Zero Knowledge Episode 21: Introduction to Zero Knowledge Proofs
A: Welcome to Zero Knowledge. A podcast where we explore the latest in blockchain technology and the decentralised web. The show its hosted by me, Anna.
F: And me, Fredrik.
F: Finally, an episode about zero knowledge on the Zero Knowledge podcast. Today, Anna and I sit down to talk intro to zero knowledge proofs.
A: So yea, today we’re gonna be talking about zero knowledge proofs.
F: And it’s very much an introduction because neither of us are experts. I’ve never coded up a zero knowledge proof implementation or anything. I’ve never even used a zero knowledge proof library. The greatest extent of usage I’ve had is using Zcash, so...I think we’re both noobs in this area but we’ve been reading and we’re trying to break it down to a level that you can get an intuition for it at least.
A: And we do hope you’re bear with us, we’re trying to describe a pretty complicated concept in a podcast. But we have really thought about it, I think we have some ideas on how to get this across. Cool, so do you wanna just do that? What is a zero knowledge proof?
F: Sure, it’s an area within cryptography really. It’s not a specific thing, it’s like a field of study. And really, a zero knowledge proof is a method by which a prover, like party one, a prover, can prove to another party, the verifier, that he or she knows some statement. So, they can either prove universal statements, like “there is a solution to this problem”, or they can prove some knowledge, like “I know the solution to this problem”. But at the end of the day, it’s a proof about...the resulting thing is a one-bit value. It’s a true or false. So the answer that you’re verifying it comes out as true or false, like, “I know this is true or false”. And they do this without revealing any knowledge about this, like the background, the statement. So they should be able to say “I know the solution to this problem”, and prove that they know the solution to this problem without showing the solution.
A: I also asked around, like a couple of people, to see if I can get one liners, and one was “demonstrate you know a secret without revealing it”. So, you have a secret, I wanna know that you have a secret, you can somehow prove to me that that secret exist, but I have no idea what that secret is. OK, so when we were first doing a lot of this research, for a short while, I was wondering to what we had talked about when were doing a podcast on hashing and proof of work because I know that proof of work is this concept where you get a hash which proves that work has been done, and I was like “OK, so is that potentially a form of zero knowledge proof?” I found out it isn’t, maybe you can explain why that is.
F: So the hash and proof of work does indeed prove that work has been done, but not on its own. So if you just get this hash, you have no context for what it means or why it is what it is. You don’t know what has been hashed to produce this.
A: So it proves nothing alone.
F: So it really doesn’t prove anything on its own, yea. It only proves something within the context of the block. So you need all of the knowledge of the block, so you need the full block that has been hashed and the hash so that you can rehash this block, compare it to the hash that was given and say “OK, the person actually did this work”. Because in proof of work, the simplest version of it is you change a nonce, a number, incrementing it by one all the time until you find some hash with the specific property. And the only way to verify that is to have all the data and recalculate the hash yourself, so it’s a proof but it requires full knowledge of the solution.
A: And a zero knowledge proof requires none of that, so the zero knowledge proof is a sort of result that allows you to decipher that this activity has happened without any other information; this activity or this question or this information exists without any other information.
F: The comparison I guess to proof of work would be (it’s an interesting thought, I have never seen any idea around this, I assume it doesn’t exist), but if you could have a zero knowledge proof of work it would be something that says “I have produced work for this block” without showing the block. In a blockchain you need to show the block regardless because everyone needs to have it so it’s not super useful. But there’s other things and we’ll get to that later in the podcast that makes zero knowledge proofs very useful for blockchain applications.
A: So zero knowledge proofs have become sort of...I mean first of all we actually forgot to mention this, this is the name of this podcast. It is apparently a word that in the last few years has become very, very popular, the fields of research has become...I mean, I think it’s always been there, but it seems like it’s become kinda cool or something.
F: There’s definitely is an amount of hype around it. After Zcash got launched we definitely saw an uptake in people claiming to do zero knowledge stuff but even before then I remember seeing like hack pads and various login systems that claimed to have zero knowledge identities in their systems or zero knowledge encryption of your contents and I never really knew what that would mean for the authentication system I sorta get it but...It’s been around and been a bit hyped for a while, but certainly since the launch of Zcash it’s gotten more hyped.
