Zksnarks vs Zkstarks: main differences

Zksnarks vs Zkstarks: main differences

By bit.team

Decentralization is the basis of the crypto space. Cryptocurrencies can support the execution of financial and value transactions on the blockchain network. On the other hand, a decentralized approach to financial exchanges without any trusted intermediary leads to problems with the security of digital assets. Therefore, zero-knowledge protocols have become a formidable solution to the problems of confidentiality and privacy on cryptocurrency platforms.

However, the choice of zero-knowledge technologies turned out to be a difficult decision for many professionals in the cryptocurrency world. Naturally, anyone will look for a better alternative among the protocols. Let’s figure out together what the ZK-SNARK and ZK-STARK technologies are, as well as the noticeable differences between them.

Before you start, you should have a basic understanding of the background of Zero Knowledge Proof (ZKP) technologies.

The growth of cryptocurrencies has led to an inevitable increase in the popularity of zero-knowledge proof technologies. According to Coinmarketrate.com they have served as a vital tool for use in cases focused on privacy protection along with verifiable computing.

The fundamentals of zero-knowledge proof Technologies (ZKP) serve as common accents in comparing Zksnarks and zkstarks. Here are three important characteristics that can be found in ZKP.

  1. Perfection

Perfection is the main aspect of ensuring confidentiality and privacy in the blockchain. It implies that the examiner can identify any inconsistency on behalf of the prover.

  1. Completeness

Completeness implies that in ZKP technologies, verifiers have confidence in the reliability of the data.

  1. Zero-Knowledge

The last and most important feature of zero-knowledge protocols refers to the zero-knowledge attribute. It implies that in the case of a true statement, the verifier will not find out the details of this statement. On the contrary, the verifier will only know that the statement is true.

Simply put, zero-knowledge proof technologies help one party prove to the other party that it knows something without disclosing information. For example, you don’t need to show your date of birth to prove that you are over 18 years old. Quite fascinating, isn’t it? However, the disputes between zkstarks and zksnarks have recently attracted huge attention in the cryptocurrency space.

Both technologies are important representatives of the ZKP family of technologies with unique features that enhance privacy. Both technologies help reduce the amount of information shared by users, along with the benefits of scaling technology. ZKPs help to verify evidence faster, since they do not store the full amount of information in public systems. And so, what are their differences?

Differences between ZK-SNARK and ZK-STARK

The two most well-known zero-knowledge proof technologies on the market at the moment are ZK-SNARK and ZK-STARK.

ZK-STARK stands for Zero-Knowledge Scalable Transparent Argument of Knowledge. On the other hand, ZK-SNARK stands for Zero-Knowledge Succinct Non-interactive Argument of Knowledge. Both of these technologies are the most attractive zero-knowledge technologies currently available on the cryptocurrency market.

Both of them are the most important aspects in the developing ZKP technology base. It should also be noted that both protocols are practically non-interactive, thereby implying opportunities for autonomous actions and code deployment.


The earliest among zero-knowledge technologies, ZK-SNARK developed as a reliable option for improving security in ZKP technologies. The basic design of these protocols revolved around the use of elliptic curves to enhance security. Elliptic curves serve as a vital element in cryptography for efficiently finding the discrete logarithm of a random element of an elliptic curve. But, let’s not dive into the complex wilds of cryptography.

The term ZK-SNARK is a compressed non-interactive knowledge argument, and you can separate each term to understand ZK-SNARKS. By “conciseness”, ZK-SNARK means a smaller size of evidence and fast verification. The old versions of the ZKP protocols required interaction between the verifier and the verifiable. However, the factor of “non-interactivity” in ZK-SNARK implies a limited or almost complete absence of interaction between the verifier and the verifiable.

Now, part of the abbreviation ZK-SNARK “arguments of knowledge” supports the integrity of the computing system. A dishonest examiner would have little chance of success without actual arguments of knowledge to support his claims. Thus, systems based on ZK-SNARK can provide consistency along with assumptions about the limited computing power of the verifier.


Another prominent player, ZK-STARK, is also one of the recent additions to the ZKP protocol family. It appeared in 2018 with a notable focus on hash functions for its cryptographic fundamentals. ZK-STARK stands for zero-knowledge scalable transparent argument of knowledge, and the term itself gives a lot about its functionality.

First of all, we can note the aspect of “scalability”, which serves as an essential factor for overcoming the limitations of transaction throughput. In addition, it does not need an initial trust setting, thereby clearly confirming the “transparency” aspect.

In principle, ZK-STARK offers a simpler structure when considering cryptographic aspects. Moreover, the use of simpler cryptographic mechanisms using collision-resistant hash functions can also provide effective security.

Differences between ZK-STARK and ZK-SNARK

A review of both zero-knowledge protocols presents them in a good light in their respective fields. However, it is important to identify specific points that distinguish them from each other.

ZK-SNARK presents some of the problems that led to the development of ZK-STARK. However, this does not mean that the protocol is outdated in the existing crypto space. Notable problems associated with ZK-SNARK prevent them from gaining popularity in the mainstream crypto sphere. There are significant differences that can be found when comparing Zkstarks and zksnarks.

  • Transparency

The main highlight in the scalable ZK-STARK is transparency. In the case of ZK-SNARK, you will have to go through the mandatory stage of trust configuration. For example, one of the well-known cryptocurrencies using ZK-SNARK, i.e. Zcash, requires users to install the Genesis block along with assuming obligations for its security.

Although the initial setup stage may seem like a formality, it has many hidden consequences. For example, users are forced to trust the initial stage of configuration along with the parties involved in the creation of the system. In such cases, ZK-SNARK is not the best of zero-knowledge protocols, given the fact that the initial setup stage could have been compromised or will be compromised in the future.

On the other hand, ZK-STARK does not require an external trusted configuration step. They offer randomness with the possibility of public verification, thereby preventing any party from obtaining the settings. Public verification of evidence with anonymity also avoids the creation of false evidence.

  • Scalability

You have the opportunity to enjoy better scalability with ZK-STARK, compared to ZK-SNARK. In what way? In fact, many ZK-SNARK problems have been solved in ZK-STARK, which imposed limitations on scalability.

First of all, algebraic representations and related computational tasks in generating and verifying proofs are reduced. Optimizing code to reduce arithmetic and computational complexity provides an ideal foundation for improving scalability.

Reducing the arithmetic complexity of ZK-STARK makes them the winner in the dispute between zksnarks and zkstarks. They are almost 8-10 times faster than ZK-SNARK in terms of the amount of computation required to generate proofs. In addition, they use the FRI algorithm and the new FFT algorithms as add-ons to speed up the verifier’s running time.


  • Security against quantum attacks

Another notable point concerns resistance to quantum attacks. ZK-SNARKs depend on private-public encryption approaches such as ECDSA and RSA to create private-public key pairs. The growth of quantum computing has led to the development of new algorithms that can compromise such encryption approaches.

On the other hand, ZK-STARK uses collision-resistant hash functions and random oracle models. They also use Merkle trees to increase resistance to quantum attacks. Cryptographic primitives help to increase ZK-STARK’s resistance to quantum computing attacks.


The final conclusion from the comparison of Zkstarks and Zksnarks obviously presents ZK-STARK in a positive light. They offer better scalability, transparency and security compared to ZK-SNARK. However, it is also important to note that ZK-STARK have a larger proof size and require more time to verify.

In addition, ZK-SNARK also requires 24% of the gas required for transactions with ZK-STARK. Thus, it can be noted that both zero-knowledge technologies have their own unique value propositions. While one is well developed, has a full-fledged community, documentation and resources, the second is still at an early stage.