Mina Protocol review: a better future

Note: Mina’s full name is Mina Protocol. But from now on I’ll just refer to it as Mina… to keep it… succinct.

Note two: The type of zero-knowledge proofs Mina uses are called zk-SNARKs. Pretty much every time I say “zero-knowledge proof” I mean zk-SNARK. It’s just that zk-SNARK is a very long acronym.

One of the biggest societal issues right now is digital privacy.

It may not sound that important, but it permeates just about everything we do.

We are forced to share dangerous facts about our lives with every company, software or service we interact with on the internet.

Actually, not just the internet…

Try opening a bank account without letting them take a record of your ID.

Try booking a flight without giving the airline a digital copy of your passport.

Try using any kind of financial service without giving them your name, driving license/passport, proof of address and usually a bank statement or two.

Fair enough. Maybe that’s the price we have to pay for using these companies’ services.

But the thing is, these companies never hold up their end of the bargain. They don’t keep our dangerous data safe.

Every other week a financial institution, airline, credit rating agency, medical trust – you name it – gets hacked.

And when they do, they inadvertently leak our dangerous data to people looking to do dangerous things with it.

These dangerous things include, but certainly aren’t limited to fraud, identity theft, extortion and good old fashioned robbery.

On the other side of the coin, leaking our slightly less dangerous data to the highest bidder is literally the business model of many of today’s biggest companies. Just look at Facebook and Google.

The way they make money is to provide us with a “free” service in return for collecting all of our data, which they then sell on to advertisers.

That’s just the way the world works now. We accept it because there isn’t another way to live in today’s world.

Sure, it would be nice if we didn’t get five spam calls a day because Facebook accidentally leaked 533 million people’s phone numbers to hackers.

Sure it would be nice if we didn’t get told by British Airways that we should cancel our credit card because they leaked it in a 500,000-person hack.

Sure it would be nice if we didn’t have to watch out for people trying to break into our homes and torture us for our crypto because Ledger leaked 272,000 customer names and addresses.

But what are you going to do?

We have to give them our data or we can’t use their services.

We know they will lose it. We know we will not be compensated when they do. And we know the same thing will happen again and again and again.

What if there was another way?

What if you could prove your address without ever telling a company where you live?

What if you could prove your identity without ever letting a company see your passport?

What if you could prove your income without ever giving a company your bank statement?

What if you could login to any service on the internet without ever giving away your name, email address or phone number?

And to take this idea even further…

What if you could vote in a general election without ever telling anyone your identity?

All of this and more is possible through something called zero-knowledge proofs.

Mina took the idea of zero-knowledge proofs and built its entire architecture around them.

And this unique approach is what makes Mina a stand-out crypto in a sea of also-rans.

All of those ideas I just listed… Mina is already developing applications for them.

It’s carving out its own niche in the world of crypto. One that over time could (and should) become central to our lives.

But I’m getting a bit ahead of myself here.

First let’s take a step back and explore what “zero-knowledge proofs” are and why they are such a game changing technology.

If you’ve followed my writing for a few years, you may have heard me talking about them before. But don’t worry if not, here’s what you need to know…

Proof without proof is the next evolution of the internet

Over the last year or so hacking and ransomware attacks have become front-page news.

If you pay attention to the news at all, you’ll probably remember the Colonial Pipeline ransomware attack earlier this year.

From the New York Times:

The company [that runs the Colonial Pipeline] pre-emptively shut down its pipeline, which stretches from Texas to New Jersey and delivers nearly half of the transport fuels for the Atlantic Coast, setting off a cascading crisis that forced some airlines to make fuel stops on long-haul flights and led to emergency meetings at the White House, a jump in gas prices and panic buying at gas pumps.

Eventually the $5 million ransom was paid (and later mostly recovered by the FBI) and things went back to normal.

But this is a problem that’s been building for years now.

In 2017 the credit rating agency Equifax was hacked and the dangerous data of 148 million people was leaked.

In 2018 British Airways was hacked and the dangerous data of 500,000 customers was leaked – including their credit card numbers.

How can zero-knowledge proofs help with this?

Well, I actually wrote a lot about this back in September 2018. I wrote a whole Crypto Wire issue calling it “privacy’s moment of clarity”. It wasn’t. But it’s getting there.

