Episode 35
ZK Cryptography and the Frontier of Innovation w/ David Wong (ZK Security)
November 23, 2023 • 01:02:09
Host
Rex Kirshner
Guest
About This Episode
Guest: David Wong (Twitter: @cryptodavidw)
Host: Rex (Twitter: @LogarithmicRex)
The growing significance of Zero-Knowledge (ZK) cryptography in the upcoming cycle is becoming more and more obvious, evident in the increasing number of startups securing funding for ZK-related projects. However, navigating the complexities of ZK involves not only advanced mathematics but also addressing challenges within the smart contract paradigm. The interview features David Wong, co-founder of ZK Security, an auditing and consulting firm specializing in ZK applications. Wong discusses the difficulties in securing ZK-based systems, emphasizing the scarcity of resources and the unique vulnerabilities introduced by zero-knowledge cryptography. The episode explores fundamental questions about the purpose and potential impact of ZK, emphasizing its transformative role in technology and inviting contemplation on future applications.
Transcript
**Speaker A:**
Hello and welcome back for another episode of the Strange Water podcast. Thank you for tuning in for this week's episode. At this point, it's becoming increasingly clear that ZK is going to be one of the, if not the biggest narrative of the next cycle of crypto. Even if you aren't in the types of circles that are constantly iterating on how to use ZK to add more computation to distributed systems like Ethereum, you probably are seeing all of the headlines of startups raising seed and series A rounds to bring ZK to life. But ZK is a tricky business because not only are you dealing with advanced math straight from the professors and grad students discovering it, you also need to work through all the complexities of the smart contract paradigm. And then you need to make it all work together. Needless to say, this is incredibly hard, made harder by being so far out on the innovation curve that there are very few resources available to help. Fortunately, as the ZK based ecosystem begins to come to life, many of the resources that we need are coming online right alongside it. Today's guest is David Wong, co founder of ZK Security, an auditing and consulting firm that specializes in ZK based applications. Through ZK Security, David and his team help support the applications building these new technologies with a specific focus on building secure systems. Throughout this conversation, you will begin to understand just how difficult it is to build ZK apps and how the math behind zero knowledge cryptography introduces even more surface area for attacks. David not only walks us through a few common critical vulnerability, he helps us understand how auditors work to root out these problems in a technology so new that it's still being written. But this episode is not just an episode about auditing or consulting. This is an episode about the world of zk. We both start and end with some of the huge questions we all ask ourselves every day in this space. What is the purpose of zk? What makes a good ZK powered app? How will ZK change the world? And of course, the big question we all asked ourselves, what am I going to build with zk? One more thing before we begin. Please do not take financial advice from this or any podcast. Ethereum will change the world one day, but you can easily lose all of your money between now and then. All right, I am so excited to bring out David Wong. Let's talk zk. David, thank you so much for joining me for the Strangewater podcast.
**Speaker B:**
Yeah, thanks for having me.
**Speaker A:**
Of course, man. So, before we jump to ZK and like the the interesting circuitry of it all like I, I'm a big believer that the most important part of every conversation are the people in it. So with that as a frame, can you help us understand who you are and like what brought you to ZK world?
**Speaker B:**
So I guess there's a short answer and there's a very long answer. Should I, do you want me to aim for, for the middle, the middle answer? Yeah, yeah. Everybody has like a long story to wherever they are. But yeah, I guess I was always, I was always interested in, in computer science and mathematics and so I've, I naturally got into cryptography. Studying cryptography and then getting to jobs where I had to do cryptography. And that's, that's. Let's say that's the first part and let's try. I'm gonna skip it. But doing cryptography I discovered about zero knowledge proofs pretty early on. So zero knowledge proofs were, you know, it's taught in school and zero knowledge proofs as is a very basic primitive that, that was invented, invented a very long time ago and, and you couldn't do much with it. It was mostly like small constructions. So it's something we learned in school and early you wonder like okay, is this thing useful? And as you enter the applied world, as you start working then you realize that it's actually not really used anywhere. Or at least that was my first. I was wondering why am I not seeing zero knowledge proof used anywhere? And then I realized pretty early on that actually signatures, the digital signatures or cryptographic signatures that people use everywhere are actually zero knowledge proofs but they're a non interactive form of zero knowledge proofs. If you think of zero knowledge proofs as like an, in an interactive protocol between a prover and a verifier messaging each other trying to, you know, the prover trying to convince the verifier of something signature is like a non interactive zero knowledge proof. Like you just send it once and people can verify it. So, so then I realized like oh my God, zero launch proofs are used. And I'd say, I think it was in 2016. I ended up at some party, the, the CODA protocol part launch party or something like that where they like a co worker brought me to this party and they sort of announced their project and it was this kind of blockchain verify. You can verify the entire, the entire blockchain in 1:0 knowledge proof. And, and that's zero knowledge proof is actually a verification of previous zero knowledge proofs. And, and I remember, I remember being like wow, like I didn't know you could do that with zero knowledge proofs. It that was my, my first time being like, you know, I had been in cryptography, working there for, for quite a while and I was wondering where I could get more into. Is there like a specific subfield of cryptography I could start digging into? And that's where I found zero knowledge proofs and I wanted to really dig into. I was mind blown by that project which I ended up joining actually two years after. And I guess that was the start for me to get into zero knowledge proofs.
