GENESIS 0072026.07.03
Zero-Knowledge
Proofs Explained
What ZK means for digital identity in 2026. How zero-knowledge proofs enable verification without surveillance — and why ZK-Presence is the future of privacy-first identity.
What Is a Zero-Knowledge Proof?
A zero-knowledge proof (ZKP) is a cryptographic method by which one party (the prover) can prove to another party (the verifier) that a statement is true — without revealing any information beyond the validity of the statement itself.
The classic analogy is the Ali Baba cave: Peggy wants to prove to Victor that she knows the secret password to open a door deep inside a circular cave, but she doesn't want to reveal the password. Victor waits outside while Peggy enters the cave and takes one of two paths (A or B). Victor then shouts which path he wants her to return from. If Peggy knows the password, she can always return from the requested path — whether she went in through A or B — because she can open the door from either side. If she doesn't know the password, she has a 50% chance of guessing correctly each round. After 20 rounds, the probability that she is guessing is 1 in 2^20 — less than one in a million.
Victor is convinced that Peggy knows the password, but he has learned nothing about the password itself. That is a zero-knowledge proof.
In cryptographic terms, a ZKP must satisfy three properties:
1. Completeness — If the statement is true, an honest prover can convince an honest verifier
2. Soundness — If the statement is false, no cheating prover can convince an honest verifier
3. Zero-Knowledge — The verifier learns nothing beyond the validity of the statement
ZK-SNARKs, ZK-STARKs, and the ZK Landscape in 2026
The two dominant ZK proof systems in 2026 are ZK-SNARKs and ZK-STARKs.
ZK-SNARKs (Zero-Knowledge Succinct Non-Interactive Argument of Knowledge)
- Small proof sizes (~200 bytes)
- Fast verification (~10ms)
- Requires a trusted setup ceremony
- Used by: zkSync, Polygon zkEVM, Mina Protocol, Worldcoin
ZK-STARKs (Zero-Knowledge Scalable Transparent Argument of Knowledge)
- Larger proof sizes (~50-200KB)
- Slower verification but no trusted setup
- Post-quantum secure
- Used by: StarkNet, StarkEx, Polygon Miden
For identity applications, the choice between SNARKs and STARKs involves tradeoffs:
- SNARKs: better for mobile/on-device proving (small proofs, fast)
- STARKs: better for high-security, post-quantum, no-trust-setup scenarios
MyShape uses a recursive SNARK composition scheme: the Motion-Signature extraction and PES scoring happen on-device, then a SNARK proves "the PES exceeds threshold" without revealing the motion data, the raw PES value, or any biometric information. The proof is ~250 bytes and verifies in under 10ms.
How ZK Transforms Digital Identity
Traditional identity verification follows a "present everything, verify one thing" model. When you show your driver's license at a bar, the bouncer sees your name, address, date of birth, license number, and photo — when all they need to verify is "are you over 21?" That is a privacy failure.
ZK identity inverts this to "present nothing, verify one thing":
Selective Disclosure
Prove "I am over 21" without revealing your birth date. Prove "I am a citizen" without revealing which country. Prove "I have a valid credential" without revealing the credential's contents or issuer.
Unlinkable Verification
Each ZK proof is generated fresh. A verifier cannot link two proofs to the same person — even if the same credential is used both times. This prevents tracking and profiling across services.
No Central Database
The verifier never stores raw identity data because they never receive it. They receive only a proof. If the verifier's database is breached, there is nothing to leak — because there was never anything stored.
This model is not theoretical. Billions Network (formerly Polygon ID) enables ZK age verification for Deutsche Bank. Worldcoin uses ZK to prove unique personhood without storing iris data. MyShape extends ZK to the physical layer: proving that a human is physically present and generating authentic motion — without ever seeing their face, body, or movement data.
ZK-Presence: Proving You Are Human Without Surveillance
ZK-Presence is MyShape's application of zero-knowledge proofs to physical presence verification. The problem it solves is: how do you prove that a human is physically generating motion at this moment, without creating a surveillance system?
The answer is a two-stage ZK architecture:
Stage 1 — On-Device Motion Analysis
Your camera captures your motion. MediaPipe extracts 33 body landmarks. The SST reduces these to 18 geometric points. The PES engine computes four entropy sub-scores. All of this happens on-device. No data leaves your device.
Stage 2 — ZK Proof Generation
A ZK circuit takes the PES result as a private input and proves: "PES > threshold AND motion was captured within the last 5 seconds AND the motion exhibits biological entropy characteristics." The proof is ~250 bytes. The verifier receives only this proof — not the PES value, not the motion data, not your face, not your identity.
What the verifier learns: "A human was physically present at time T."
What the verifier does NOT learn: who that human is, what they look like, or any raw motion data.
This is the categorical difference between ZK-Presence and biometric verification. Biometrics say: "show us your body, and we'll verify you." ZK-Presence says: "prove you can move like a human, without ever showing us who you are."
Why ZK Identity Matters Now
Three forces make ZK identity the most important cryptographic technology of 2026:
1. AI Impersonation
Generative AI can now produce convincing fake video, voice, and behavior. Static identity verification — a selfie, a document scan, a voice sample — is trivially defeated. ZK proofs add a layer that AI cannot bypass: the proof is generated locally from a physical signal that AI cannot forge. If the proof verifies, the signal was authentic — regardless of what the camera feed looked like.
2. Regulatory Privacy
GDPR, CCPA, and emerging AI regulations increasingly restrict the collection and storage of biometric data. ZK identity enables compliance by design: if you never collect the data, you cannot violate data protection laws. ZK-Presence is GDPR-compliant by construction.
3. Cross-Platform Sovereignty
As digital life fragments across chains and platforms, users need identity that is both verifiable and private. A ZK proof generated on your phone should be verifiable on Ethereum, on Solana, on a private enterprise network — without any platform learning who you are. ZK enables universal verifiability with zero data leakage.
The ZK identity stack is the privacy layer that Web3 promised and Web2 never delivered.
Continue Reading
Experience ZK-Presence
See zero-knowledge identity verification in action. The Motion Demo generates a real ZK proof of presence — entirely on-device.