Back to guides

What Are Zero-Knowledge Proofs?

beginner5 min

The Problem

Imagine you need to prove to a bank that your income exceeds $100,000 — but you don't want to reveal your exact salary. Or you need to prove to an auditor that your carbon emissions are below a regulatory threshold — without handing over your raw operational data.

Today, verification requires disclosure. You prove things by showing everything. Zero-knowledge proofs change that equation.

What Is a Zero-Knowledge Proof?

A zero-knowledge proof (ZKP) lets you prove a statement is true without revealing any information beyond the truth of the statement itself.

Three properties define a ZKP:

CompletenessIf the statement is true, an honest prover can always convince the verifier.
SoundnessIf the statement is false, no cheating prover can convince the verifier (except with negligible probability).
Zero-KnowledgeThe verifier learns nothing beyond the fact that the statement is true.

How Minerva Uses ZK Proofs

Minerva implements ZK-STARKs (Zero-Knowledge Scalable Transparent Arguments of Knowledge) using the Winterfell proving library. Here's the flow:

1.**Define a circuit** — A set of arithmetic gates (add, multiply, compare) that encode your claim
2.**Supply private inputs** — Your secret data (salary, emissions, revenue)
3.**Generate a proof** — Minerva's STARK prover creates a cryptographic proof
4.**Verify** — Anyone with the proof and public inputs can verify it — without seeing your private data

A Concrete Example

Claim: "My quarterly revenue exceeds $1,000,000"

Circuit:

Input: revenue (private), threshold (public = 1000000)
Gate: gt(revenue, threshold) → result
Output: result must equal 1 (true)

What the verifier sees: A proof blob + the public threshold ($1M) + confirmation that the proof is valid.

What the verifier does NOT see: Your actual revenue figure.

Why STARKs?

Minerva uses STARKs over SNARKs for three reasons:

1.**No trusted setup** — SNARKs require a ceremony to generate parameters. If compromised, all proofs are invalid. STARKs need no setup.
2.**Post-quantum secure** — STARKs rely on hash functions, not elliptic curves. They're resistant to quantum computing attacks.
3.**Transparency** — All parameters are publicly verifiable. No hidden assumptions.

Next Steps

[Generate your first proof →](/guides/your-first-proof)
[Understand circuits and gates →](/guides/understanding-circuits)
[Browse templates →](/templates)
← More guides