**Speaker A:**
Yeah, no, I mean something that you said that really resonates with me is especially. So I entered the space from Defi, from Finance to Defi to Ethereum and then to, I don't know, like the world Computer, let's say. And you know, when I first heard about zero knowledge outside of a like intro to number theory course, right. It was about the ZK EVM and ZK L2s and like I, I remember like thinking that ZK meant something very specific about the technology that was being implemented. Like that almost like, you know, there's a core kernel of like code that was understood to be ZK and it had that kind of code then that made it zk. And I think like the big unlock is to realize that ZK is, is really like a paradigm that is much more common than like you would think now based on the amount of energy that goes behind the word zk. Like it is basically just the idea that, you know, you can have ver formal verification without sharing all the data. And like once you realize that ZK really is a buzzword, like it opens you up to be like much more creative and just figure out where this stuff can be used.
**Speaker B:**
Yeah, yeah, I would say, yeah. I guess different people have different ways to see it. Like my mental model is that people abuse the word zk. I guess that's what you're saying. Also what matters that we have a new primitive, a new black box that people like, you know, a new tool that people can use and you can build all sorts of applications on top of it. And it's sort of up to you to decide what you can, what's useful to do with it, how you understand the possibilities when you see it. And so that black box to me is, is sort of the ZK part is like actually, yeah, like it's almost like it might fool yourself into believing that that's the only thing that's actually useful, the zero knowledge. But at the end of the day it's computational integrity. And so it's like this black box just allows you to prove some computation and you can use that to either delegate computation or compress computation if you have a long running computation or turns out that you can also mask parts of the computation, not just the entire computation itself, but the inputs or the outputs or whatever. And so you also get privacy. But privacy is sort of a privacy, sort of an add on. Usually it's pretty cheap to have privacy on top of things. And actually a lot of these systems that you mentioned don't even use the privacy aspects.
**Speaker A:**
No, for sure. I was earlier this year I was attempting to do a startup that we didn't move forward with, but it was essentially like centralized ZK as a service where you know, you just send us like the data that you want a KCG commitment against and we'll just like do the, you know, all the math for you and then give you back the commitment, something like that. Or you know, then like much more abstracted to like plonker stuff. And for VCs who didn't really get the space quite like enough, the question we would always get is like I thought the point of ZK was privacy. And you're saying that you're going to send all this data to a centralized server, like doesn't that break everything? And I think like that was like kind of. Yeah, I mean, and again I think we're hovering around this, that like what, what is new is the realization that the ZK framework, which has been around since like the 60s or 70s or whenever, has this like new specific use which is about projecting computation and like that compressing and like projecting in our world into blockchain but you know, has more applications in blockchain. So I just like really see that as the paradigm it's about compressing and projecting comput.
**Speaker B:**
It's interesting actually because I see a lot of. So I think what you describe is sort of to me is proof delegation or proof as a service, maybe for specific proofs. But I think we're seeing. I don't know if you're observing that from your bubble, but in my bubble everybody has their own bubbles. From my bubble I see a lot of proof as a service or proof delegation startups or projects and things like that. So there seems to be a new, a new story, I guess, that people are gonna need to use. Like proving things is a bit heavy and so people are gonna need to use these provers that are more beefy machines and not them.
**Speaker A:**
Well, I think the underlying bet that we were making on the entrepreneur side. And I think that look like it's very apt to call basically every ZK company that has been funded in the last year as like, oh, we're just going to build tools for ZK and then like so developers can go build applications. And I think the, the bet from an entrepreneurial standpoint is like all of this stuff is so new. Like it literally comes out of like professors mouths at conferences into companies that like there, there's just alpha and like being the guys that are building tools right now and like whatever we find the actual use case for this, like we just want to be already familiar with this stuff. And so I think like the, the proof of as a service like concept is really because like it's the only paradigm in which like there's some sort of like economic thing and then you can go sell it to VCs. But I really think like the, this is really true.
**Speaker B:**
Like, like I actually have had these conversations of like all of these new tools that are coming, coming up or that people are building are mostly open source and they're mostly becoming commodities. And so it's very hard to monetize that. So the infra play is sort of the one big play that people can try to monetize.
**Speaker A:**
Yeah, it's the infra play but it's also just the getting experience. So when the true 0 to 1 unlock comes out, when we figure out that we can run AI on a ZK based chain, the guys like Succinct Labs or Modulus Labs or Nguyama or Sisic, they will like have the experience to like you know, really pivot to that and like get it done.
**Speaker B:**
I, I think we're perfect. I love that you're saying that because I think we're perfectly aligned. I think it's exactly what like that's my motto and I think that's maybe, maybe VCS actually start investing in companies more for the teams and what they're going to learn through the process. And if they have like, maybe it's good if they have a short term, you know, monetization strategy but on the long term it's about getting familiar with the technology and being here when the technology gets gets to the point where a lot of lot more use cases are unlocked like you're saying. So yeah, that's, that's sort of, that's what I, I'm sort of doing right now in the space. I'm, I don't want to say I'm costing. I think there's A negative connotation. But I'm, I'm, I'm paying attention. I'm learning and building and auditing and doing all these things. But I think the bigger use cases are yet to happen and we're going to see a lot more happening as these primitives and constructions become more and more useful and performant and so on.