A: But it’s actually an older concept, it comes from the 80s. It was in 1985 that the original paper on zero knowledge proofs came out from MIT researchers Goldwasser, Micali and Rackoff. So it actually has been around for a while and obviously its introduction to crypto concepts like crypto token concepts is newer. So I think we can sorta jump in now and start exploring what a zero knowledge proof really looks like. And to do that, we've identified a couple of examples that we’ve heard used by presenters or on videos or we’ve seen them documented in papers. There’s some sort of easier to understand examples using real life objects or roles to try to explain what a zero knowledge proof is. And the first one that we’re gonna use is actually coming from a paper called “Applied Kid Cryptography. Or How to Convince your Children You’re Not Cheating”. And the example is a Where’s Waldo picture.
F: Is that a universal thing? I’m pretty sure it’s a universal thing. Like, Where’s Waldo.
A: What's it called in Swedish?
F: I don’t know, I’ve never seen a proper Where’s Waldo book when I was a kid. But we had cereal boxes that had Where’s Waldo pictures on the back of them, and I don't know if it was Waldo or if it was someone else, but it was the exact same thing. So the concept…
A: The rip off Waldo! There is a German version, I think it’s called Wo ist Walter. But anyway, Where’s Waldo, I’ll describe what it is if people don’t understand. Where’s Waldo was a very popular book series where you’d have this very intricate drawing of a ton of thousands of little people and one of those people is Waldo and he always looks exactly the same. And as a kid you’re supposed to look at this and then identify where Waldo is. But anyway, so the book is a regular kid’s book. It’s a little bit of a big book. But anyway, the zero knowledge idea or exercise here would be to have two people, one has found Waldo, the other has not found Waldo. And the person who’s found Waldo wants to prove that they’ve found Waldo without giving way where Waldo is.
F: So we have this system with a prover and a verifier. So there’s one person that wants to prove that they’ve found Waldo, the other needs to verify whether or not the prover is telling the truth and has actually found him.
A: And so, there’s a few different mechanisms that the prover can do to show that he or she has really identified where Waldo is without revealing where Waldo is. And I’ll describe two of them. So one is you get a giant piece of paper, you cut out a little hole, you hide the book underneath and it’s a big enough paper that you can’t tell where the book is and you figure out exactly where Waldo’s face is, and you kinda show it through the hole and so the verifier can look at a blank piece of paper and a little hole and see Waldo and know that you, the prover, have identified Waldo but not have any idea where Waldo is. Another example was that you would make a copy of it and then you could cut out Waldo and show that you’ve found Waldo, get rid of all the other paper and the person would know that you’ve actually found Waldo without showing where Waldo is. So this is a very, very basic example of an interactive zero knowledge proof. Our next example is gonna be a far more common example. Well, it’s a kinda a variation on a very common example. There’s an example called the billiard balls, and I’ll have one billiard ball of one colour and one of another. We decided to switch it, we’re gonna call it “Red Pill, Blue Pill”. Let’s try to do this, Fredrik. We’re actually gonna play the roles here, one of prover and one of verifier.
F: Alright. Am I proving?
A: Who’s the colour blind one?
F: The verifier.
A: I think I wanna be the verifier.
F: Alright. So the scenarios here is one of us...so I am not colour blind, and Anna is colour blind and I want to prove to her that I am not colour blind.
A: Actually, don’t you wanna prove to me that the pills are different colours?
F: That’s the same thing.
A: OK. So we have two pills, a red pill and a blue pill. Because of the nature of it, we’ll pretend we’re in a rave in the Matrix, and one pill goes up and one pill goes down, but I wanna take two pills that will leave me right in the middle. We need to have basically...I will take both pills if possible as long as they’re different. But I’m colour blind and they look exactly the same to me. So, Fredrik, how can you prove to me that they’re actually different colours?
F: So I would ask you to put one pill in each hand, put them behind your back and then either shuffle them or don’t shuffle them, but do it in a way...I can’t see whether or not you’re shuffling or not shuffling, it’s only a thing that you keep track of in your own head, if you shuffled or not shuffled.
A: So I always know that red pill’s in my left hand, the blue pill’s in my right hand, and I can switch them.
F: You don’t know which is in which hand.
A: True. To me, there’s two purple pills in my hands, but I do know if I’ve switched it or not.
F: Yea, so I ask you to either switch them or not switch them, and then bring them out and show them to me. And I’ll say “yes, you switched them”. Because I can see the colours, clearly, I can see whether or not you switched them because it’s super obvious to me that they’re in the same place or they’re not, and so now I say “yes, you’ve switched them”.
