Wow well done! I didn't solve that one

very well done !! Very cool thinking about this stuff, it seems every problem has a peculiar solution ... someone is focuing right now on solving this problem on blockchains, to verify a transaction group made from someone else.

MIND FUCKING BLOWN

Yeah, I found it too, I was pretty happy about that. Good job to you too!

Brilliant

Except, as mentioned in the video, if Victor had pre-instructed Peggy to exit the cave in a specific series (A, B, A, A, A, B, ...) it still proves nothing to outside observers. If she were given these specific instructions it’s still entirely probable she doesn’t possess the secret.

@@akarin-desu Joseph said you would watch her enter from A and observe her exiting from B. The only way she could do that is if she has the key.

Eliminating the proofs with truth is exactly how i would accomplish this as well. Enter A, exit B; truth revealed.

If you're referring to the sudoku example, since this ideal computer program has _perfect_ randomization, no information about the solution can be gleaned from repeat messages. Think of the scrambling computer program as an (verify-ably) honest 3rd party, so that both Victor and Peggy have no knowledge of the key nor the cipher. Also, one of the underlying premises for that example is that both "Peggy" and "Victor" are following the protocol honestly. It is mostly a hypothetical scenario used to illustrate the principles of ZKPs.

Well if peggy submits any good sodoku (but not the right one of the original), the randomizer will give any good rows, kolumns or blocks, and victor doesn't have proof. I think its even more simple, if u trust the programcode but Victor cannot see the imput, that the program should just check if the input is vallid with the orignal, and has all conditions of a good sudoku on rows, koloms and blocks, and just answers to victor: yes peggy has solved it. Using a third party that has access to your sollution is not a good zero proof sollution

:) I think all 3 can be googled.... Try to think on them a bit before you do, though!

@@stwom33 I couldn't find the egg one

9 rows, 9 columns, 9 boxes and 1 choice to reveal the original squares

Different kind of 'honest'. Basically if Peggy doesn't know the secret, then she can't prove it, and the conclusion of Victor will be "I think you're lying". Example with the cave: Victor asks Peggy to arrive via path A and she arrives via path B. The same is true for Victor, if he doesn't care he can just arbitrarily say: "I think you're honest". Example with the cave: Victor asks Peggy to arrive via path A, Peggy arrives via path B, and Victor says "OK, I believe you". Now a real world application of ZKP is being able to recover your password without actually answering who your first crush was. This means that Victor, the authenticator, is the website you want access to and has 0 incentive to be dishonest. And this means that Peggy, the prover, is someone who pressed the 'forgot password' button. This is either you, who forgot your password, or a hacker who wants to luck their way into an account. If the prover is indeed 'you' then you know the secret and do wish to prove it; Peggy is honest. If the prover is a hacker, they don't know the secret and will likely fail if the proof is repeated a reasonable amount of times; Peggy is dishonest. Ironically, you can even switch this around. With the help of a ZKP protocol you can even verify that Victor is who they claim they are. Again, lets assume the password recovery but this time Victor isn't Victor, but a malicious site designed to look like the real deal and trying to steal your data. As long as Peggy is dishonest (in this case giving false, but consistent data) and Victor is dishonest (they'll 'accept' anything you give them because they think you're being honest and giving them real proofs) you'll be verified by fake-Victor as real, even though you *know* the authentication should've failed. Like said in the video; an eavesdropper wouldn't be able to tell the difference between an honest and scripted ZKP exchange.

Haha just saw someone else already said this whoops

That's where the open source software comes in; you can verify that the code does what it claims it does by.. literally seeing the code. You can compile it yourself and do tests. You can have someone else you already do trust verify it. And the re-numbering occurs so that you couldn't just tell it to show you row 1, row 2, row 3, ..., and row 9 and have the complete puzzle. Sure you'd have it substituted, but you have the real sudoku problem so you can already figure out nearly all of the substitutions (if not all) and then it's the same as just giving you the answer but with extra steps. The point is, that if I *don't* solve the puzzle, if you ask for a block, row, or column to be revealed there's a chance that there's a mistake. After all, I didn't solve the puzzle. So there are either missing spots, or double numbers in at least 1 of the 27 places (27 instead of 28 because it's excluding the original problem options). Which is also where the; there's a 27/28th chance Peggy is cheating probability comes from as long as Victor only chooses 1 option.

THEN TURN UP THE VOLUME!

My volume is at max and I can hardly hear him either.

Sure, but V is not allowed to stand at the trisection until _after_ P has chosen a path.

blendedempathy Yes, that is what coins like Zcash do, from my understanding