Insight and analysis on the information technology space from industry thought leaders.
Zero-Knowledge Proofs for Regulated Financial Institutions: Do the Risks Outweigh the Rewards?
Zero-Knowledge Proofs are an amazing technology that can have a profound impact on computer security. However, due to their complexity, potential for bugs, and challenges in recoverability, ZKPs may not be suitable for all applications, particularly in environments where compliance and auditing are critical.
October 3, 2024
By Shaul Kfir, Co-Founder, Digital Asset
Zero-knowledge proofs (ZKPs) have been hailed as the latest breakthrough in cryptographic technology, gaining popularity in transferring assets on public blockchains, where privacy is unavailable. However, for regulated financial institutions where the safekeeping of clients' assets and the integrity of IT systems is paramount, it is crucial to evaluate ZKP’s viability through a robust risk management framework. To do so, let’s break this down into three critical aspects: likelihood, impact, and recoverability. Then, we will assess if an alternative with the appropriate privacy and built-in controls can provide the benefits of distributed ledgers without adding complexity and risk.
Likelihood: How Likely Is Something To Go Wrong?
Maturity and understanding of the technology
ZKPs are a relatively new technology, and like all emerging technologies, they have a steep learning curve. The level of understanding required to implement ZKPs correctly is significant, and there are no established coding methods in practice today. This will add time and risk to any project that aims to use ZKPs and take their application into production in the near term. It’s simply too soon to use with confidence of a reliable, proven business outcome.
Complexity and potential for mistakes
ZKPs are not simple to use, and the algorithms and software behind them are extremely complex. The cryptographic algorithms are intricate, and even minor mistakes can lead to vulnerabilities. This complexity increases the likelihood of errors and severely limits the reliability required for financial services. There are some attempts to build compilers and virtual machines to abstract the complexity of building ZKPs. Still, studies have shown that even very mature compilers like GCC and LLVM have numerous optimization bugs reported monthly. These bugs can persist for months before being resolved. We must assume ZKP compilers will have similar bugs hiding in plain sight for years.
Historical bugs and issues
ZKPs have a mixed track record in real-world applications. While the technology has proven powerful in limited scenarios, it has also been prone to bugs.
Here are some notable examples of bugs in ZKP systems that were exploitable in the wild.
Due to the complexity, vulnerabilities typically go undetected for extended periods. Once a bug is found and fixed, there is often no way to audit whether it was exploited in the past. Despite the suggestion of marketing monikers like “bulletproof,” the reality is that it is too early to be suitable for financial institutions in practice.
Impact: What Happens If Something Goes Wrong?
To assess this, one only needs to look at some examples of the recent past.
ZCash vulnerability
In 2019, ZCash identified a vulnerability caused by a mathematical error in the algorithm and code . The error exposed the potential to create an infinite supply of coins, which would have devastated the currency’s value and trustworthiness. Fortunately, ZCash has an amazing community, including my friend and former colleague Ariel Gabizon who discovered, appropriately disclosed, and handled the bug. However, the team conceded they could not be certain the bug was not exploited. Furthermore, as noted by Electric Coin Company, there are limited means to immediately detect a bug in a zk-SNARK circuit that allows an attacker to counterfeit coins.
Swiss eVote system
The same year, the Swiss eVote system uncovered a cryptographic trap door that could let someone change votes cast without being detected. This risk would be untenable in financial services, where record-keeping and trust are paramount.
Generally speaking, if an attacker discovers a bug in a ZKP proof system, they could manipulate the proof system to accept invalid data without anyone noticing. This is particularly concerning in financial transactions where integrity is paramount.
Recoverability: Can We Recover If Something Goes Wrong?
Inherent challenges of ZKP recoverability
One of the defining features of ZKPs is the proof without knowledge of the underlying data. While this is excellent for privacy, it also means that if something goes wrong, it is impossible to trace back and recover. Imagine if the locks on your bank's vault could be picked without leaving any trace. Unlike other systems where logs and audit trails can help identify and rectify issues, ZKPs offer no such safety net. While this may be suitable for some use cases, it is unacceptable for financial institutions, their clients, and regulators.
What Are the Strategic Benefits/Tradeoffs of Network Extension?
Strategic fit is a key consideration. ZKPs are a cutting-edge technology. While they might be good for narrow cases of decentralized identity or voting systems applications, they are currently unsuitable for most applications, especially in heavily regulated environments. Consider how you plan to extend your application and how you plan to share data across sub-networks. If you can’t answer this question, you are already at risk of not complying with regulations and guidelines – e.g., Basel SC060. Are there alternative solutions that could achieve the same goals, connecting to a wider array of assets and participants with less complexity and risk?
The Industry Needs a Fundamentally Different Approach
Regulated financial institutions require a solution designed specifically for their privacy needs rather than trying to retrofit ZKPs on a technology built for other purposes. These institutions must also be confident that the risk of undetectable bugs has been minimized. This can be achieved by maintaining an immutable, secure ledger that supports robust auditing and reporting processes.
Scalability and interoperability are also important. A public-permissioned network can bypass the complexity and risks associated with ZKPs while providing similar data control, integrity, and privacy guarantees. It allows institutions to connect while maintaining full control over their data, ensuring that information is shared only with authorized parties under strict permissions. This combination of privacy, control, and compliance is critical for regulated entities looking to capitalize on the benefits of distributed networks of networks that can work like the interconnected network of capital market flows today – only better. The future of capital markets will focus on safer, more synchronized tokenized assets that can be mobilized without the risks and capital charges associated with other public networks.
Key takeaways:
Ensure your technical solution guarantees that assets are fully protected and accounted for under all circumstances.
Seek assurance and proof that your new platform does not compromise your obligations for safekeeping, auditability, and reporting.
Confirm you have the audit practices and expertise to assess vulnerabilities according to your regulatory obligations.
Be realistic with the current immaturity of ZKP solutions and approaches when evaluating their benefits.
Be aware that subtle coding oversights or intentional software supply chain attacks can lead to critical and irrecoverable vulnerabilities.
About the Author
Shaul Kfir is Co-Founder of Digital Asset. Previously, Shaul was a cryptography researcher and co-author of libSNARK, the first ZKP library to be used for blockchains, including ZCash, Quorum, and others.
About the Author
You May Also Like