**Speaker A:**
No, And I think we'll tie up this conversation here and get back to your story and actually what you're building. But just to wrap this up, a recent guest I had was Jason Morton from Ezekiel or ezkl. Right. Or. Yeah, Ekz. What? But so he's, he's very recently former academia and now like in this more like entrepreneurial builder space and maybe still in academia. But the point, the conversation that we had was very much about how like, what is special in crypto is like, how, I guess, like, open we are to, to accepting like, new research as like, something that needs to be built and needs to be like, applied to like, you know, blockchain or to computation or whatever. And I think that, you know, that regardless of like, the story you're telling about yourself, like, that is what you're doing if you're in the ZK space right now is like, we don't know what's going to happen, but we all want to make sure that, like, we are the masters of the tools when the revolution comes.
**Speaker B:**
Yeah, that's. That's sort of a. Yeah, I mean, that's, that's sort of how I see Jason. Very clever guy and he's. I mean, he's at the center of like, two extremely hype technologies. Right. Like AI and zk. So, yeah, I don't know how practical this thing is today, but if it turns out it's practical, he's going to be at the center of it all. So it's a good place to be.
**Speaker A:**
Yeah, no, and I think that's what we're learning every single day is that if you build the technology good enough and you can scale it fast enough, then the ideas come from there and that's like the paradigm being flipped around. So anyway, let's get back to your story. So you found, was it the Coda blockchain? That's originally what got you into zk. Two years later you started working for them. Like, what's, you know, the medium version of your story from, you know, the coda to what you're building today.
**Speaker B:**
So I guess coda was renamed Mina in the meantime. But before I joined. But yeah, I spent two years There basically arrived at Mina with very little knowledge about ZK besides the basic stuff that I had learned in university. And so I basically spent my two years learning about everything that I could learn from backends. So backends like the proof systems like Plonk, which we used Admina and hello to which is the, I guess the recursion protocol. So, so that proofs can verify proofs and verify proofs and so on. And I also learned about front end stuff. So front end is like how do you write circuits? How do you write these programs that zero knowledge proof systems can prove? And so our front end was called Snarky or Snarky js. So I spent a lot of time learning basically all of these things from low level details to high level, more high level stuff like how to create nice interfaces or nice abstractions that developers can use to, you know, you don't want to write like low level circuits. You want to write, I guess Mina would say you want to write JavaScript or TypeScript. And so during my time there, what I saw talking to developers and seeing kind of the space develop is that a lot of these ZK platforms are going to come up very, very soon. Mina is one of them which still hasn't launched its ZK app platform. So it's a ZK smart contract thing. There is Aleo that's about to launch with Leo. The language there is Aztec Network, with Noir there is I guess Zksync. I don't know, starkware has something, but it's not really Zky with Cairo. Exactly. There's all these interesting platforms built on ZK and perhaps allowing users to use ZK so privacy applications. And when I see people using them, they make the same mistakes over and over and over. And basically it's kind of a new paradigm. It's hard to write things in a secure way. And so I saw that and at the same time my background was sort of in security. Like I had also studied security. I had worked for like four years at NCC Group as a consultant. So during that time I would or I'm throughout that time sort of one of my dream was to create a consultancy and do auditing and security pen testings and stuff like that. And so I left Mina and I created this thing called ZK Security with two ex coworker. So Brandon, the CTO at mina or at O1 Labs, the company behind Mina, and Gregor, who's basically the tech lead for Snarky, which they rename O1JS by the way. And so we founded this with this idea that people were going to need us and that there will be a big market of these ZK Smart contracts and, and the ZK Smart contract audits. So yeah, I've been doing this for, I don't know, less than a year, probably a year soon. And we've been, interestingly, we've been continuing continuously booked, but a lot of these audits have been mostly low level. For now I get, I guess none of these ZK platforms have already launched or none of these projects really have the money. Like these smaller projects built on top of these ZK platforms have the money to pay for these audits. So right now we've mostly seen low level audits on proof systems or circuit stuff, but very, very low level circuit things. So yeah, that's the story of where we are today.
**Speaker A:**
Got it. And so just to be clear, what you're saying is the consultant, the business that you're trying to build is about servicing the layer of applications that are going to be built on ZK powered infrastructure, whether that's RISC 0 or Starkware or whatever of these systems that are gaining so much hype. And what you're saying is that we're so early in this phase that like whatever people are ambitious enough to build on these platforms that haven't really launched yet just don't really have the sophistication and financial or otherwise capacity to support soup to nuts auditing? Is that what you're saying?
**Speaker B:**
They're either not here yet or they can't do it financially.
**Speaker A:**
Yeah. And then when you say that what you have been booking are these low level, like low level systems and like some circuits but super basic, are those just like because these startups can like afford that or are these like, are you working at all with the bigger infrastructure companies like an Eigen DA or a, I don't know, starkware or Polygon zkevm?
**Speaker B:**
I guess I can only talk about clients which we have gone public with. So usually we try not to mention clients where things are not public. But yeah, I mean we've worked with starkware, we've worked with Penumbra, we've worked with Aleo. These are the kind of names that mistemlabs recently. So usually bigger companies that have more budget for these kind of audits and which are doing things at a more fundamental. They're doing things themselves and not. And they're not necessarily projects building on top of another project.
