Zero Knowledge in 2023

Zero-knowledge proofs (ZKPs) allow for the cryptographic proof of possession of specific data… or information without revealing the underlying data itself. If you are new to ZKPs, I recently published an article on what ZKPs are and why they’re important. Also, if you are looking for an intuitive guide to zk-SNARKs, you can find another one of my articles here.

Advancements in zk-SNARKs have exceeded expectations in the past year. Applications such as ZK-EVMs are emerging despite the general consensus that these innovations were years away. The increased capabilities of zk-SNARKs have enabled exploration of new use cases for blockchain, in particular, we are closely watching the research into using zk-SNARKs to solve many of the pressing issues posed by the increased use of machine learning and artificial intelligence.

As machine learning becomes more prevalent, it is being used in a wide range of applications. However, the trustworthiness of its predictions, and reliance on opaque data sources are becoming a major concern. The ability to reproduce models that claim to have high accuracy is difficult, and there is no guarantee of the consistency and correctness of predictions in real-world products.

This article aims to brief on why there has been a surge of interest in zk-SNARK enabled machine learning (ZK-ML) systems, and discusses some potential applications of this technology.

Why the need for ZK-ML?

When using supervised machine learning, inputs are given to a model that has already been trained with specific parameters. The model then produces an output that can be used by other systems. Thanks to lightweight machine learning frameworks and formats like ONNX, it’s now possible to run these inferences on edge devices like phones or IoT devices, rather than sending the input data to centralised servers. This improves both scalability and privacy for the users.

However, it’s important to note that it’s common to want to keep both the input and parameters of machine learning models private and hidden from public view. This is because the input data may contain sensitive information such as personal financial or biometric data, while the model parameters may also contain sensitive information such as biometric authentication parameters.

On the other hand, it’s important for downstream systems that use the output of the ML model, such as on-chain smart contracts, to be able to verify that the input was correctly processed to produce the claimed output.

The combination of machine learning and zkSNARK protocols offers a new solution that addresses these seemingly conflicting requirements.

ZK-ML Use Cases

There are many papers discussing the various ways we can use zk-SNARKs to improve our future with machine learning. The ZK-ML community have provided a very useful decision tree for us to think about the various use cases of this technology.

The decision tree is based on the intersection of two criteria: the need for privacy and computational integrity, and the use of heuristic optimization problem solved by machine learning. In other words, the decision tree is used to determine whether a use case that involves ZKML is appropriate for situations where privacy and computational integrity are important, and where heuristic optimization problems are being solved using machine learning techniques, you can find that here.

Here a few ways zk can be used to innovate on ML models:

• Privacy-preserving machine learning: zk-SNARKs can be used to train a machine learning model on private data without revealing that data to the model’s creators or users. This allows for the development of models that can be used in sensitive or regulated industries like healthcare or finance without compromising the privacy of the individuals whose data is used.
• Verifiable machine learning: zk-SNARKs can be used to prove that a machine learning model was trained on a specific dataset, or that a specific model was used to make a prediction, without revealing the details of the training data or model. This allows for increased trust in the results of machine learning models, which can be important in applications like credit scoring or medical diagnosis.
• Secure machine learning: zk-SNARKs can be used to protect the integrity of machine learning models by ensuring that the model has not been tampered with or replaced with a different model. This can be useful in applications where the model is deployed in untrusted environments, such as edge devices or public clouds.

ZKonduit (EZKL) & Possible Applications

Projects like ZKonduit, are looking to ZK-ML as the key to giving the blockchain eyes, letting smart contracts exercise judgement, one-person oracles, and generally getting data on-chain in a scalable way. The use of ZK-ML oracles offers a simpler, faster, and more efficient way to transfer off-chain data to the blockchain, greatly increasing the potential for data to be brought on-chain. ZK-ML could enable ‘smart judges’ tointerpret ambiguous events. This could open the door to an unthinkable amount of new use cases for Web3, but here are just a few that have been discussed recently:

• ZK KYC: Ability to prove that a person’s identity matches their corresponding ID, and that the ID number is not on a sanctions list. While this technology is available, it may not be accepted by regulators who currently require banks to ‘know’ their clients, not just verify they are not on a sanctions list. This is a new area for regulators and measures must be taken to prevent decentralised projects from being used by unwanted actors.
• Fraud checks: Smart contracts or abstracted accounts adds a ZK-ML fraud spam check for unusual behaviour. This means a system can be implemented to detect and prevent fraudulent or spammy behaviour by analysing patterns of activity and comparing them to known patterns of fraudulent or spammy behaviour using zero-knowledge machine learning techniques. This can help to ensure the security and integrity of the system by detecting and preventing malicious activity.
• Making DAOs Autonomous: Zk-SNARKs technology allows for the execution of complex computations in a way that preserves the privacy of the input data, making it suitable for use in situations where sensitive information needs to be protected. Machine learning algorithms can be integrated into this technology to enable more advanced decision making, assessments, and communication systems that are more efficient and accurate. These capabilities could be crucial to future internal DAO dynamics.

Conclusion

The integration of zero-knowledge proofs in AI systems can provide a new level of security and privacy for both the users and the companies that employ these systems. By enabling AI to prove the validity of its decisions without revealing the underlying data or algorithms, zero-knowledge proofs can help to mitigate the risks of data breaches and malicious attacks. Additionally, they can also help to build trust in AI systems by providing a transparent and verifiable way to demonstrate their fairness and accuracy.

As the field of AI continues to evolve and expand, the incorporation of zero-knowledge proofs will become increasingly important in ensuring the safe and responsible deployment of these powerful technologies.