A: But with only one example you could be lucky. Say they weren’t different colours, you say “switch”, and I actually switch them, you happen to be right. But now if you redo this, if you again put the pills behind my back, I switch them again, pull them out, if you were able to correctly call each time I switch or don’t switch, then I can know that you’re telling the truth.
F: So on the first attempt, I would have a 50:50 chance of guessing the right answer, and then the probability goes down maybe after ten guesses, it’s unlikely that I’d guess correctly ten times in a row. But after a hundred times or a thousand times or a million times, surely I know for sure that they’re different colours, and which colour is which.
A: And I can then trust that you have in fact been telling the truth, that there are two pills with two different colours.
F: And it’s zero knowledge because I don’t have to actually tell you which colour is which. The only information I reveal is whether or not you have switched them, which you already know, so I don’t actually have to tell you anything about their colours and there’s no information exchange other than the fact you now know that I can see them as different colours.
A: Maybe we can use this example to talk a little a bit about the features of zero knowledge proofs because those are quite well defined. So in this example, in all zero knowledge examples, you should be able to prove three main things.
F: This is the definition of a zero knowledge proof, is these three properties.
A: Zero knowledge proof must have soundness, completeness and zero knowledgeness, which is a real word!
F: I’m not sure if a field like in academia, or something, makes up a word, does that make it a real word, or is it a made up word still?
A: It’s on Wikipedia! OK, so how is this sound? So, the definition of soundness is if the statement is false no cheating prover could convince the honest verifier that it is true, except with some small probability.
F: Put more simply: only if it is true will I be able to prove that it’s true. So basically, I can’t construct a proof that lies.
A: And like in this example, because Fredrik was correct each time, basically it would have been impossible...
F: If I was lying and was actually colour blind, I would guess wrongly at some point.
A: Exactly.
F: So there is this probability aspect of it. There is to my knowledge...I dunno if there can be a zero knowledge proof that doesn’t have a probability aspect to it.
A: I think that this is clear here, cos it says “except for some small probability”.
F: So essentially, in this example, we only know with some probability, like the probability gets smaller and smaller the more tests we do, but you can choose your...how comfortable you are with what probability.
A: So the next feature that’s mentioned was completeness. “If the statement is true, the honest verifier will be convinced by this fact by an honest prover”.
F: So the way I would kinda think about this, and it sounds very similar to the previous one because it actually kinda is, but only if I have the knowledge will I be able to prove it. So, in the previous one, I said “only if it’s true, will I be able to prove it” and now it’s like “only if I have that knowledge will be able to prove it”. So I can’t prove something, even if it exists, even if it is true, but I don’t know it, I can’t prove it. So in the blue pill, red pill example, I have that knowledge of which colour is which, but maybe if I could see colour, but wasn’t looking at the situation I still couldn’t construct a proof, even if the property that lets me construct a proof exists, but I don’t have the knowledge, I can’t construct it. So soundness is sorta prover can’t cheat and completeness is that the verifier will be convinced by an honest prover.
A: And the last of the three core features, so we’ve covered soundness and completeness, so it’s zero knowledge-y-ness. It’s spelt different ways! Zero knowledgeness is “if the statement is true, no verifier learns anything other than the fact that the statement is true”. And so actually in this case, I didn’t know which one was red or which one was blue, I only knew that they were different.
F: Yea, so the statement that we’re proving in this example is that they are different. It’s not “this is blue or this is red”, that might not be information that I want to divulge, so it’s the only thing I’m proving and I’m not giving you any more information than that. So that’s the zero knowledgeness. Zero knowledgeness actually means that you’re giving one bit of information. So it’s not zero bits, because that would be completely useless, it means that you don’t give more than one bit of information.
A: This is interesting too, because I think zero knowledgeness also covers the fact that third party or someone, every verifier, anyone else (is this true?) could actually also somehow verify it.
F: Yea, so we’ll get to this but, there’s interactive and non-interactive proofs. In an interactive proof, it’s two parties playing a role and talking to each other, in a non-interactive proof, you could publish this proof and anyone could verify it without gaining any information. So certainly the zero knowledgeness is an inherent property of zero knowledge proofs, but it also means that you can construct proofs that you can distribute freely without sharing information.
A: So we’re gonna give one more example in a bit more detail where we can actually show a non-interactive. This is a bit more complicated, but I think it’s a really good one. And will be sharing some links in the show notes for this episode because sometimes it is really good to also look at the visuals. So, Fredrik do you wanna go ahead with sudoku, non-interactive example?
