- Rollups are the core technology for layer 2 protocols for Ethereum. Many rollup solutions use a zero-knowledge proof method. Such technologies are grouped under the name ZK-Rollups.
- The use of rollups allows you to ensure high transaction privacy and scale the main Ethereum network: many transactions are combined into a single package, which is confirmed in the first level blockchain.
- There are several popular ZK-based layer 2 protocols in the Ethereum ecosystem: StarkNet, zkSync, Loopring, Polygon Miden, and others. There is also a separate Optimistic Rollups technology, which is used in the Arbitrum One and Optimism L2 platforms.
How does null proof work?
The zero-knowledge proof (ZKP) method was formulated by scientists Shafi Goldwasser and Silvio Micali in 1985 in the article “Knowledge complexity of interactive proof systems“. They proposed a way to prove the authenticity of a message without revealing its details.
To do this, you need to generate a special “confirmation”, with the help of which the verifier can verify the correctness of the initial data. The sender needs to perform a series of calculations that will be correct if he has the necessary knowledge. The verifier knows the meaning of the correct answer, which makes it possible to confirm the validity of the information. Thus, both parties have only limited knowledge of the content of the message.
To demonstrate the method, consider a situation in which two balls are shown to a color blind person who does not distinguish colors. One of them is red and the other is green, but the person does not see the difference.
You need to prove the opposite without naming the colors of the balls. To do this, you pass objects to the interlocutor, who hides them behind his back. After that, he takes out the ball and shows it to you. Then the person hides it and repeats the action. You need to answer the question if he changed the ball behind his back. Since you know the correct answer, after a series of experiments you will prove your case. However, you do not have to disclose additional information.
How is zero knowledge proof used in ZK-Rollups?
The ZKP method allowed the creation of a group of technologies under the general name ZK-Rollups, on the basis of which many key second-level protocols in the Ethereum ecosystem operate today. Vitalik Buterin called ZKP the most important technology for scaling the main blockchain platform.
In the “rollup” (from the English “rollup” – “convolution”), packages are formed from many transactions, in which the data of each transfer is compressed. These “rollups” provide proof to the main layer-one network (Ethereum in this case) that allows all of the transactions in a batch to be verified without considering each one. After verification, the package is included in one of the blocks. One rollup package can contain thousands of transactions, but the minimum amount of data is placed on the first level blockchain.
The work of ZK-Rollups is provided by three elements:
- L2 protocol virtual machine that groups transactions;
- verifier smart contract that verifies packets;
- a module that sends packets to the first level blockchain and updates the state.
The network node of the second level performs a basic check of incoming transactions. After receiving a certain number of translations, it bundles them into a batch and generates a ZK proof. The package verifies the smart contract deployed in the first layer network. It also provides deposit and withdrawal of funds to the L2 blockchain.
Rollups also include user balances in the L2 network, presented in the form of a Merkle tree. Its root is stored in the contract, which allows you to track the change in the state of the network. Values that confirm each transaction are also transferred to the first-level blockchain. The data includes the Merkle root, which is calculated in several steps. Intermediate values are written to the blockchain and confirm each transfer in the batch.
What are the advantages of ZK-Rollups technology?
Initially, zero-knowledge proofs were used in anonymous cryptocurrency projects, but in recent years they have found wide application as solutions for scaling Ethereum.
ZK-Rollups allows you to process user data without disclosing private information about them. In particular, the algorithm can check the availability of funds without showing the user’s balance. These properties are important for companies that need to protect customer privacy.
Also, the use of solutions based on ZK-Rollups significantly reduces transaction fees. Many translations are combined into one package in which all data is compressed – for example, an index is used instead of an address. This allows you to store a smaller amount of information in the first level blockchain. The costs are shared among all senders, so each user pays less.
ZK-Rollups provide low delays when withdrawing funds to the main network, since the smart contract checks the validity of the data before including the package on the blockchain.
What are the types of ZK proofs?
There are many implementations of ZK rollups, the most popular being ZK-SNARKs (and its Plonky2 variant), ZK-STARKs, zkSync and others. Each of the technologies differs in the size of the “proof” and the computational cost required for verification.
ZK-SNARK creates a confirmation that is small and easy to verify. For proof, using elliptic curves. Computing their values is less expensive than hashing, so the algorithm is less expensive. The method requires the destruction of the evidence immediately after it is sent. For the algorithm to work, the node generates a public and private key, after which the latter is destroyed. The public key is used to create another pair of keys. Further, the private key is used to generate confirmation, and the public key is used to verify it.
ZK-STARKs generate a proof that does not involve interaction between the verifier and the verifier. Data validation takes less time, making the technology easier to scale. The algorithm uses hashing, which makes it resistant to quantum computer attack.
zkSync is an L2 protocol based on the rollup algorithm of the same name. The platform allows the transfer of assets and supports smart contracts. A feature of the algorithm is the low gas limit per transaction, which does not exceed 500 Gwei. The main advantage of zkSync 2.0 is its compatibility with the Ethereum Virtual Machine.
What projects use ZK-Rollups and Optimistic Rollups?
There are several popular solutions in the Ethereum ecosystem today using ZKP:
- Starknet platform. Based on its private version called StarkEx, the large DeFi protocols Rhino, Immutable X, dYdX and Sorare operate.
- Mina Protocol is a lightweight blockchain that uses ZK-SNARK technology to create 22Kb blocks. The platform allows you to execute smart contracts and run decentralized applications.
- loop ring is a decentralized trading protocol that uses an order book. Implemented on the Ethereum network, ZK proofs are used for its operation.
- Polygon Midden – “rollup” based on zk-STARKs, running using a special virtual machine Miden VM.
In addition to rollups based on ZKP, a group of solutions called Optimistic Rollups can also be distinguished. The difference between the two lies in the way transactions are validated: in Optimistic, batches of transactions are considered valid, and transactions are validated only if someone disputed it.
Zero-knowledge proofs persist the data on the main network after each translation is validated. Thanks to this, the technology ensures that the current state of the network is maintained. At the same time, unlike ZK-Rollups, withdrawals from the protocol based on Optimistic Rollups require a fraud check, which can take up to two weeks. The specified period determines the time for withdrawing funds to the first level blockchain. However, the need to validate data in ZK-Rollups increases resource consumption and financial costs.
Two popular Ethereum L2 protocols, Arbitrum and Optimism, work on the basis of Optimistic Rollups.
|Name||Technology used||Volume of blocked liquidity (TVL)|
|Polygon||Polygon Midden (ZK-STARK), Polygon Nightfall (Optimistic Rollups), Polygon Zero (Plonky2) Polygon Hermez (ZK SNARK)||$1.3 billion|
|Arbitrum One||Optimistic Rollups||$1.06 billion|
|optimism||Optimistic Rollups||$993 million|
|loop ring||ZK-SNARK||$128 million|
|dYdX||ZK-STARK (StarkEx)||$372 million|
|Aztec||PLONK (ZK SNARK)||$11.9 million|
|starknet||zk-STARK||$2.86 million (excluding projects on StarkEx)|
What is Validium?
There are comprehensive solutions validiums. This is a compromise technology that combines evidence stored at different levels. Confirmations are sent to the main blockchain, while the data is stored outside of it. The solution reduces commissions, but involves dependence on external storage. In case of disruption of the latter, users will not lose funds, but will not be able to make transactions.
Found a mistake in the text? Select it and press CTRL+ENTER
Cryplogger Newsletters: Keep your finger on the pulse of the bitcoin industry!