From: https://medium.com/verum-capital-insights/why-ai-needs-zero-knowledge-proofs-957ec72627b9

2023年的零知识技术

零知识证明（ZKP）允许在不透露底层数据本身的情况下，对特定数据或信息的拥有进行加密证明。如果您对ZKP还不熟悉，我最近发表了一篇关于什么是零知识证明及其重要性的文章。此外，如果您正在寻找一个直观的zk-SNARKs指南，您可以在这里找到我的另一篇文章。

在过去的一年中，zk-SNARKs的进展超出了预期。尽管人们普遍认为这些创新还需要数年时间才能出现，但应用程序，如ZK-EVMs正在出现。zk-SNARKs的增强功能已经使得探索区块链的新用例成为可能，特别是我们正在密切关注使用zk-SNARKs解决由机器学习和人工智能的增加使用带来的许多紧迫问题的研究。

随着机器学习变得越来越普遍，它被用于各种应用。然而，其预测的可信度和对不透明数据源的依赖正在成为一个重大问题。复制声称具有高准确性的模型的能力很难，而在现实世界的产品中，预测的一致性和正确性也没有保证。

本文旨在简要介绍为什么对zk-SNARK启用的机器学习（ZK-ML）系统产生了浓厚的兴趣，并讨论了这种技术的一些潜在应用。

为什么需要 ZK-ML？

在使用监督式机器学习时，输入被提供给已经使用特定参数进行训练的模型。然后，该模型生成一个输出，可以被其他系统使用。由于轻量级的机器学习框架和格式（如ONNX），现在可以在边缘设备（如手机或物联网设备）上运行这些推理，而不是将输入数据发送到集中式服务器。这提高了用户的可扩展性和隐私。

然而，需要注意的是，通常希望将机器学习模型的输入和参数保持私密，并隐藏不对公众可见。这是因为输入数据可能包含敏感信息，例如个人财务或生物识别数据，而模型参数也可能包含敏感信息，例如生物识别认证参数。

另一方面，使用ML模型输出的下游系统（例如链上智能合约）需要能够验证输入是否正确处理以生成所声称的输出。

机器学习和zkSNARK协议的结合提供了一个新的解决方案，解决了这些看似相互冲突的要求。

ZK-ML 用例

有许多论文讨论了我们可以使用 zk-SNARKs 通过机器学习改善我们未来的各种方式。ZK-ML 社区为我们提供了一个非常有用的决策树来思考该技术的各种用例。

决策树基于两个标准的交集：隐私和计算完整性的需要，以及使用机器学习解决的启发式优化问题。换句话说，该决策树用于确定涉及 ZKML 的用例是否适用于隐私和计算完整性很重要的情况，以及使用机器学习技术解决启发式优化问题的情况，您可以在此处找到。

以下是 zk 可用于在 ML 模型上进行创新的几种方式：

• 隐私保护机器学习

  zk-SNARKs 可用于在私有数据上训练机器学习模型，而无需将该数据透露给模型的创建者或用户。这允许开发可用于敏感或受监管行业（如医疗保健或金融）的模型，而不会损害其数据被使用的个人的隐私。

• 可验证的机器学习

  zk-SNARKs 可用于证明机器学习模型是在特定数据集上训练的，或者是使用特定模型进行预测的，而无需透露训练数据或模型的细节。这可以增加对机器学习模型结果的信任，这在信用评分或医学诊断等应用中可能很重要。

• 安全机器学习

  zk-SNARKs 可用于通过确保模型未被篡改或替换为不同模型来保护机器学习模型的完整性。这对于将模型部署在不受信任的环境（例如边缘设备或公共云）中的应用程序非常有用。

ZKonduit (EZKL) 和可能的应用

像ZKonduit这样的项目正在将目光投向ZK-ML，将其视为给区块链赋予眼睛的关键，让智能合约行使判断，单人预言机，并以可扩展的方式将数据上链。使用ZK-ML预言机提供了一种更简单、更快速、更高效的方式，将链下数据传输到区块链，极大地增加了将数据带到链上的潜力。ZK-ML可以使“智能法官”解释模糊事件。这可能为Web3开启无法想象的大量新用例，但以下仅是最近讨论过的一些用例：

• ZK KYC

  能够证明一个人的身份与其对应的ID相匹配，并且该ID号不在制裁名单上。虽然这项技术可用，但目前要求银行“了解”他们的客户的监管机构可能不会接受它，而不仅仅是验证他们不在制裁名单上。这是监管机构的一个新领域，必须采取措施防止去中心化项目被不受欢迎的参与者使用。

• 欺诈检查

  智能合约或抽象账户为异常行为添加了 ZK-ML 欺诈垃圾邮件检查。这意味着可以实施一个系统，通过分析活动模式并将它们与使用零知识机器学习技术的已知欺诈或垃圾行为模式进行比较，来检测和防止欺诈或垃圾行为。这有助于通过检测和防止恶意活动来确保系统的安全性和完整性。

• 使 DAO 自治

  Zk-SNARKs 技术允许以保护输入数据隐私的方式执行复杂的计算，使其适用于需要保护敏感信息的情况。机器学习算法可以集成到这项技术中，以实现更高效、更准确的更高级决策、评估和通信系统。这些功能对于未来的内部 DAO 动态可能至关重要。

结论

在 AI 系统中集成零知识证明可以为用户和使用这些系统的公司提供更高级别的安全和隐私。通过使人工智能能够在不泄露底层数据或算法的情况下证明其决策的有效性，零知识证明可以帮助降低数据泄露和恶意攻击的风险。此外，它们还可以通过提供一种透明且可验证的方式来证明其公平性和准确性，从而帮助建立对人工智能系统的信任。

随着 AI 领域的不断发展和扩展，零知识证明的整合对于确保这些强大技术的安全和负责任的部署将变得越来越重要。