**Speaker A:**
Got it? Yeah, yeah. And how much so in these ZK based systems which you Know are again, have you know everything about smart contract, like, auditing is like, so much more like, complex than just like regular security testing. Now, on top of that, you're adding like the most complicated and advanced number theory possible, right? How? I guess, like, first question is like, what percentage of your energy and effort goes into like, each one of those layers? Or let's. If, if that's going to change as the business matures, maybe, like, what do you project that being and like, to how do you deal with like, auditing systems that are so new that there's not a lot of like, resources to like, really understand if something's secure or not?
**Speaker B:**
So to answer the first question, so our bet was that we would really be on the higher layers and that that's where we would grow. But we have been in the lower layers, like I was saying, and I, I'm wondering if this, this is actually going to stop. So, so obviously the higher layers are going to unlock at some point and there's going to be a market. It's just a question of time. I believe that's my belief. And I know, I'm starting to think that the lower layers might actually not slow down because things keep on improving. Nobody is centralizing towards one solution that everybody's using. Everybody is building their own solution. So I don't think this is going to stop anytime soon. And so I think we're just gonna grow the company on all the different layers, basically, from proof systems to compilers to, to projects built on these core systems. Your second question was, how do we audit these new systems when we don't really know how to do it? I would say that auditing is always sort of. You're always confronted with new systems when you audit. Anyway, so during my four years at NCC group, I don't think I audited the same stuff twice. Like, I was always looking at new things. I was always trying to learn. Which is why I love auditing, by the way. Like, one upside of auditing is that you're always learning something new. And so it's all about having a mindset. So you create this security mindset of when you read something, you'll start looking for bugs. You'll be like, oh, okay, this is interesting. Okay, I understand. Oh, but what if I change this thing here? Isn't that weird? And then that's how you find bugs. And the other part is the will to learn and reverse engineer. So like with any other system when you. The best way to find bugs is to try and understand it. Try and use it. And by I mean I'm sure it happened to every developers, you know that you, you play with a new code base or something like that and so you try to use it and you end up finding a bug just by trying to use it or. So a lot of the bugs I found, actually I found the first CVE I found was exactly that. I was playing with the Golang standard library and I found a bug and I was like oh wait, how bad is that? And I ended up being pretty bad. But it's just about playing around. And there's no secret to consulting.
**Speaker A:**
No, no, fair enough. So pivoting away a little bit from the building of the business and into just like the, the problems that you're finding. You mentioned that one of the like opportunities that you identified was that you were saying that a lot of people were making the same mistakes. So can you talk about at a high level like go starting from back when you were first starting to noticing these two all the way until now. Like what are like broad strokes, the big mistakes that people like come to ZK work with.
**Speaker B:**
Okay, so let me, let me try and probably I should write about that at some point but maybe let's start with three. Maybe there's three big ones. With the first one being very easy. It's just logic bugs, you know, bugs that would happen in any sort of applications, including smart contracts. Secondly is more like mathy bugs. So there's a lot of low level math stuff that happens if you're mostly if you're working at that layer or you're building libraries. I presume that higher level developers will not do too much math and these kind of things. But for example there is this non native arithmetic primitive. So when you build programs for zero knowledge proofs, you build programs using a specific field. So basically everything is a number between 0 and some large prime, usually of 255 bits. But if you're using the. Actually that's not true. Forget about that. The numbers vary. And so you're sort of in this weird paradigm where you're always doing these operations modulo this specific number. And sometimes you don't want to do that, sometimes you want to do them modulo another number. And so that's when you're for example trying to verify an Ethereum signature. An Ethereum signature is based on SEC P256K1. It's like an IoT curve which is in a different based on a different field than most proof systems. And so you sort of have to emulate the other field. Or maybe I even went too far with my explanation. Sometimes you just want to do like big int arithmetic. You want to like handle large numbers and be able to add large numbers and these kind of things. In any case, in all of these problems you're gonna have to try to simulate these things and you're gonna have to use a bit of math. And in all applications we've audited that did that, basically they were bugs. I think I can think of one application that didn't have a bug there, and that's the recent. So recently we audited zklogin from Sway and basically we didn't find a bug there. But that was the first time we didn't find a bug in such an implementation. So kudos to them. But yeah, so I was saying logic bugs, normal logic bugs, more like low level math bugs. So I gave the example of non native arithmetic or bigint. The third one I would say is this idea that when you write these zero knowledge proofs, you're in this different paradigm that you can sort of go out of your program and do computations out of your program and then insert the result back into your program. So we call that in circuit and out of circuit computation. And if you've never heard of that, that probably doesn't make sense. Any sense. But the best example to explain why you need this and why anyone would want to use something like that is how to implement a division. So if you want to implement A, B is equal to C. It's actually quite. It's not straightforward, but one thing you can do is compute the result yourself. So you do this out of circuit. You compute, you know, you do A divided by B, you get C, and then you insert C in your circuits. And then you say, and you prove in your circuits that when C is multiplied with B, it gives you A, because multiplication is easy. So A divided by B equals C. You move the B to the other side basically. And so you produce the results yourself out of circuits. And then you move the equation, you switch things around in the equation. And so yeah, so if you understand that, then you understand that you can do a lot of things this way. Computing things out of circuits might be easier. And then inserting them back in the circuit or in your program and verifying that it was computed correctly might be easier than computing it inside the circuit. And so people do that all the time. And this can lead to really interesting bugs. For example, in Penumbra we found this double spanning bug, which is basically something going out of Circuits and being reinserted. And when you do that, it means that the. Oh, yeah, so maybe I forgot to explain that it leads to bugs because if you don't verify that it was computed correctly, then it means the prover can do whatever they want. They can just insert whatever value they want. Hopefully that makes sense.
