How Polybase Harnesses ZK Proofs


Sid Gandhi

May 31, 2023


In the realm of web3 and decentralized technologies, there is a growing need for solutions that can reconcile privacy with transparency, and scalability with security. Polybase, a decentralized database protocol, aims to meet these needs by leveraging the power of zero-knowledge (ZK) proofs. In this article, we're going to delve into the technicalities of how Polybase uses ZK proofs.

What are ZK proofs?

Before we dive into Polybase's application of ZK proofs, let's define what these proofs are. Zero-knowledge proofs are cryptographic methods that allow one party (the prover) to prove to another party (the verifier) that they know a value x, without conveying any information apart from the fact that they know the value x. Our CTO, Calum wrote a more detailed overview of Zero-Knowledge proofs and rollups.

ZK proofs in Polybase's Full Stack Decentralization

Polybase achieves full stack decentralization using separate ZK proofs for different parts of the database stack, including the state rollup, permissions, and consensus. This approach allows for a publicly verifiable system without the need for an inefficient large validator network, a typical requirement in many decentralized systems.

The state rollup uses ZK proofs to batch multiple state transitions into a single proof, drastically improving scalability. In the context of permissions, ZK proofs are used to validate access rules without revealing sensitive information. Finally, in consensus, ZK proofs help ensure that all nodes follow the protocol rules, maintaining the integrity and trustlessness of the system.

Powering Privacy with zk-STARKs

Polybase uses a specific form of ZK proofs known as zk-STARKs (Zero-Knowledge Scalable Transparent Arguments of Knowledge) to power its privacy features. Zk-STARKs provide a high level of security without the need for a trusted setup, and they are post-quantum secure, meaning they're resistant to attacks even from quantum computers.

Leveraging zk-STARKs, Polybase can enable the public verification of data and business logic while keeping the actual data private. Users can publicly prove attributes of their private data without revealing the data itself. This concept promotes self-sovereign data and upholds user privacy, which is a key concern in the web3 space.

Polylang: Making Permissions Verifiable

Polybase takes a unique approach to database permissions with Polylang. Permissions are written in Polylang, a subset of TypeScript, which are then compiled down to ZK circuits. ZK proofs can then be produced to verify that the permissions code has been adhered to.

This feature means that access to data in Polybase can be cryptographically verified, providing a high degree of assurance in data access and control. This level of security is essential for the development of decentralized applications where data integrity and user privacy are paramount.


In the era of web3 and decentralized technologies, ZK proofs and their implementations play a vital role in ensuring scalability, security, and privacy. Polybase's utilization of ZK proofs showcases an impressive blend of these features, paving the way for a new generation of decentralized databases that can handle the demands of the modern web3 ecosystem.

By leveraging ZK proofs, Polybase delivers a decentralized database protocol capable of addressing the key concerns of the web3 space, offering developers a robust, secure, and scalable foundation for building the decentralized applications of the future.