Understanding Privacy

Zero-knowledge proofs are the cryptographic technology that enables ALIAS's privacy protocol. This guide explains what they are, how they work (in simple terms), and why ALIAS uses them—all without requiring a math background.

What Are Zero-Knowledge Proofs?

Zero-knowledge proofs (ZK proofs) let you prove something is true without revealing why you know it's true.

The classic example: Imagine you're colorblind and your friend shows you two balls—one red, one green. They look identical to you. Your friend claims they're different colors.

Without ZK proof: Your friend says "Trust me, one is red and one is green." You have to take their word for it.

With ZK proof: Your friend puts both balls behind their back, shuffles them, and shows you them again. You ask "Did you swap them?" They answer correctly. You repeat this 20 times. Each time, they correctly identify whether balls were swapped.

After 20 rounds, you're convinced they can tell the balls apart (so they must be different colors), but you still don't know which is red and which is green. That's zero-knowledge—you learned the balls are different without learning their colors.

How ALIAS Uses Zero-Knowledge Proofs

The ALIAS Privacy Protocol applies ZK proofs to financial privacy.

What you need to prove: "I deposited $100 into the privacy pool, so I'm entitled to withdraw $100 and receive a card."

What you DON'T want to reveal:

• Which deposit was yours
• What wallet you deposited from
• When you deposited
• Your identity or connection to the deposit

How ZK proof helps: The blockchain can verify your deposit exists without knowing which specific deposit is yours. You prove you're entitled to withdraw without revealing which money is yours.

The practical result: You get your $100 card, but no one can connect it to your original deposit. The link between deposit and withdrawal is broken.

A Simple Analogy: The Cave Story

This is the classic ZK proof explanation used in cryptography.

Setup: Imagine a circular cave with two paths (left and right) that meet at a locked door in the middle. Only someone with the secret password can open the door and walk through.

The proof: You want to prove you know the password without revealing it. Here's how:

1. You enter the cave while your friend waits outside
2. You randomly choose left or right path
3. Your friend enters and shouts "Come out from the left!" or "Come out from the right!" (random choice)
4. You come out from the requested side

If you DON'T know the password: You have a 50% chance of being on the correct side already. If you're on the wrong side, you're stuck (can't get through the locked door).

If you DO know the password: You can always exit from the requested side because you can use the password to walk through the door if needed.

After 20 rounds: If you successfully exit from the correct side 20 times in a row, your friend is convinced you know the password. But they never learned the password itself—that's zero-knowledge.

How this relates to ALIAS: Your secret recovery note is like the cave password. The ZK proof convinces the blockchain you know the secret (made a deposit) without revealing the secret itself (which deposit).

Why Privacy Needs ZK Proofs

Traditional privacy methods don't work for public blockchains.

The blockchain problem: Everything on Solana is public and permanent. Anyone can see all transactions, all deposits, all withdrawals. This makes privacy very hard.

Failed solution 1: Just hide the data Can't work. Blockchain requires transparency to prevent fraud. If deposit amounts are hidden, how do you prevent fake deposits?

Failed solution 2: Use a trusted intermediary Defeats the purpose. If ALIAS knows which deposit is yours, there's no privacy—you're just trusting us not to tell.

Failed solution 3: Make deposits off-chain Doesn't work. Card providers need to verify you actually paid. Off-chain deposits can't be verified.

ZK proof solution: Deposits are public (anyone can see someone deposited $100), but withdrawals are unlinkable (no one can tell which deposit corresponds to which withdrawal). The best of both worlds—transparent yet private.

What Makes ZK Proofs Secure

Understanding the security helps you trust the system.

Mathematical certainty: ZK proofs rely on mathematics, not trust. The math either works or it doesn't—there's no middle ground.

Verified on blockchain: Every withdrawal proof is verified by the Solana blockchain before approval. Invalid proofs are rejected automatically.

No trusted parties: You don't trust ALIAS, the card provider, or anyone else. You trust math. The proof is self-verifying.

Computationally hard to fake: Creating a fake proof without knowing the secret would require millions of years of computation with current technology. It's effectively impossible.

Auditable: The ZK proof system used by ALIAS (Groth16) is well-studied and has been audited by cryptography experts.

