“…In the decades since their introduction, zero-knowledge proofs have been used to support a wide variety of potential applications, ranging from verifiable outsourced computation [11,16,24,59] to anonymous credentials [6,27,28,32,39], with a multitude of other settings that also require a balance between privacy and integrity [17,19,29,31,36]. In recent years, cryptocurrencies have been one increasingly popular real-world application [10,44,52,57], with general zero-knowledge protocols now deployed in both Zcash and Ethereum.…”