Hi, I am the project lead at ZeroSync. Happy to see our work discussed on bitcointalk. Would like to clarify a few points mentioned here:
- We are using STARKs, which is a form of zero-knowledge proof that requires no trusted setup. It is a *transparent* ZKP.
- "Zero-knowledge" is indeed misleading in a way. This technology was invented for privacy reasons but it turned out to be also very useful to compress a computation. To be precise, actually it doesn't even use the zero-knowledge property really. Nevertheless it became an industry standard to call this tech ZKPs. We use it just because it is a *succinct* proof.
- Using ZeroSync requires no global consensus. Every user can decide individually if they want to sync using a proof or the conventional way. You can even zerosync Bitcoin Core without any code modifications: Use an external tool to verify a UTXO set and then copy it into your chainstate folder.
- ZeroSync is not a company but a Swiss nonprofit creating FOSS software.
- ZeroSync is not just a chain proof but creates a toolkit for Bitcoin developers to apply ZKPs to their own products and services.
On our project website
https://zerosync.org you can find more details.
Happy to answer any questions you have.
A ZKP that represents chain state effectively shunts the usefulness of a full node entirely. Why not just concatenate the entire chain into a merkle proof? They are small, succinct, speedy to verify, and are completely transparent. ZKSTARK for verifying a block requires that I trust a consortium of keys that have approved ZKPs of chain state. This goes against not just Bitcoin fundamentals but basic cryptographic assumptions.