Groth16: The Specific ZK System

ALIAS uses a specific type of ZK proof called Groth16.

What is Groth16? A particular mathematical approach to zero-knowledge proofs, designed in 2016 by cryptographer Jens Groth.

Why Groth16?

• Extremely small proof size (under 300 bytes)
• Fast verification on Solana blockchain
• Well-tested in production systems
• Used by major privacy projects (Zcash, Filecoin, etc.)

Trade-offs: Groth16 requires a one-time "trusted setup" ceremony. For ALIAS, this was conducted securely to ensure no one can create fake proofs.

Practical impact: You don't need to know how Groth16 works. Just know it's battle-tested technology used by billions of dollars in other systems.

What Information Does the Proof Contain?

Understanding proof contents helps you see what's revealed and what's hidden.

Information IN the proof:

• "Someone made a valid $100 deposit"
• "That deposit hasn't been withdrawn before"
• Cryptographic evidence supporting these claims

Information NOT in the proof:

• Which deposit is being withdrawn
• Who made the deposit
• When the deposit was made
• The secret note itself
• Any personally identifying information

Who can read the proof: Anyone—it's posted publicly on the blockchain. But reading it doesn't reveal your identity or which deposit is yours.

Verification without revelation: The blockchain verifies the proof is mathematically valid without learning anything about you.

Common Misconceptions

Clearing up confusion about ZK proofs.

Misconception: "ZK proofs make everything private" Reality: They only hide what they're designed to hide. Card usage at merchants is NOT hidden—that's normal credit card processing.

Misconception: "ALIAS can recover lost secrets" Reality: No. By design, secrets are only known to you. If you lose your recovery note, funds are permanently unrecoverable.

Misconception: "ZK proofs are slow" Reality: Proof generation takes 2-5 seconds on modern devices. Verification on blockchain is nearly instant (milliseconds).

Misconception: "You need to trust ALIAS" Reality: The math is trustless. You're trusting cryptography, not ALIAS. We can't fake proofs or access your deposits.

Misconception: "Privacy is illegal" Reality: Privacy technology is legal. Using it for legal purposes is legal. Illegal activities remain illegal regardless of privacy.

Why Not Just Use a VPN or Tor?

ZK proofs solve a different problem than network privacy tools.

What VPNs/Tor hide:

• Your IP address
• Your internet browsing activity
• What websites you visit

What they DON'T hide:

• Blockchain transactions (these are public by design)
• Wallet addresses
• Transaction amounts and timing
• On-chain payment flows

What ZK proofs hide:

• Link between deposit and withdrawal wallets
• Which card came from which deposit
• Connection between payment and card creation

Why ALIAS needs ZK proofs: Even if you use Tor to access ALIAS, your blockchain transactions are still public. ZK proofs hide the transaction linkage that Tor/VPNs can't touch.

Can you use both? Yes! Use Tor to hide your IP address and ZK proofs to hide blockchain linkage. They complement each other.

The Privacy-Performance Trade-off

Understanding the costs helps you decide when to use privacy.

Privacy costs:

• Slower: 2-5 seconds to generate proof vs. instant for standard cards
• More complex: Must save and manage recovery notes
• Fixed amounts: Can't use custom amounts like instant cards
• Gas fees: Slightly higher due to proof verification

Privacy benefits:

• Untraceable: No one can link your deposit to your card
• Anonymous: Card creation isn't connected to your wallet
• Blockchain-level: Privacy enforced by math, not policy
• Self-sovereign: No trust required in ALIAS or intermediaries

When it's worth it:

• Sensitive purchases you want untraceable
• High-value cards where privacy matters
• Principle-based privacy preference
• Situations requiring complete anonymity

When it's not worth it:

• Small test purchases
• When speed is more important than privacy
• If you're okay with wallet-to-card linkage
• First time using ALIAS (learn standard flow first)

Next Steps

Learn more about ALIAS privacy features:

• How Privacy Works - Privacy mechanics explained simply
• Privacy Protocol Overview - High-level introduction
• Making Deposits - Start using privacy mode
• Withdrawing Funds - Get your anonymous card