Open in app

Sign in

Write

Sign in

Home

Library

Stories

Stats

Cyfrin

Cyfrin Security Blog

Follow publication

Member-only story

How To Create a ZK Smart Contract

Creating and verifying zero-knowledge proofs in solidity

Alex Roan
Cyfrin
Published in
7 min readJun 8, 2023

Photo by Mauro Sbicego on Unsplash

Zero Knowledge Proofs enable a Prover to demonstrate knowledge of something to a Verifier without revealing that knowledge. For example, if we want to prove that we have solved a puzzle without giving away the solution, we can use Zero Knowledge Proofs.

How does this relate to Smart Contracts?

Imagine a Solidity smart contract called Sudoku , running on an EVM blockchain. It has a public two-dimensional array that represents the board's initial state. It also has a public function that accepts a two-dimensional array, checks it against the initial state and sudoku rules, and mints an NFT if the solution is correct.

contract Sudoku {
  // Initial board state
  uint8[][] public initialState;

  function answer(uint[][] memory solution) public {
    // Check that `solution` conforms to `initialState`
    ...
    // Check that `solution` conforms to rules of Sudoku
    // (1-9 in squares & lines)
    ...
    // Mint an NFT if correct
    ...
  }
}

This works great, but wait, how big is the board? The larger the board, the more loop iterations within the function, and the more expensive the function becomes. This doesn't scale well.

Also, why should I spend all my effort trying to solve it when I can copy the first successful answer? The solution is public as soon as one person submits an answer on-chain since the call data for every transaction is public. I’ll scoop up an NFT by copying the first successful solution!

Zero Knowledge Proofs enable a prover to demonstrate knowledge of something to a verifier without revealing that actual thing.

ZK cryptography enables us to create a Solidity smart contract that acts as a Verifier without knowing anything about the solution. The Prover (us) can generate an off-chain proof that we can post to a Verifier (a smart contract) that proves the puzzle was solved without giving the solution away.

Introducing Circom

Circom is a novel domain-specific language for defining arithmetic circuits that can be used to generate zero-knowledge proofs.

Create an account to read the full story.

The author made this story available to Medium members only.
If you’re new to Medium, create a new account to read this story on us.

Continue in app
Or, continue in mobile web

Already have an account? Sign in

Cyfrin
Cyfrin

Published in Cyfrin

340 Followers
Last published Mar 3, 2025

Cyfrin Security Blog

Alex Roan
Alex Roan

Written by Alex Roan

2K Followers
211 Following

CoFounder at Cyfrin. Previously: Chainlink Labs.

Responses (5)

Write a response

What are your thoughts?

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams