Source: Four Pillars; Compiled by Baishui, Golden Finance
In 2023, zkRollups transitioned from the research stage to the production stage, and projects such as Starknet, zkSync, Scroll, Polygon zkEVM and Linea launched their respective solutions.
With the development of new concepts such as coprocessors, prover markets, shared provers, and zk aggregation layers, the zkRollup ecosystem has become more efficient and decentralized.
The operation of zkRollup involves three main stages: execution, proof generation, and proof verification, and various projects are focused on optimizing each component in the zkRollup supply chain.
zkRollups such as zkSync, Starknet, Merlin, and SNARKnado are developing their infrastructure, but they are still in the early stages of optimizing the supply chain.
In 2022, zkRollups are mainly in the research stage. 2023 marks the beginning of their future. Many projects, including Starknet, zkSync, Scroll, Polygon zkEVM, and Linea, have put their Rollups into products. The benefits are obvious, as it has shorter finalization times, more secure interoperability, and lower operating costs compared to optimistic rollups. Despite these advances, zkRollups are still in the experimental stage compared to optimistic rollups, and their technical roadmap changes frequently.
So, what does the future of zkRollups hold? New terms such as coprocessors, prover market, shared provers, and zk aggregation layer are often seen in many projects. zkRollup is being developed in different ways, and within the zkRollup ecosystem, many components are being built to make zkRollups more efficient and more decentralized. If we think about how zkRollups operate, the process involves three phases: execution, proof generation for execution, and proof verification. Each phase has corresponding projects. To briefly summarize:
Execution: zkVM, Coprocessor
Proof Generation: Proof Marketplace, Proof Aggregator
Proof Verification: Settlement Layer
Each of these categories is in its early stages, but as this supply chain becomes more developed, the zkRollup ecosystem will become more efficient. In this article, we will first explore the basics of zk, and then dive into the projects being built in the zkRollup supply chain, as well as some of the major zkRollups in Ethereum and Bitcoin.
The zkRollup mentioned in the title of this article is a rollup method that uses zero-knowledge proofs (ZKP). If you have come across the term zero-knowledge proof in the blockchain ecosystem, you may have some understanding of it (if not, don’t worry; it will be explained later). However, if you ask why and how this technology can be applied to rollups, you may find it difficult to answer immediately.
To find the answer to this question, in this chapter, we will explore what zero-knowledge proofs and zkRollups are, how they work, and why ZKP technology is a good fit for rollups.
1.1.1 Overview of ZKP
Before diving into the details of ZKP, let’s first understand the components involved in this process. There are two main components:
Prover:The prover holds a statement that they want to prove to the verifier in the ZKP process.
Verifier:The verifier participates in the ZKP process to determine if the prover's statement is true based on the evidence provided.
Now, let's explore ZKP in detail. ZKP is a cryptographic technique in which the prover can prove a specific fact without revealing the fact itself or any related information. ZKP has three main characteristics: Completeness, Soundness, and Zero Knowledge:
Integrity:If the prover's statement is true, the verifier will be confident that the statement is true.
Reliability:If the prover's statement is false, the prover cannot deceive the verifier into believing it is true.
Zero-knowledge:During the proof process, the verifier does not obtain any other information except the truth or falsity of the statement.
1.1.2 ZKP Example
It may not be easy to understand just by looking at the definition. Let's use a well-known example "Ali Baba's Cave" to explain zero-knowledge proof.
Consider the following scenario: In Alibaba's cave, there are two paths, A and B, which converge deep in the cave but are blocked by a secret door. The prover (P) claims to have the key to pass through this secret door, and the verifier (V) wants to verify whether P actually has the key.
The verification process follows these steps: P enters the cave and chooses path A or B. V does not know which path P took, but can ask P to come out through a specific path. If P has the key, P can come out from any path. After repeating this process several times, V can be confident that P has the key. However, V will not learn anything about the shape or properties of the key.
Applying this to the characteristics of zero-knowledge proofs:
Completeness: If P consistently follows V’s instructions over many iterations, V can be confident that P has the key.
Soundness: If P does not actually have the key, but lies about it, then inevitably there will be a situation where P cannot follow V’s instructions, thus proving P’s claim wrong.
Zero-knowledge: V is confident that P has the key over many iterations, but knows nothing about the key’s appearance or properties.
