering cross-chain transactions.
- Human-Made Content Verification - AI-generated content is booming. ZK proofs can allow a user to prove content is authentically human by verifying the content hash with the creator's identity.
- Attestations - ZK proofs can prove that a document (such as a passport) is authentic, that an email receipt comes from a certain company, or that a website is legitimate. (For more attestation examples, check out the Ethereum Attestation Service, an open source, public goods project for ZK proofs and attestations on Ethereum.)
- Trustless Escrows - With ZK proofs, escrow services can run on smart contracts rather than through centralized order books.
To better understand how all this might work, let’s look in detail at the last two use cases from above: how an escrow service could operate by using attested off-chain transactions to power on-chain payments.
Trustless escrows: using ZK proofs to power on-chain payments based on off-chain transactions
Let’s say we want to power an on-chain USDC payment based on an off-chain transaction—in this case, trigger an escrow service to release a payment in USDC, based on a real-world USD payment.
We can achieve this using ZK proofs and smart contracts. We’ll use a standard peer-to-peer (P2P) payment service as proof of payment (and KYC vehicle) and prove.email—an open source, smart contract, ZK proof library—to prove payment by verifying the signature on the confirmation email from the payment service.
Here’s how it might work:A user (the payer) locks some amount of USDC into a smart contract using a protocol’s website. The payer also designates who the USDC should be released to and the specifications for when it should be released. In this case, the USDC should be released when a second user (the payee) makes an off-chain payment in USD to the payer. The payee sends the off-chain USD payment, via the payment service, to the payer that meets the requirements of the escrow contract. Once the payment is complete, the payment service sends a transaction confirmation email to the payee. The confirmation email is fed into a “circuit” that generates a proof of:
- A user (the payer) locks some amount of USDC into a smart contract using a protocol’s website. The payer also designates who the USDC should be released to and the specifications for when it should be released. In this case, the USDC should be released when a second user (the payee) makes an off-chain payment in USD to the payer.
- The payee sends the off-chain USD payment, via the payment service, to the payer that meets the requirements of the escrow contract.
- Once the payment is complete, the payment service sends a transaction confirmation email to the payee.
- The confirmation email is fed into a “circuit” that generates a proof of: who made the payment, who received the payment, the USD amount, and timestamp
- A smart contract checks the proof to verify that it meets the requirements of the escrow contract. If it does, then the contract releases the USDC to the payee.
You can see this could work for many use cases, such as paying for an NFT, peer-to-peer transfers, and more.
Zero-knowledge proofs are a suitable complement to blockchain. They excel at enabling private, trustless transactions. And in conjunction with smart contracts, ZK proofs can reinvent the concept of trustworthy transactions in blockchain by combining the real-world activities of off-chain payments with the trustless world of on-chain transactions.