**Speaker A:**
No, no, no. Yeah, dude, makes a lot of sense. And I think, I think for one, like, there's this, like, really interesting. And again, we talked about this with Jason Morton. There's this really interesting property around ZK proofs where, like, the important part here is that you're verifying the computation and you can use this external world in which you have like unlimited resources or don't have to worry about these weird things. And I think the example that he used was, you know, it might be really hard to do something iterative in your proof, but if you can just compute it in regular world and then like do all the iterative computations and then just have from the beginning to the end, like you can put that in lookup tables and then you're just doing like one lookup as opposed. I'm blanking on the specifics off the top of my head. But it perfectly reflects, like the point that you're making, which is, yes, you can, like, kind of use your dual resources to do some of the trickier stuff outside of your proof, but, like, you're just inherently creating surface area for more bugs when you want, like, pull out and then reinsert back in. And like, that's let alone just the already crazy complicated math on top of the already crazy complicated smart contract logic.
**Speaker B:**
Yeah.
**Speaker A:**
Cool. So I guess a lot of the things that I'm like, wondering when you're talking about these bugs are like, are these opportunities to create, like, primitives, whether they're open source or, you know, they need to be centralized for whatever reason. But just like primitives that are well understood and become plug and play on the lower level side. And yes, there will always be new innovation and people working on the new primitives, but is the idea that once the math and the paradigms are well understood, those can ossify and then you as an auditor can look at those and say, okay, those are implemented in the standard way, so we know them to be secure and that's why we can focus on the, the application layer? Is that the thought process?
**Speaker B:**
Yeah, it's. I mean, it's an interesting way to see things. I think right now it's like the wild, wild west, you know, people, everybody's doing something different when it comes to non native arithmetic, people are doing different things. We have this, I guess we can call them gadgets of like or building blocks that you, you, you think one person would do, right, and then people would reuse. But it's not happening too much and I think we'll see it's starting to happen in some layers. So for example, more and more projects are built on top of ArcWorks, which is a rust library that builds a lot of building blocks for proof systems. Or more and more people are building on top of the Halo 2 library, which has nothing to do with the Hello 2 protocols. And so we're seeing, I believe PSE has the most popular fork of hello 2. So we're seeing a centralization. More and more people are using these, so there's more eyes, there's contributions from different people. Different projects have forked that repository so they're still pushing things upstream. And so these are benefiting everyone. But these are pretty low level in terms of higher level things that can be reused. I'm not really seeing that much to be honest. It's job security for us for sure.
**Speaker A:**
Let's shift this conversation up to the higher level and onto the application layer. I guess the big question I have for you as someone who's seeing a lot of projects, at least definitely seeing them if not working with them yet, is what are the types of applications that people are building that really leverage ZK in a non trivial or non just like tacking it on to sell it to VC way? I have some idea of what ZK is enabling today, but I would love to hear from you. When people are building in zk, what are these applications.
**Speaker B:**
You just talked to Jason? I guess zkml is one interesting application. I'm not sure exactly what are the limitations of these things today and how far I can go, but that's definitely interesting. I just mentioned zklogin to me that's also something that's very interesting. So my way of thinking about things is that when you try to think about zk, sometimes it's hard to come up with use cases that are interesting. That's because a lot of times instead of a zero knowledge proof, you can just request a signature and that's good enough. Like in a lot of cases around the world, you're thinking of an idea and just having the server sign something and you have this claim or this signature that you can pass around is enough. You don't need an actual proof that the computation was done correctly. Most of the time you don't care about that. So I'm like, whenever I'm trying to think of applications, I'm like, oh, shit, signature is enough. ZK is not super useful here, but actually ZK is useful to verify signatures, either to compress the verification of signatures or either to add privacy to that. And so zklogin is exactly that. It's verifying signatures from Google or, you know, whoever has signed on, the fact that you authenticated with them. And it's verifying that, verifying that signature and all these things in a circuit so that you remain private. Basically, nobody knows who you really are. There was ZK mail recently, like this idea that you can verify mails also without. And so same thing here. It's a signature from like Gmail or something like that. And so, yeah, verifying signature sounds interesting there. Or you can verify signatures to compress things, which is the first thing I was mentioning. And so we've seen that with Plumo, for example, or when you want to synchronize to a blockchain in a fast way and you don't want to re. Verify everything. Basically, protocols like Mina and Plumo allow you to sort of fast track that by verifying a bunch of signatures. Mina is a bit more involved because it actually verifies everything. But Plumo is just about verifying signatures. What else is interesting? Let's see.