F: This example is useful to bring up because it’s an example of a non-interactive proof. So I said interactiveness mean that there are two parties that need to talk to each other. There’s sort of a challenge-response mechanism going on. Any zero knowledge proof, we always need this challenge-response mechanism, but we can sort of generate challenges and then reply with all the responses at once, and then the verifier can just take all this data and then verify it on their own. So that’s what a non-interactive zero knowledge proof is. So the sudoku example is...I will assume that everyone knows how sudoku works, but there’s rows, there’s columns and there’s sections. So in each section, so in a solved sudoku puzzle, each row is numbers one through nine, each column is numbers one through nine and each section is numbers one through nine. And you want to prove that you have a solution to this puzzle, but you don’t want to give the solution away, like maybe you want to sell the solution or something. And so what you can do is you take cards with numbers on them, one through nine, you need 243 of these cards, that’s nine times nine times three, because there’s three categories, there’s rows, columns and sections. So on each square you either know the value (it’s printed on the puzzle) or you don’t. And for the known ones, you put that number three times three of that card on top. For the other numbers, you put the cards face down. And then to construct the proof that you have a solution, you take the top card from all of the rows, construct nine piles of cards from them, you take…
A: So you have nine rows, all the rows have piles, and each one of those piles will have the number one through nine.
F: So then you take all of the columns, the top card from every square in the column, create nine piles of cards out of them and then you create nine piles of cards with the last ones remaining from each section. So you have 27 piles and you shuffle each of these piles and then you send them all to the verifier. Now the verifier...
A: But you keep all of these separate, so you’re keeping each row, nine cards, you can shuffle them, so the order’s totally out of whack, but it’s still nine cards.
F: Exactly. Each pile is shuffled, but then you send them “here’s row one pile, here’s row two pile, here’s column one pile, here’s section one pile” etc. So they can go through each of these piles in turn and look through them and they’ll only see numbers...if the solution is correct, they’ll find the numbers one through nine in each pile. And then after having gone through all the piles and verified that the numbers one through nine are in each of the piles, they can be assured that I actually had the solution to this.
A: And this is a non-interactive proof because anyone, any third party person who wasn’t even witness to the sharing of this information at all, or the cards or anything, can come and look at those piles and see the same thing and be able to verify the same thing.
F: So to verify this, you need to have some trust that the prover has followed this protocol, that they’re not just putting piles together.
A: Nine cards next to an empty sudoku!
F: So that’s where the zero knowledge proof bits gets difficult, like how do you prove that someone is following this protocol? And in this case there’s, we can’t go in to detail, but you could have some commit schemes where you basically tag each of these cards with some identifier, and then pre-commit to saying “it should be in this order”, and then you hash that and you share that as well. There’s a way that you could cryptographically secure that they’re following the protocol, so they need that along with the piles to be assured that they’re not lying.
A: And that’s where the hash comes back in.
F: Yea, hashes are kinda everywhere in cryptography and they’re a very important part of our world.
A: I love this example, but I have this one question which is why would you have any cards face up or face down if in the end you’re getting piles of cards one through nine all shuffled? So I just don’t understand why that is a part of this.
F: So I think that’s part of the proof that someone is actually following the protocol in how you deal with these commit schemes, but essentially if you imagine this as an interactive protocol where there’s the person you want to prove you have the solution to standing next to you, you place the face up card to prove that you have the solution to the puzzle that they gave you, that it’s not just a solution to any random puzzle, because any random puzzle would produce the same outcome. So the face up ones are important to show that you’re solving this particular puzzle. As I said, the sudoku example actually has an interactive and a non-interactive version and that’s usually the case. If you’re reading online about zero knowledge proofs, you’ll very often come across these interactive examples because that’s the easiest way to explain these things and it’s how they first were developed. So once you start digging in to this a little bit deeper, but still scratching the surface, you’ll dig in to this problem of graph colouring and transforming problems onto graph colouring problems and how you can construct zero knowledge proofs for that etc. In some time in the 80s there was a method developed that let you transform interactive proofs into non-interactive proofs, so by having cryptographically secure hash function, you basically use a hash function to generate randomness or to create or pick challenges in this protocol, so you still have this interactive aspect but you’re generating challenges by yourself on your own side. So then you send all of the challenges and all of the responses at the same time to the verifier and this is how, if you published that, then anyone can verify it, not just the one that was interacting.
