Background
I spent nearly two years at the Ethereum Foundation's Privacy and Scaling Explorations group, supporting protocols like zkEmail, tlsNotary, and Semaphore. This guide simplifies the cryptographic technologies behind private, sovereign systems for builders, researchers, and the curious.
What you'll learn
- A working mental model for ZK, MPC, and FHE
- How each one operates under the hood
- Real-world use cases and where to look for working examples
What is ZK, MPC, and FHE?
Zero-knowledge proofs (ZK)
Zero-knowledge proofs let you demonstrate knowledge of information without revealing the information itself. The classic Alice-and-Bob cave illustrates the idea: Bob randomly challenges Alice to exit from specific paths. If she consistently succeeds without revealing the passcode, he gains statistical confidence that she knows it.
In real systems, problems are encoded as polynomial equations. Instead of exposing raw inputs, provers create mathematical proofs that polynomials hold under specific conditions — verifying 3x + 2 = 12, for instance, without revealing that x = 3.333.
Roles: the prover knows the secret; the verifier seeks conviction.
Multi-party computation (MPC)
MPC lets multiple parties collaborate on privately shared inputs without revealing sensitive information. The Millionaires problem illustrates this: a group of wealthy individuals determine who is richest without exposing their actual net worth.
Participants submit encrypted data to an MPC platform, which computes results without revealing individual inputs. Outputs decrypt only when a threshold of participants agrees. Real-world examples include Safe, which uses thresholding to authorize transactions without exposing individual signers.
Fully homomorphic encryption (FHE)
FHE allows computations directly on encrypted data — no decryption required. Imagine sharing an .env file with ChatGPT: you encrypt the input, the model computes on ciphertext, and only you can decrypt the result. The model never sees the secrets.
Technically, FHE supports special mathematical operations that preserve structure while data remains unreadable. Inputs encrypt under a public key, computation runs entirely on ciphertext, and only the private-key holder decrypts the final output. You can offload work to untrusted environments — cloud servers, third-party processors — while keeping data confidential.
Use cases
Zero-knowledge proofs
Privacy-preserving credentials with zkTLS: users prove claims about online activity — income, employment — without revealing the underlying data. See cr3dentials.xyz and self.xyz.
Decentralized on/off-ramps with zkTLS: demonstrate KYC completion without exposing full identity. See zkp2p.xyz.
Anonymous voting and governance: eligible users vote, choices stay private — particularly valuable for DAOs. See maci.pse.dev.
Multi-party computation
Matchmaking and dating: two people verify compatibility without revealing personal details to the platform or each other unless there's a match.
Collaboration between competitors: insurance and other industries share insights and detect fraud without exposing customer data — joint statistics, no leakage.
Threshold wallet recovery and access: key shards distribute across parties; reconstruction requires threshold approval. See safe.global.
Fully homomorphic encryption
Federated learning: hospitals contribute encrypted data to train shared models, preserving privacy and reducing bias.
Private cloud analytics: companies run analytics on encrypted customer data stored in clouds they don't fully trust; decryption happens locally.
Secure outsourcing: offload expensive computation without surrendering confidentiality.
The new cryptographic stack
These technologies form the foundation of a new cryptographic stack — one that prioritizes privacy, security, and collaboration without compromise. They frequently combine in production: ZK with MPC enables private computation with correctness proofs; MPC with FHE allows multiple parties to compute on encrypted data.
Applications span income verification without exposing statements, multi-signer wallet security, and encrypted health-data model training. The lesson: privacy is not the opposite of utility. It's part of it.
Originally published at cr3dentials.xyz.