**Speaker A:**
No, no, I think that goes to reflect again, how early it is and how at the beginning of the conversation we were talking about how the opportunity is to just get your hands dirty and to build just the primitive tools as we just as a community start to figure out what is this for? You know, and I think we've made, you know, my little shtick was the, you know, like, cryptography as like a science, right, was invented in, you know, the ninth, like with, with the radio, but like, really around World War I and 2, right? To encrypt, like battle communications from like one side to the other. And then we got like, better and better and better and like. But really what we use cryptography for was encryption, right? And then in 2008, Satoshi Nakamoto came along and said, like, here we go. I have a new use case for cryptography that has nothing to do with hiding stuff, right? It is about, like, first it's about money, which I think is like a little asinine. Like, what it's really about is like verifiable, like distributed computation. And like, so now we have two use cases for cryptography. And like, the idea that we're done with two is like just not how the world works. Right. Like either something is meant for one thing or it's meant for like unlimited things. And it's up for like human creativity to figure that out. And you know, every legitimately, if you're like building something for, if you're raising money for something in zk, it's essentially to build more middleware layers on top of blockchain. And that's because like that's really again the only thing we figured out since 2008 that this is like really, really for. But I think the bet that you're making and that most of us are making is that both, whatever is happening in blockchain is like a multitrillion dollar economy, but also that so much more is coming because of this like new understanding of what this science means.
**Speaker B:**
Yeah, yeah, I think, I think we're going to see ZK expand to the non blockchain world as soon as it becomes, as soon as people understand more of what it can do. And that that means better tools, like easier to use tools. And I think maybe risk zero is in a good position for that. And as they become more and more performant, because today, to be honest, they're not the most performant primitives. Yeah, yeah, I guess you were also saying that like we only had encryption. I guess. Yeah. The world of applied cryptography was kind of limited to encrypting things, maybe signing things and doing key exchanges with Google and other websites. Definitely. I think cryptocurrencies and blockchains have brought this new, the slow database paradigm on how to have not just a distributed database, but a decentralized database with security baked in. And I think because we have that a lot of, a lot of the cryptography that we didn't really know, like it's kind of hard to test cryptography today unless you work somewhere and people trust you to use it somewhere with a lot of users. And so, and so I was at Facebook, I guess, and we had some great ideas of cryptography schemes and we got shut down a number of times because it's kind of dangerous to, to. So, so for example, we're working on, on using, so you know, like passwords suck and all of these things. And it'd be nice if you don't have to store a password on the server. And so there's all these schemes are called like password authenticated key exchange, where you sort of do a key exchange with a client based on their password, but you never really see the password. And so we try to Push that internally. And I think the, I mean, for right and wrong reasons, but for right reasons also, like the, we couldn't really push it too far because if you turn it on, like a lot of people are going to start using that and you don't really know the implications and consequences of that when the system in place is working, you know, for a lot of people. So it's hard to apply cryptography, novel cryptography today, but with blockchain, people are going crazy. Like there's no rules, there's nobody to tell you no, don't do that or it's dangerous. And, and we see that, you know, money is being lost, like large quantities of money are, are being lost all the time. So this is kind of like the downside of being able to, to test things rapidly. But yeah. So ZK has found a place in blockchain. I think NPC is starting to have interesting applications in blockchain. We're seeing fhe also in a number of projects. So there's a number of primitives that are seeing that were not very practical and realistic a few years ago and are becoming more and more hyped and interesting. And it's not going to be just ZK, I think, you know, in like the next 10 years.
**Speaker A:**
Yeah. And I, I am, I am very bullish on figuring out applications for this technology that is like being fueled for better or for worse through blockchain money. But you know, for example, I think it was like about this time or maybe December last year, Professor Dan Bone was on the ZK podcast, right. And he basically was just doing the state of the land for, you know, ZK in at the end of 2022. And one of the applications that they were talking about is they were working with Cameo camera manufacturers to like build chips into like, you know, high end Nikon or even like consumer Nikon cameras. So that like when a photo is taken, like the sensor, like every single pixel and the configuration of the camera and GPS if it's in there, is all baked into a zero knowledge proof that then lives with that photo. And that is a step in the direction of combating the deep fake problem. Like you, I'm a little bit confused on the intersection of ML and ZK or cryptography or blockchain. Right. But like, I'm just so convinced that there's something there because like machine learning is about abundance and like creativity, but just like deluge and like the cryptography is about, you know, scarcity and like slowing things down or you know, blockchain is about slowing things down and. Yeah, security. And so I don't really. I don't think the world's moving so fast. Sorry, excuse me. The world is moving so fast, I don't think anyone knows where we're going. But, like, the idea that those are not part of the same story seems crazy to me.
**Speaker B:**
Yeah, I'd say we've seen it with every cool technology. Like, nothing works without security because humans are shitty. And, you know, like, if we're all good people, we wouldn't need security. And, and, but unfortunately for us, we. We need to have this, you know, this whole field of security and cryptography. And to me it's an overhead, you know, it's like an unnecessary overhead. Like it's. I shouldn't have to spend my time thinking about all these problems because if we were good people, we wouldn't need this. But anyway, this is my rant. And so I think with all these new technologies that we're seeing, ML, I guess, included, like, they're growing and people are experimenting, but we're soon realized that things are not going to work if we don't secure things or add security in them, whatever that means. But you'll always see security baked in at some level if you want things to work at scale. And so I'm not sure. Yeah, I'm not sure what it's going to mean for us there. By the way, I don't really like this example of the camera. For me, I always give this example as an example of bad use case for zk because so there's always this sort of tension where people care about security and privacy, but not really. And people mostly actually care about things that work and are fast and are usable. And so I don't want to, you know, I want the camera that gives me the best pictures and that when I click on the button, it takes the picture right away and it's easy for me to put it on my computer and share the pictures. And if I'm gonna have to pay more to get something that has more, you know, assurance on, like, where the picture actually came from or something like that, or if I have to pay more, you know, I'm a newspaper and I need to pay more for a picture because I know that it comes actually comes from the camera. I don't know, like, all of these things are not realistic to me. Like, I don't think anybody cares much about these things. But maybe, yeah, maybe in like 50 years where every picture, nobody knows if a picture is real or not, that would actually Make a lot of sense. I don't know.