So far, we have explored the A to Z of zero-knowledge proofs. However, it is important to remember that the focus of this article is on zkRollups. Now, let’s take a deeper look at what rollups and zkRollups are.
1.2.1 Quick Overview of Rollups
Rollup is a Layer 2 scaling solution that processes transactions on the Layer 2 blockchain and then publishes the Rollup state to the Layer 1 blockchain for record and management.
There have been many proposals to solve Ethereum’s scalability problem. The earliest was sharding, which would divide the Ethereum network into several smaller “shards” to significantly increase transaction throughput. Similar to how multiple computers can process tasks simultaneously, sharding enables the Ethereum network to process more transactions quickly and efficiently.
Despite its many benefits, Ethereum developers abandoned direct sharding due to concerns about potential centralization and technical challenges, which would lead to delays. Instead, they adopted an approach of indirect sharding through a Layer 2 solution. In this approach, the process of transferring transaction data in batches to Layer 1 is called a rollup. Currently, Optimistic Rollup and zkRollups are the two main types leading the ecosystem.
1.2.2 Why ZK Proof and Rollup are a perfect match
zkRollups differ from Optimistic rollups in that it uses validity proofs instead of fraud proofs. zkRollups use zk-SNARK or zk-STARK to compress a large number of transactions into a single small proof, which is recorded and verified on the Layer 1 blockchain. Unlike Optimistic rollups, this approach significantly improves processing speed and efficiency, and does not require a dispute period for incorrect results.
The non-interactive nature of zero-knowledge proofs is critical to the efficiency and convenience of zkRollups. It allows rollups to independently manage the rollup process, maximizing efficiency by bundling and sending transaction data to Layer 1 according to their own schedule. This non-interactive approach prevents potential delays and inefficiencies that can arise from a more interactive process between Layer 1 and rollup.
Simplicity is another key factor in the effectiveness of zkRollups. zk-SNARKs and zk-STARKs are able to compress large amounts of data into small proofs, which ensures economic efficiency when sending transaction data to the more expensive but more secure Layer 1. This compression capability enables zkRollups to process multiple transactions as a single batch, greatly enhancing the scalability of Layer 1 while providing users with a more cost-effective blockchain infrastructure in a rollup environment.
1.2.3 Operation of zkRollup
Let's further explore how zkRollup operates and what components are involved. zkRollup is mainly operated by two components:
Sequencer:The sequencer collects and processes transactions occurring on Layer 2 and submits the processing results to Layer 1. While some rollup projects have separate entities for sequencing and generating validity proofs, for simplicity, we treat them as combined roles here.
Rollup Contract:The rollup contract is a smart contract on layer 1 that determines the state and transactions of the rollup. It receives, stores, and verifies data submitted by the sequencer, ensuring appropriate storage and management after the data is verified.
The operation process of zkRollup is as follows:
[Sequencer <> L2] Transaction batching and state change calculation:Multiple transactions executed on Layer 2 are aggregated into a batch, each transaction in the batch is executed, and a state root that records the new state changes is generated.
[Sequencer <> L2] Validity proof generation:A validity proof is generated using the new state root to prove the correctness of the state root. This proof guarantees that all transactions within the batch have been executed correctly without revealing the details of each transaction.
[Sequencer <> L2] Submission of state root and validity proof:The generated validity proof, state root, and hidden transaction data are submitted to the Layer 1 Rollup contract. The Rollup contract verifies the submitted data.
[Sequencer <> Rollup Contract (L1)] Verification and Update:The Layer 1 Rollup contract receives the validity proof, state root, and verification transaction data from the sequencer. It verifies the data, updates the state root, and stores the verification transaction data if there are no problems. If problems are found, the verification and storage process is not performed.
From a bird's eye view, let's take a look at how the entire supply chain of zkRollups works. zkRollups involve three main processes: execution, proof generation, and verification.
Execution:This happens off-chain, with transactions being executed in batches on a separate rollup network, updating the rollup state.
Proof Generation:Inputs like transaction batches and state roots are compiled. The Proof Route processes transactions, generating succinct zk proofs that cryptographically prove the validity of the state transitions without revealing the data.
Proof Verification:The zk proof and associated data are submitted to a validator contract on the settlement layer (mostly Ethereum) for verification. If valid, the rollup contract updates its state to reflect the new post-state and completes the change after a short time buffer.
