Sui is bringing private transactions using ZK-SNARKs. As a Move security researcher, I need to understand this tech deeply — not just what it does, but how it works under the hood. This is week 1 of my ZK learning journey at the Rare Skills ZK Bootcamp.
I'm a full-time independent security researcher specializing in Move — both Aptos and Sui. If you've read my previous posts, you know I've been deep in the Move audit contest space, finding bugs in protocols like AAVE's Aptos deployment.
But something caught my attention recently. Sui announced that they'll be introducing native private transactions in 2026, powered by ZK-SNARK cryptography. This isn't an opt-in feature — they're planning to embed privacy directly at the protocol level, where on-chain activity stays private by default but can be selectively disclosed for compliance.
Here's the thing: Sui already uses Groth16 (a ZK proof system) under the hood for zkLogin — their system that lets users authenticate with Google/Apple credentials instead of seed phrases. The ZK infrastructure is already there. Private transactions will build on top of it.
As a Move security researcher, I can't audit ZK-powered systems if I don't understand how ZK works. Not at a surface level — at the protocol level. I need to understand the math, the proof systems, the attack surfaces. That's why I enrolled in the Rare Skills ZK Bootcamp, which started on February 19th.
I'll be documenting my entire learning journey here. Every session, every concept, broken down in plain language. If you're a security researcher or developer curious about ZK, follow along — we're learning this together.
Our instructor is João Paulo Morais — PhD in physics, 12+ years studying ZK, background in both theoretical physics (black holes, no less) and software development. The cohort is a mix of security researchers, blockchain devs, and folks from academia.
The session covered three things: a high-level overview of what ZK actually is, the course roadmap, and an intro to modular arithmetic. Let me break each one down.
ZK started in 1985 with a paper by Goldwasser, Micali, and Rackoff. They introduced two revolutionary ideas: interactive proofs and zero-knowledge proofs. Together, these concepts changed mathematics and computer science.
In the blockchain world, ZK gets used for two fundamentally different things — and this distinction matters:
Fun fact: "ZK Rollups" is technically a misleading name. They don't use the zero-knowledge property at all — they only use the succinct verification part. A more accurate name would be "validity rollups." But the name stuck, and here we are.
Sui's upcoming private transactions will use both properties — privacy (hiding transaction details) and succinct verification (keeping the chain fast). That's why understanding the full picture matters.
The course goal is to code a proof system called Groth16 completely from scratch. Groth16 is a type of ZK-SNARK. Let's break that acronym down:
The "non-interactive" part is key for blockchains. The original ZK protocols were interactive — the prover and verifier had to go back and forth. But on a blockchain, there's no one to interact with. So ZK-SNARKs use a clever trick: they simulate the verifier, so the prover can generate the proof alone.
There's a whole zoo of proof systems — Groth16, PLONK, STARKs, Bulletproofs, Marlin, and more. The course teaches Groth16 because:
João made an interesting point: if you go to a blockchain conference and ask privacy-focused teams which proof system they use, most will say Groth16. The reason? It's the shortest and fastest. Even teams using STARKs for the heavy computation often use Groth16 as the final wrapper to compress the proof down.
The rest of the session covered modular arithmetic — the math foundation that everything in ZK is built on. If you've never seen this before, think of a clock.
Clock analogy: On a 12-hour clock, 13 o'clock = 1 o'clock. The numbers "wrap around" at 12. That's modular arithmetic — you do math, then take the remainder after dividing by some number (the modulus).
In ZK, we work with finite fields — a set of numbers from 0 to P-1, where P is a prime number, and we can do addition, subtraction, multiplication, and division. All operations wrap around at P.
Addition and multiplication are intuitive. For example, with P = 11:
Division is the hard part. In a finite field, "7 ÷ 5" means "7 × (the multiplicative inverse of 5)." The multiplicative inverse of 5 is whatever number, when multiplied by 5, gives 1 mod P. For P = 11, the inverse of 5 turns out to be 9, because 5 × 9 = 45, and 45 mod 11 = 1.
Finding these inverses isn't obvious — you can use either the Extended Euclidean Algorithm or Fermat's Little Theorem. But in practice, we use libraries.
Two tools we'll use throughout the course:
pow() is for quick one-off calculations. The Galois library is for structured work — especially later when we work with polynomials, which are central to how ZK proofs actually work.
The bootcamp is structured as ~13-14 weeks, split into two halves:
The end goal? Write a complete Groth16 ZK proof system from scratch in ~80-100 lines of Python, plus a Solidity verifier contract (like the one in Tornado Cash). No magic. Pure math, fully understood.
Next week we go deeper into modular arithmetic, additive/multiplicative inverses, and start touching abstract algebra. I'll document everything here in the same format — concepts broken down simply, with code examples you can try yourself.
If you're a security researcher curious about ZK, this is your invitation to follow along. You don't need a math PhD. You just need the willingness to sit with the discomfort of not understanding something — and then push through it.
As João said: "It's not magic — it's math. Really clever math, but math."
Week 1 done. 13 more to go. Let's build this from zero. 🧠