A: Which role here though is the hash function actually taking? This is the input information, so this is...maybe let’s go back to one of the examples. On the sudoku one, the hash would produce basically random numbers or what would it be…?
F: Yea, so in the interactive version of the sudoku one, you have...like if Alice and Bob are standing next to each other, and Alice is trying to prove that she has the solution, Bob will go “give me the third row, give me the fourth column, give me the first section” and in between all of these Alice would replace all the cards. But if you don’t wanna do this, you could take all of the cards and their positions and everything, hash that, then you get a number out of that, you transform that number onto the board saying “numbers between one and nine are sections, numbers after that blah blah blah”, and then you can use the output of this hash function to choose your first challenge and then you respond, you hash the response, then you get a new pseudo-random number, use that as the challenge for the next input and so on, and eventually you’ll have a long challenge response cycle that you can send off to someone. So it’s essentially a way to generate random numbers.
A: The prover is an algorithm, is just the hash, it’s not a person anymore. And the verifier still somehow needs to exist, but it’s one sided.
F: But they get all the data at once and they can just parse through all the data and verify everything at once.
A: We’ve still really just scratched the surface of zero knowledge proofs, this is very introductory, we’re just trying to get some of the concepts clear for ourselves. We will be in future episodes going deeper on a lot of these things. But I think in this episode, we can at least touch on some of the use cases of these things. The zero knowledge proofs have existed since 1985, they’ve been used...we’re know they’re being used in blockchain technology, but what else are they being used in?
F: I will often learn by looking at real world examples, getting my hands dirty, working on something, and they have been in use for a long time in various areas before blockchain, I think the most obvious one is authentication systems that use these schemes. So when you log in to, whatever, Facebook, you actually send your password in plain text to Facebook. They’re hashing that password and comparing it to the hash that’s stored on their database, so they don’t at least store your (presumeably because we can’t know) password in plain text but they still get it, their servers are still getting it. So if you don’t want to share your password at all, one way would be to hash it out on the client’s side, and then send that hash to them, but sending the hash to them, for something as small as a password, is actually still giving them quite a lot of information, they can brute force that hash pretty easily. So if you don’t want give them any more than one bit of information, like “I have the password to this account”, that’s where you need a zero knowledge proof.
A: And what else could you use zero knowledge proofs for?
F: I think the most useful ones that I’ve seen, at least (again I’m a noob in this area, I don’t look for this stuff daily), but another useful example that I came across is if you want to prove that you have the private key of a public key. So public/private key encryption is everywhere, usually with PGP, was intended to be the public/private key encryption of email, and it’s never really taken on because part of it is...if you send me a public key, do I know that that’s yours? I can encrypt something with it and be sure that only the person with the private key can read it, but can I tie an identity to this? Not really. So all these key servers have spawned up and they try to tie an identity to the key and stuff like that. But you could actually use a zero knowledge proof to say “I have the private key for this public key” and thereby proving your identity together with your public key. Exactly how this is used in real life today, I’m not actually sure, it would also have to be an interactive zero knowledge proof, because if you send it out non-interactively, then you’re back to the same position where it’s public knowledge and anyone can copy it. So it’s only useful in the interactive sense.
A: So zero knowledge proofs have then obviously also become part of a lot of blockchain projects or concepts. The most notable, I mean, there’s a whole history of zero knowledge in blockchain, which I don’t think we’re ready to do in this podcast, and I wanna bring on some people who have actually lived through some of this, know these people and have seen the developments of things like zero coin, Zcash and...That’s for future episodes, but we are seeing zero knowledge pop up more and more with blockchain projects. I know that obviously the most notable is Zcash which is a token built with zero knowledge inherently built in to its protocol and I know that they’re doing tons of research to actually make them more efficient. From what I understood, doing the real zero knowledge (actually you can maybe help me with this) doing the real proofs can be quite CPU intensive, or very...it takes up a lot of bandwidth.
F: It’s resource intensive in general, but especially memory intensive is the biggest...that’s why you can’t really send a shielded transaction on Zcash from a mobile phone for instance because your phone doesn’t have that much RAM. So even if it was just CPU, then you could just let it run for a long time, but you don’t actually have that much RAM it’s literally impossible on most phones. So they’re doing a ton of stuff there and trying to make it...improve the UX, improve the speed, improve the resources necessary so the next version they’ve upcoming, they’ve been saying that they have it so efficient now that you could generate a shielded transaction on a phone. So there’s tons of stuff in active research in that area.