There are projects dedicated to each process to make zkRollups run more efficiently. In the next section, let’s take a deeper look at what each process is and which projects are handling them.
The execution is performed separately from the settlement layer, the calculation is performed on a separate machine, and the proof of execution is generated in the zk route. This execution environment can be divided into two parts: zkVM and Co-Processor.
2.1.1 zkVM
Source: Foresight Ventures: zk, zkVM, zkEVM and their future | Author: Foresight Ventures | Medium
A zkVM (zero-knowledge virtual machine) is a specialized virtual machine designed to perform computations and generate zero-knowledge proofs to verify the correctness of those computations without revealing the underlying data. There are several types of zkVM, each tailored to a specific virtual machine and programming language. Here are some classifications of these projects:
zkEVM:It aims to replicate the EVM environment while incorporating zero-knowledge proof capabilities. This allows existing Ethereum smart contracts and dApps to be seamlessly ported to zkEVM-based Rollups. However, pure EVM has compatibility issues due to the complexity of developing a zk route for EVM and its frequent upgrades.
General-purpose zkVM based on RISC-V and MIPS:zkRISC is a specific implementation of the zkVM developed by RISC Zero. It is designed to be a general-purpose zkVM capable of performing arbitrary computations and generating zero-knowledge proofs. It allows programming languages such as C, Python, and Rust to be deployed and generate execution proofs.
CairoVM:Cairo VM aims to optimize the generation of program execution validity proofs. Unlike zkEVM solutions that focus on making the EVM compatible with validity Rollup, Cairo VM is designed from the ground up to maximize the efficiency of STARK proofs. This approach allows for better performance and scalability without being limited by the limitations of the EVM. However, there are barriers to building dapps because developers need to learn a new language.
2.1.2 Coprocessors
Source: Phala's Path to 2024: Coprocessors for Blockchain - AI, Hooks and DePin
Coprocessors are developed as off-chain processors to assist with specific calculations. For example, a graphics processing unit (GPU) manages the massive parallel calculations required for 3D rendering, allowing the central CPU to focus on general-purpose processing. In this sense, coprocessors support blockchains for complex execution, which is costly on blockchains. Each type of coprocessor is designed to maximize efficiency in processing its specialized workload.
By leveraging ZKP, coprocessors enable trustless and verifiable off-chain computations, ensuring the correctness and integrity of results without leaking sensitive data. Some known projects include:
Axiom: Axiom is developing a "ZK coprocessor" system that allows smart contracts to query historical blockchain data and perform complex computations off-chain while maintaining data privacy and integrity through ZKP.
Phat Contracts (Phala Network): Phat Contracts is a coprocessor that enhances scalability, enables a gas-free experience, supports multi-chain functionality, and provides dApps with secure access to off-chain data.
To prove the validity of a state transition, the rollup operator (prover) generates a ZKP. This proof confirms that the new state root was correctly computed from the previous state. Since generating ZKPs requires a lot of computational resources, there are limitations to the proof generation process, especially for large transaction batches or complex smart contracts. This can limit the throughput of zkRollups and the types of applications they can effectively support.
In addition, since the entity generating zk proofs requires expertise in the field and needs to keep the hardware up to date, the management costs can be high, not to mention the centralization risks. Therefore, some progress has been made in this area to make it more efficient. The approach has two parts: building a proof generation market to outsource the generation process, and creating an aggregation layer to make it more cost-effective.
2.2.1 Proof Generation Market
Source: Gevulot Introduction | Gevulot
The key features provided by the proof market include decentralized proof generation, auction mechanism, and hardware utilization and cost efficiency. Applications submit proof requests to the network, and provers respond using proof generation hardware to ensure efficient processing of proof requests. The auction mechanism matches these requests with provers, enabling competitive proof pricing. Additionally, provers use specialized hardware, reducing the cost of proofs, and the decentralized market allows for aggregation of proof requests from different applications, improving hardware utilization and cost-effectiveness.
The proof market also ensures censorship resistance and fast finality, and implements a staking mechanism. The market guarantees short-term censorship resistance, so that provers' bids are not unfairly blocked or ignored. Provers are required to stake with the network to prevent malicious activity and ensure the reliability and integrity of the network.