I’m going to republish a big section of that here because what I talked about is literally what Mina does.

Privacy’s moment of clarity

The “incidents” have been piling up.

It’s not just data breaches, but also how our data is being used.

I wrote last month about the problem of online advertising and how our data is harvested, sold on and used against us.

But it’s not just advertising. It’s the very systems we all use in our day-to-day lives.

A year or so ago barely anyone thought about all the personal data they had granted Facebook access to. Now you can’t move for hit pieces exposing Facebook, Google, Amazon et al’s shady data practices.

The tide is changing.

People are taking a step back and gaining a different perspective on privacy.

With every hack that happens, with every data scandal, with every big tech misstep, the need for a different approach to privacy is highlighted.

Basically, we need to stop sharing our personal information with companies and institutions alike.

That way, when they get hacked, it doesn’t matter to us. They lose money, but we don’t lose anything. We don’t end up paying for their mistakes, as we currently do.

Here’s how it will work.

Proof without proof

One of the key developments in crypto is zero knowledge proofs.

These basically let you prove you have certain data without ever showing anyone that data.

So, say you want to prove you’re allowed to leave the country to British Airways, but you don’t want them to have your passport details on file, in case they get hacked again.

Instead of giving them your passport details, you give them proof that you own your passport and are able to fly.

Without giving your actual passport details, this may sound impossible, but it’s not.

Or say you ring a call centre to transfer money between your bank accounts.

Instead of giving the call operator your name, address, account number, etc. you just give them proof you have all of that information, but you never give them any of the information itself.

If the call operator is looking to steal your money or sell your information on, they can’t. They don’t actually have any information on you.

This proof all happens automatically, you don’t have to do anything. You just login to your identity app.

This means you can prove your identity to any company without ever giving them any information about you.

If they get hacked, it doesn’t matter. They don’t actually have any of your personal information, just a line of computer code that proved you are who you say you are. The hacker can’t use it for anything.

It sounds like magic, but it’s actually very simple.

It’s actually not simple at all. I may have been a bit over enthusiastic back then. But the concept is simple.

Here’s a video from Mina explaining how zero-knowledge proofs work.

And if you don’t like videos, here’s a very similar written explanation that I’ve edited a bit from Wikipedia:

Where's Wally? is a picture book where the reader is challenged to find a small character called Wally hidden somewhere on a double-spread page that is filled with many other characters. The pictures are designed so that it is hard to find Wally.

How would you prove that you had managed to find Wally without letting anyone else playing know where he is?

Or to put it another way, how would you prove you knew where Wally was while giving everyone else zero knowledge about where he was?

The proof goes as follows: you ask the other players to turn around, and then you place a very large piece of cardboard over the picture such that the center of the cardboard is positioned over Wally. You cut out a small window in the center of the cardboard such that Wally is visible. You can now ask other players to turn around and view the large piece of cardboard with the hole in the middle, and observe that Wally is visible through the hole. The cardboard is large enough that they cannot determine the position of the book under the cardboard. You then ask the other players to turn back around so that you can remove the cardboard and give back the book.

So in theory, if we could employ zero-knowledge proofs in our interactions with companies and financial institutions, we wouldn’t ever have to worry about our data being leaked.

Even if the companies we dealt with were hacked, they wouldn’t actually have any of our dangerous data.

It’s like I said in 2018:

If they get hacked, it doesn’t matter. They don’t actually have any of your personal information, just a line of computer code that proved you are who you say you are. The hacker can’t use it for anything.

Well since 2018, Mina has taken this idea and built an entire crypto around it.

As Mina says, “Why should we live in a world where we need to share all of our information with hundreds of different companies, with no guarantee the data will be safeguarded?”

But believe it or not, this privacy aspect isn’t even Mina’s biggest selling point.

Mina’s entire blockchain is only 22kb in size – smaller than a Word document

Mina markets its ridiculously small size as its biggest selling point.

While the Bitcoin blockchain, for example, currently sits at 370GB and is growing every day:

Mina is 22kb.

And because of those zero-knowledge proofs, it will only ever be 22kb, no matter how many transactions or applications it handles.

Remember floppy disks?

They held 1.44MB.