**Speaker A:**
No, man, I. I don't think you're wrong at all. I just bring it up because it was the use case that had nothing to do with blockchain that came. But, like, I'm totally with you. I think that, like, unless we not even at a government level, but like a religious level mandate that every camera has these chips, like, it's just not going to help. Right? I mean, my. I. So I like to play this game where it's pretend a VC walks up to you today and it's like, I will give you however much money you need. You just have to pitch me on a company right now. Like, what would you say? And my answer is, I'd be like, okay, what we're going to do is we are going to suck up every single image and video and audio file on the Internet that we can text file everything. We're going to suck up everything that we can and we're going to create the most efficient proof system possible and we're going to batch it all up and then just start committing everything to the blockchain, to ethereum or some L2. Right. Immutable X. I think they're really cheap. Right. And then what we'll do is build like a browser extension that just every time it sees a photo, it like, does that same commitment and then checks to see if it can verify it on chain. And you know, the first few years will just be about creating history like an on chain. History like this will only be useful going back to when we start. But the idea is like, the blockchain provides this immutable record and someone needs to start like, populating the database. And then we can use that to say, like, even if it's the most compelling possible realistic deepfake, if it's about the 2024 election, but no one's seen it until 2026 or whatever, then we.
**Speaker B:**
Interesting.
**Speaker A:**
Then like, my browser extension can verify that. So anyway, I just want to like, follow on with your point that, like.
**Speaker B:**
That sounds like a lot of work.
**Speaker A:**
Yeah. But this hypothetical VC is offering me money. So you can, you can audit for us.
**Speaker B:**
You can probably. Yeah. You know, talk to the archive.org people. Right. Like that. That's basically what they're doing without cryptography, like, in a very centralized way.
**Speaker A:**
No, and I mean, I think that kind of nicely circles back to your point that the hard part about ZK is at least like, the way that we think about the world now is a lot of the things that ZK provides like could just probably better be solved through a simpler Solution. Whether that's archive.org or a signature or whatever. And I think that's.
**Speaker B:**
Yeah, if he doesn't provide like 10x or 100x like, like benefits, people are not going to use it. Like in general that's. So you gotta find a good ideas.
**Speaker A:**
So I mean, I guess with that in mind, like you, you're still like here building a career in it. Like what do you, like, what is your thesis and like why, what do you see as the 10x or 100x thing that like can be brought to the table by this technology or by this math?
**Speaker B:**
I mean the first part of my answer is that if I had a good answer, I wouldn't be sitting here, I would be pitching to VCs and working hard on that cool startup idea. So I think I'm still. Actually I tried to write about that. If you check. One of my last blog posts was about trying to think about ZKN and how, I mean it's called My journey through ZK or something like that. Trying to think about zkn, how this can be useful not just in a blockchain context. And that's when I started thinking about okay, it can be useful when you verify signatures. Like that's a pattern that I see. And so what else could we see there? But yeah, so I have some specific ideas that I think haven't been implemented before. But I'm reticent to sharing them here because these might be some good ideas to implement at some point. But I don't know, it's kind of hard to think, what if ZK becomes extremely usable and extremely performant, like you can run them on your laptop, then how would people use them? Especially I'm especially interested in how enterprises would use them. So I guess in that blog post that I just mentioned, it's all about signatures and how verifying signatures can be useful. I also talk about something else. I say that privacy is usually only useful when you're directly interacting with the users and when the users are creating the proofs. That's when privacy is useful. And we've seen that privacy has been useful mostly on the blockchain because there's money involved and these kind of things. But whenever you have machine to machine interaction, then you don't care about the privacy and it's mostly about the compression of computation. And so I think this is the story. It's a vague story, but if ZK booms in the non blockchain World it will be in an enterprise context and it will be between servers and it will be to obviously to add security. We're still in the context of security, but to add security in a way where you're delegating computation or you're delegating a long running computation and you want to, to keep number of servers synchronized or get claims that are verifiable. But I understand that it's very vague, but I feel. Yeah, it's hard to be more precise than that.
**Speaker A:**
No, for sure, man, I hear you. It's definitely, it's a tough question and I guess, let me just try to answer with mine. That's at a much higher level. But quick background on me. So I went to Stanford, I studied computer science. I actually took intro to Number theory with Professor Dan Bone. And then I left Silicon Valley and like was just wanted nothing to do with it. And I actually went to St. Louis, Missouri and worked for Anheuser Busch in Bev, which is the largest beer company in the world. They're like 40% of beer worldwide. It's like Budweiser and Bud Light. And my first job there. Yeah. Nice.
**Speaker B:**
The museum to the city museum thing was fucking amazing.
**Speaker A:**
Yeah, Yeah. I always tell people when I live there, I was like, you can come to St. Louis. I have a great long weekend. Best long weekend. So much fun. Beer, super cheap. Stay for four days.
**Speaker B:**
Fried pizzas.