Finally, the market leverages economies of scale. Coordinating ZKP generation at scale reduces costs for end users. Aggregating proof order flow enables provers to invest in and operate more efficient infrastructure. Applications also benefit from reduced on-chain verification costs, as proofs can be aggregated for optimization. Some of the projects include:
Succinct Network:Succinct Labs is developing a decentralized attestor marketplace as part of its Succinct Network, which aims to create a unified protocol for ZKPs. This marketplace will allow applications to outsource their proof generation to a network of specialized attestors, providing a more efficient and cost-effective solution for ZKP-based systems. The attestor marketplace will operate through an auction mechanism that matches an application's proof request with a set of different attestors.
=nil; Foundation:=nil; Foundation has developed an attestation marketplace, a decentralized distributed system designed to serve as a spot market for ZKPs. This marketplace allows proof requesters (e.g. applications) to outsource the generation of zkProofs to specialized proof producers. The proof market runs on top of the =nil; Foundation's database management system and functions more like a "Proof DEX" than a centralized service.
Gevulot:Gevulot is not a traditional prover marketplace, but a decentralized proof layer for the modular stack. It is a permissionless and programmable layer 1 blockchain specifically designed for deploying proof systems as on-chain programs. Unlike a typical prover marketplace, Gevulot allows users to deploy prover and verifier programs directly on the blockchain, similar to deploying smart contracts on Ethereum. This approach enables applications to benefit from decentralized proofs without having to bootstrap their prover network or rely on centralized solutions.
2.2.2 Proof Aggregation
Source: Prove It: Shared Provers, Proof Aggregation, and Prover Marketplace - Delphi Digital
ZKP aggregation is a technique that combines multiple ZKPs into a single proof, reducing the overall cost of verifying these proofs on-chain. This is especially beneficial for Rollups that rely heavily on ZKPs. Some notable projects include:
Polygon AggLayer:It aims to enable smooth interoperability between L2 solutions in the Polygon ecosystem by leveraging aggregate ZKPs and the Unified Bridge Contract (LxLy Bridge). Aggregate proofs ensure that dependent chain states and bundles are consistent, preventing invalid Rollup state from settling on Ethereum if it depends on invalid state from another chain.
Nebra:Its product Universal Proof Aggregation (UPA) is a protocol for aggregating ZKPs. Nebra’s UPA can aggregate proofs from different routes, proof systems, and parties, reducing the gas cost of on-chain verification by more than 10x. Nebra has worked with projects such as AltLayer to integrate UPA into their Rollup solutions, enabling AltLayer’s users and dApps to benefit from the significantly reduced costs.
Electron Labs:Electron Labs has developed Quantum, an aggregation layer that leverages zk-recursion to aggregate proofs from different protocols and various proof schemes into a single “super proof”. This super proof is then verified on Ethereum, amortizing the verification cost across multiple protocols and providing cheaper verification for a single protocol.
The proof generation process in zkRollups is computationally expensive. However, verifying these proofs on the Ethereum mainnet is relatively lightweight, achieving scalability while maintaining the security guarantees of the underlying blockchain.
The zk-validation smart contract in Ethereum uses efficient cryptographic algorithms to verify the validity proof. If the proof is valid, the proposed state transition is correct and the new state root is accepted, updating the rollup state on the mainnet. Some projects, such as Aligned Layer, provide faster and cheaper verification by leveraging validators in Ethereum.
2.3.1 Aligned Layer
Source: whitepaper.alignedlayer.com
Aligned Layer is a decentralized ZKP verification and aggregation layer designed specifically for Ethereum. As the EigenLayer Active Verification Service (AVS), it leverages Ethereum’s economic security through a process called “re-staking” to ensure that ZKPs are accurately verified and settled on the Ethereum blockchain.
Aligned Layer provides two different operation modes to meet different needs. Fast mode is optimized for minimal verification cost and low latency, making it ideal for applications that require fast and cost-effective proof verification. On the other hand, slow mode leverages proof aggregation to fully exploit Ethereum's security guarantees, providing comprehensive security. This dual-mode approach enables Aligned Layer to provide a flexible solution that balances speed and security based on the specific requirements of different use cases.
