Zero-Knowledge Proofs: Understanding zk-STARKs and How They Work (zk-STARK V2)

Part 1: What Are Proof of Reserves and Zero-Knowledge Proofs?

1. Proof of Reserves (PoR)

Proof of Reserves (PoR) is a process where cryptocurrency exchanges demonstrate they hold sufficient assets to cover all user balances. This builds trust by proving no hidden liabilities exist. The simplest method involves publishing:

• Total user assets held by the exchange.

• A list of user balances, ensuring:

  • Total assets = Sum of individual user balances.
  • Each user’s balance is non-negative.
  • All users are included in the audit.

However, revealing balances compromises privacy. Zero-knowledge proofs (ZKPs) solve this by validating data without exposing details.

2. Zero-Knowledge Proofs (ZKPs)

ZKPs allow exchanges to prove solvency without disclosing sensitive user data. Two primary ZKP types are:

• zk-SNARKs
• zk-STARKs

We use zk-STARKs for their stronger security and minimal trust assumptions.

Part 2: How zk-STARKs Work

1. Merkle Tree Construction:

   • Hash each user account as a leaf.
   • Split balances into USD-denominated equity (assets) and debt (liabilities).
   • Example: A BTC balance of A translates to equity=A, debt=0.

2. Zero-Knowledge Proof Creation:

   • Sum Proof: Verifies correct summation of assets/debt in the Merkle tree.
   • Non-Negativity Proof: Confirms each user’s assets ≥ debts.

3. Batch Processing:

   • Divide accounts into batches (e.g., 1024 accounts per batch).
   • Use batch circuits to validate each batch’s Merkle subtree.

4. Recursive Verification:

   • Combine batch outputs via recursive circuits.
   • Ensure no overflow in totals and all proofs are valid.

Part 3: Advancements in zk-PoR V2

• 50x Faster: Completes in 3 hours (vs. 36 hours previously).
• Smaller Proofs: ~500KB (0.05% of V1’s 1.2GB).
• GPU Acceleration: 30% speed boost.
• Enhanced Clarity: Uses Plonky2 framework for cleaner code.

Part 4: Self-Verification Guide

Step-by-Step:

1. Log in to your OKX account → Navigate to Assets → Audit Report.
2. Copy your inclusion proof data (JSON format).
3. Download the 👉 zk-STARKValidator tool.
4. Run the validator with your JSON file.

5. Results:

   • ✅ "Inclusion constraint validated" = Success.
   • ❌ "Validation failed" = Error.

Part 5: Verifying Total Balances & Non-Negativity

1. Download zk-STARK sum proof data from OKX’s liability report.

2. Use the 👉 zk-STARKValidator to check:

   • Total Sum Proof: Matches claimed assets.
   • Non-Negativity: No user has negative equity.

FAQ

Q1: Why use zk-STARKs over zk-SNARKs?

A: zk-STARKs offer quantum resistance and no trusted setup.

Q2: How often are PoR audits conducted?

A: Regularly, with real-time updates for transparency.

Q3: Can I verify my balance anonymously?

A: Yes! ZKPs confirm your inclusion without revealing your data.

Explore our 👉 open-source code for technical details!