Opinion: Zero-knowledge proofs are not the right solution for DeFi

Author: DARREN KLEINE, blockworks Compiler: Shan Ouba, Golden Finance

Many teams are working to achieve zero-knowledge DeFi, but they are all dealing with the same basic logic.

In a recent Lightspeed podcast, Multicoin Capital’s Kyle Samani expressed his confidence that zero-knowledge proofs are not the right solution to privacy concerns in DeFi. He believes that zero-knowledge proofs have their uses in other fields, but they may not be applicable in DeFi. **

Zero-knowledge proofs can be used to prove someone's age to purchase alcohol without revealing other personal details. This is an effective application scenario for zero-knowledge proofs, which can preserve privacy and prove certain facts.

However, if the goal of DeFi is privacy, zero-knowledge proofs are not an appropriate solution. In DeFi, the concept of "shared state" needs to be considered, that is, when conducting financial transactions, mathematical operations are performed among various participants and zero-knowledge transactions are committed. The concept of global state does not exist in DeFi, which makes it impossible to reason about the global state, making zero-knowledge proofs ineffective in DeFi.

Kyle Samani gave an example to illustrate this point. In DeFi, there are limited partner pools and limit orders, and transactions and interactions will occur between different people. Since there is no concept of global state, it is impossible to reason about the state of the entire system. Therefore, he believes that zero-knowledge proofs are not suitable for solving privacy issues in DeFi. In DeFi, a solution that can handle shared state and global state reasoning is needed, and zero-knowledge proof cannot provide such a function.

Top-down reasoning

In his argument for explaining the inapplicability of zero-knowledge (ZK) proofs in DeFi, Kyle Samani presented a basic premise using zcash (ZEC) as an example. With zcash, the proof of any transaction shows that a series of unspent transaction outputs (UTXOs) have been sent to a series of "encrypted blobs" of private addresses.

As an example, he said: "The total number of UTXOs I have received is less than the number of UTXOs I have sent, including the current transaction." In this case, the transaction proof can only show that the user's balance is greater than zero, but cannot provide more specific details.

Although the circulation of zcash could theoretically never exceed 21 million because it has the same supply constraints as a bitcoin fork, due to its privacy-based design, the supply cannot be audited. This also means that the system cannot be audited from top to bottom to determine whether the total supply of zcash is still fixed at 21 million. There was actually a potentially catastrophic bug with zcash that was reported and fixed in 2019.

Kyle Samani linked the incident to attempts to implement zero-knowledge solutions in DeFi, emphasizing that DeFi cannot achieve its goals without being able to reason about the system from the top down. He said that when everyone submits a bunch of private proofs to the chain, concepts such as collateral management and solvency in DeFi no longer work. DeFi needs a top-down perspective to work, not just a bunch of encrypted ZK transactions.

While many teams are working hard to implement a zero-knowledge SDK, he thinks they're still dealing with a very basic logic problem. He suggested that the proper way to achieve privacy in DeFi is through fully homomorphic encryption (FHE). By encrypting contracts end-to-end and applying state transitions by verifiers, the core logic of the system can be preserved, which is the right way to solve the privacy problem.

In summary, Kyle Samani highlighted why zero-knowledge proofs are not suitable in DeFi, and proposed the correct way to achieve privacy through fully homomorphic encryption. He believes that DeFi needs a top-down perspective to better realize its potential.