Post preview.

Zero-knowledge proofs are quietly infrastructure now: rollups, credentials, privacy coins. What they actually do, minus the conference-stage adjectives, and why a builder should care.

The trick: prove a statement is true without revealing the thing that makes it true. Prove you know the password without typing it. Prove a transaction is valid without showing sender, receiver or amount. The verifier learns exactly one thing: yep, checks out.

Picture a sealed envelope handed to a postal inspector who confirms the postage is paid and the address is valid without opening it. A zk-SNARK is that inspection, except the maths makes lying impossible rather than rude.

In a shielded Zcash transaction the witness is your spending key, the note, the recipient, the amount. The proof says a valid unspent note exists in this tree, I can spend it, the output is correct, the values balance. The network checks it. None of it touches the chain.

The Merkle tree is why the anonymity set is the whole pool. Every shielded note commits into the tree. Your proof points at the root, not your leaf. The verifier confirms you know a valid path without ever learning which leaf is yours.

Same primitive, other jobs: rollup validity proofs, age checks with no date of birth, trust-minimised bridging, credentials. ZK is not a privacy-coin hobby. It is a general integration primitive for proving things without spilling them.

The honest limits: proofs are heavier than a normal transaction, which is why Private Mode costs a little time. ZK hides the data inside the proof, not the fact one happened. Timing at the edges still applies. Know what the proof covers and what is still your OPSEC to carry.