A: And then some of the words that are often brought up are thing like the zk-SNARKs, and sometimes we heard about STARKs, which is apparently the future version, pure theory at this point!
F: It’s not pure theory, I’ve seen conference talks where they actually show off some examples themselves, but the one talk I saw by one of the researchers working on this (it was a great talk, and if I can find it again I’ll put it in the show notes), but it was quite a while ago. But he was showing some example programmes, so SNARKs is just zero knowledge non-interactive arguments of knowledge, something along those lines. Which is really any zero knowledge proof. I’m not exactly sure what the difference is or why making this separate distinction, but STARKs are like, you can prove the results of a computation, so you can give someone a programme and then prove that this is the result of running the programme, and you can verify that this is the result of running the programme without running it yourself, which is super useful on a blockchain context; massively useful. But the input programme was something stupidly simple and it took 200 gigs of RAM or something. So it’s not feasible right now to use it for anything, but it’s still...it exists, it’s a thing, it just needs to be improved.
A: And then we’ve also seen zero knowledge libraries, or actually more like zk-SNARK libraries, these are basically just taking zk-SNARK...it’s usually zk-SNARKs, right?
F: Yea. I dunno if maybe SNARKs is the new way of saying zero knowledge proofs. It’s a specific subset of zero knowledge proofs that are useful. An interactive zero knowledge is not actually all that useful usually. You need it to be non-interactive, so then that is a SNARK essentially, a non-interactive zero knowledge proof.
A: But we do see people building libraries that people can then use to implement zero knowledge proofs or SNARKs into their blockchain projects, or…
F: Into any projects. So at the ZK summits, the events we held a couple of weeks ago, there was a presentation by Howard Wu, on libSNARK, which is a C++ library for SNARKs and it’s a great library, has a wide API covering all kinds of SNARKs and how to use them. I haven’t dug into that library and which languages have bindings to it or whatever (it’s something that I want to do), but certainly with this library in hand, you can use this today. There’s no issue here, you don’t have to go in and know a ton of stuff, you can just use this library, you don’t have to reimplement the world here!
A: Cool. I think we’ve covered a lot of ground in this episode. Do you have any last thoughts of zero knowledge proofs, Fredrik?
F: I think there’s huge potential and I think it’s really...the area’s really cool, it’s new to a ot of people but it’s also old to a lot of people, so I think the more across work we can get here, the better. To me this is almost a way to involve real cryptographers in cryptocurrencies, which would be good! And it has huge potential for a lot of stuff, like I was at this charting summit, and we were talking about using zero knowledge proofs as a means to compress a Merkle tree path, (this is a podcast episode in itself), but there’s a thing called Stateless Clients, and in the Stateless Client model, you need witnesses for transaction, basically saying “this is a valid transaction” so you send a witness with it, but these witnesses can be really long. They're a series of hashes that point to a specific place in a Merkle tree and you can actually use a zero knowledge proof to say that “this is proof that this transaction reference is only this path in the Merkle tree”, so you compress the whole tree into one zero knowledge proof which is much smaller. So it’s a compression mechanism. There’s tons of applications and I’m excited to see where all of this goes.
A: I have a last thought as well. I do wanna sorta admit something about the name of this podcast, if I can! We didn’t originally name the podcast Zero Knowledge. The idea came up when Jack suggested it, and we thought it was kinda cool, it’s sorta a double entendre, there’s zero knowledge proofs, and “we don’t know anything zero knowledge”.
F: The podcast hosts have zero knowledge.
A: The podcast hosts have zero knowledge! But I think what’s really cool about it is that it has actually put us very much face to face with the zero knowledge community and the academic groups that are doing work on this and it’s extremely exciting and it’s a really cool theme or concept to...if you wanna look across a ton of different blockchain projects and not necessarily get caught up with some of the groupings that we see happening in the ecosystem, zero knowledge is actually a really cool way to do it, because there are a lot of different groups that are playing with it in different ways. And it’s turned out to be a cool coincidence, cool whatever, cool turn of events that we happen to pick that name and actually find this great community around it. Anyway, thanks. I’m gonna say a big thank you for listening if you’ve made it this far, this was a denser episode than most.
F: It’s funny, because we’ve never taken such an introductory point of view on anything, going basic as much as this, and yet it’s probably one of the densest episodes. It just goes to show just how much stuff there is to learn on this topic.
A: Totally. So, yea, thanks for listening.
F: Thanks for listening.