So you could fit 65 Mina blockchains on a floppy disk.

How many floppy disks would it take to store the Bitcoin blockchain?

About 257,000.

Oh, and Ethereum’s blockchain is currently around 1TB… or around 694,000 floppy disks.

And other blockchains like Solana are growing at an even faster rate than Ethereum.

Now, of course, we don’t use floppy disks to store information anymore. But Mina’s super-small size means that anyone, anywhere can download and verify it.

That – in theory – makes it much more secure, decentralised and censorship resistant than just about any other crypto out there.

And remember, decentralisation and censorship resistance are what separate blockchain technology from everything that’s come before it.

I covered this in detail in my “Everything you need to know about crypto in one essay” essay.

From that essay:

The maths, the computer code, and the networks that enable crypto are complicated. But the core idea of crypto is a simple one: decentralisation.

This is how Satoshi Nakamoto began the first ever public communication about Bitcoin:

“I've been working on a new electronic cash system that's fully peer-to-peer, with no trusted third party.”

Decentralisation takes the power away from central authorities and spreads it out among the people.

It’s like going from feudalism to democracy.

In terms of finance, we relied on these central authorities to make sure everything ran smoothly. Paying them for this service was only fair.

But, as the famous line goes, “power tends to corrupt, and absolute power corrupts absolutely.”

And over the course of the 20^th century, as these central authorities, these financial institutions, became more powerful, they also tended to become more corrupt.

By decentralising financial systems, it takes the power away from financial institutions and puts it into the hands of those using the system.

No longer is the system owned and run by a powerful third party, but by its participants. It is peer-to-peer.

But, as Mina points out, most cryptos today really aren’t that decentralised. The power and storage requirements to secure them are too high for the average person to afford.

From Mina’s technical whitepaper:

At the time of this writing [March 2020], Bitcoin’s blockchain is over 250 GB and contains over 500 M transactions. Downloading and verifying this history takes days on a typical laptop. These resource requirements deter most users from running a full node that stores and verifies the blockchain. The number of full nodes in Bitcoin is not growing despite its increasing popularity over time. Instead most users run a light node, verifying only block headers but not transactions, or an ultralight node verifying nothing and relying on trusted advice from a trusted server. This undermines decentralization as most clients rely on trust rather than independent verification. It also undermines performance: block size (and therefore transaction throughput) is artificially capped in part to mitigate the burden of verification.

Mina’s raison d'être

That brings us nicely to Mina’s main selling point.

I’ll let Mina explain its own reason for being.

From Mina’s economics whitepaper:

While blockchains enable rapid tamper detection, they do not provide rapid evidence of correctness. In fact, each time a new participant joins the network, they must check every transaction since the beginning of the network to verify correctness. This requirement grows linearly with total transaction throughput and quickly becomes out of reach for most real-world users on resource constrained devices like smartphones.

In this way, as cryptocurrencies become more popular and widely used, they end up victims of their own success, becoming increasingly inaccessible to their users who in turn are required to trust intermediaries.

Recursive zk-SNARKs provide a solution to this dilemma. Similar to how blockchains enable constant-time tamper-evidence of a historical ledger, recursive zk-SNARKs enable constant-time correctness-verification of a historical ledger. Instead of each participant on the network verifying historical transactions for themselves, the network collaborates to generate proofs-of-correctness for transactions (zk-SNARKs), and then shares those around the network. So instead of end users trusting intermediaries to provide accurate information about the state of the ledger, they are given the state along with a zk-SNARK which cryptographically guarantees that state is accurate.

In short, Mina Protocol replaces the blockchain with an easily verifiable proof.

So basically, Mina produces a proof that its blockchain is as it should be and then full nodes only need to verify that proof and not a whole blockchain.

You could think of it as a kind of data compression…

which was another angle I nearly went with for my intro on Mina: how compression has enabled most of the technology we use every day.

Netflix, Spotify… streaming itself is only possible because of advances in data compression.

But anyway…

The key takeaways here are that Mina enables privacy, decentralisation and censorship resistance in one tiny package.

It also – in theory – is highly scalable, but as we’ll see in our tech section, there is no real-world evidence of its scalability yet.

Right, with that 3,000-word preamble out of the way, let’s get into the actual scoring.