**Speaker A:**
Yeah, no, but anyway, so my first job there was in tech innovation and I did that for like two to three years and then I moved over to finance and that's like where I really learned how the world works. But in tech innovation, like so much of it, what we did essentially boiled down to like, how do we throw sensors in things to like, try to get like even a tiny bit of sophistication into like our operations. And like, I cannot overstate just how rickety corporate or corporate global is behind the scenes. Like at anheuser Busch in 2018, I had to deal with magnetic tape. Like that's where all of our server like, like cold data was stored. And so you know, I, I can talk all day about like the types of stuff we worked on, but like I would just put like Bluetooth sensors in, in like coolers that we, you know, because we would make massive investments in coolers and put them out in retail. But we need to like track those and like one is to just make sure that they aren't being stolen and then two is like, well, can we get more sophisticated? Can we do heat mapping? Can we like Push ads based on if people are close. And well, you know, we put accelerometers into tap handles just to like measure in real time, like when beer was being poured, like all this crazy stuff. And like, let me tell you man, like the world, the real world, like is so just old and shitty and doesn't work. And like half the time our problems would be that like, you know, like networks were old and like systems didn't work and all this stuff. And I just like, I. On the flip side, now that I'm in crypto world and like seeing a lot of machine learning stuff, like I'm so convinced that the world of like the Jetsons or like iRobot or any of these like futuristic societies in which like machines do everything for us is like inevitable. But my question is how to get from that like futuristic society to from here. And like, what I see that ZK is going to enable is the Internet of things, right? Like this like, buzzword that we've been using basically since like the early 2000s, but is like, how do we have machines out there in the real world that have like an identity in which sometimes like it really matters? We want to know like that that specific climate sensor up in the Arctic that's monitoring like change is like actually from the UN and doing proper calculations versus, you know, the like minor blah, blah, like the, the traffic light robot. We don't really care or, you know, whatever. I don't care. But the point is like, I see ZK and like blockchain being a huge part of that as like part of the core technology that allows us to like really become like a futuristic like Jetson style world.
**Speaker B:**
Yeah. So I feel like the IoT world has always been lagging behind. Even 10 years ago, when a lot of cryptography was understood, the world of IoT was still living a world without security or that's what I'm saying, right? Security doesn't really matter. Security work is really needed for things that scale. Like you need it on the Internet because everybody can just plug to it and try to mess around. Right. Or you need it for blockchain because it's open and everybody can connect to it. But I think for things like your house, someone can just break the window and get in my place. Right. There's not much security because we don't expect people to come and actively be malicious. Like there's not that level of a access or, or insecurity. And I think that's, that's what IoTs are facing. It's like like, very few people are gonna go out there and they try to like, jump around fences and steal sensors and still, like, people do it. Right. But it's. There's enough friction to do that and it happens rarely enough that people don't care about security there. That's. That would be my take.
**Speaker A:**
No, no. Yeah, I. I think that's fair. And I think that's a reflection of like, the Internet of Things world we have now are like light bulbs that you can control with your phone. I'm just imagining like a world of like, autonomous cars. And like, you know, like just this weekend, me and my fiance were walking just like on a busy street and we saw this like one of those, like, robot things that is on wheels and it delivers your order to your house. And like, it was like, really sad because it was like bumping up against a curb and like, couldn't get up. But, like, I just.
**Speaker B:**
Depressed robots.
**Speaker A:**
Yeah. Like, there's a whole crowd gathering. Like, like, should we. Should we help it? And anyway, the, like, I just, I'm so convinced. I mean, I'm only 32, but when I was a kid, like, we didn't even really have the Internet. And now we've. We're going to this world where there's like, robots that we're feeling empathy for that are delivering us food. And like, Amazon's been doing this drone stuff for years. And you know, we're in autonomous. We're very close to autonomous car world. And like, I just, I. I don't. I see ZK as a security thing, but I also see it as a coordination thing. And especially as like, these things become more and more autonomous and like maybe need to hold property which will be like blockchain related property. Like, I guess ZK to me is like how, again, going. Taking us right back to where we started. ZK is how we're going to be able to project all this computation into these spaces to like coordinate this like again, just Jetson's world that I'm convinced is coming.
**Speaker B:**
Interesting. Yeah, well, we'll see, I guess. Yeah, if that happens, then. Well, if it happens soon enough, then I might profit from it. But I don't know. What's the timeline here?
**Speaker A:**
Yeah, no, I mean, the big thing I'm betting on in terms of science is like curing like aging and cancer and like all that stuff. So that's the one I want to benefit from.
**Speaker B:**
How can we use ZK there?
**Speaker A:**
Yeah. Yeah. All right, man. David, thank you so much. Before I left, you go, can you just like tell the audience how they can find you and how they can just learn more about like what you're doing and maybe book an audit.
**Speaker B:**
Oh, yeah, yeah, thanks. So I guess just go on my Twitter. So my Twitter is crypto David W. And from there you can just click on things and you can find my blog and my YouTube channel and my, you can find out more about ZK Security. And yeah, and if you need an audit or if you're interested in that space or if you have a question about, you know, zero knowledge proofs and you're interested, just DM me on Twitter or tweet at me or send me an email somewhere and I'll try to answer.
**Speaker A:**
David, man, thank you so much. I really appreciate it. And yeah, man, be well.
**Speaker B:**
Yeah, and thanks again for having me. Yeah, this was fun. Sam.