As mentioned in Section 2, various projects are optimizing the zkRollup supply chain. Let's take a closer look at the most notable zkRollup projects in production, specifically EVM-compatible projects zkSync and Starknet, and Bitcoin-compatible projects Merlin Chain and SNARKnado.
zkSync is a zkRollup solution developed by Matter Labs to address the scalability challenges facing the Ethereum network. While zkSync’s initial focus is to scale Ethereum, its ambitions extend far beyond being an L2 solution. Matter Labs envisions zkSync as the foundation for a comprehensive cross-chain ecosystem, designed to seamlessly connect a variety of zkSync-based rollups. To achieve this goal, zkSync is developing a complex but user-friendly cross-chain environment that includes zkRollup technology, ZK Chain, and Hyperbridge. Let’s take a look at each concept.
zkSync uses zkRollup technology based on zk-SNARK, a proof generation and verification method of zk-SNARK, with small proof size and fast verification speed. However, as zk-STARK’s advantages such as quantum resistance and large-scale processing become more prominent, zkSync is also trying to partially adopt zk-STARK, such as the proof generation system called “Boojum”, which uses the zk-STARK method for proof generation.
3.1.2 Structural Components
Sequencer:The Sequencer in zkSync arranges and processes transactions according to specific rules. Sequencer includes Prover, which generates proofs and transaction data that cannot be viewed in detail and sends them to Layer 1.
Prover:The Prover in zkSync uses zk-SNARK to generate proofs. The data used in the proof generation process includes transaction data that cannot be viewed in detail and the state change data before and after that represents the state change of the L2 chain. The generated proof is verified by the Rollup contract on Layer 1.
Settlement:zkSync uses the data generated on Layer 2 for verification and is updated in the Layer 1 smart contract. If a verification problem occurs, the transactions in the affected batch will not be updated. This process is modular, and the following will introduce each ZK Chain connecting one or more smart contracts.
3.1.3 ZK Chain
ZK Chain is a blockchain beyond Layer 2, which includes the infrastructure provided by zkSync. It is called beyond Layer 2 because zkSync adopts an unrestricted layered structure, including fractal structures such as L3.
The most well-known ZK Chain at present is zkSync Era built by zkSync. It is EVM-compatible and allows the deployment of simple dapps. However, the relationship between different ZK Chains is crucial to zkSync's ultimate goal of a cross-chain ecosystem. zkSync focuses on how to connect with other future ZK Chains.
An example of leveraging the ZK Chain environment is Hyperbridge. With Hyperbridge, users can conveniently send all assets from connected chains to their chain-specific wallets. When users need to use assets on their chains, relayers facilitate the bridging, destruction, and issuance of assets.
For example, if cross-chain Uniswap is used, and a user on the era.zksync chain wants to redeem 1 ETH for 10,000 DAI, the process is as follows:
Generate a "1 ETH → 10,000 DAI" transaction from the era.zksync chain wallet.
The relayer transfers 1 ETH to uni.chain, redeeming it for 10,000 DAI.
The relayer then transfers the swapped 10,000 DAI back to the era.zksync chain.
In this way, users can easily use zkSync's environment to perform cross-chain transactions without having to know detailed information about other chains.
3.1.4 EVM Compatibility
zkSync currently claims to have 99% compatibility with Solidity and Vyper. Initially, zkSync supported Zinc, a language similar to Rust, to achieve a more suitable and efficient zkEVM. However, they shifted their focus to Solidity compatibility and stopped the development of Zinc since September 2021 to ensure full optimization.
Starknet is similar to zkSync in that both are zkRollup-based layer 2 solutions, but their technology stack and internal technology are different. It is worth noting that it uses zk-STARK instead of zk-SNARK and uses its own smart contract language Cairo.
3.2.1 zk Rollup - Focus on high-volume Rollup processing
Starknet uses zk-STARK to generate and verify Rollup-related proofs. Similar to zkSync, it only uses before-and-after state changes to more efficiently manage Rollup data at Layer 1.
In addition, because Starknet adopts zk-STARK, it benefits from a trustless environment and the ability to process a large number of transactions simultaneously. This makes Starknet the first choice for DeFi dApps or game dApps with large transaction volumes.
3.2.2 Structural Features
Structurally, Starknet adopts an architecture similar to other zkRollups. But it differs in that it actively utilizes the zk-STARK zero-knowledge proof model and maintains EVM compatibility through its proprietary programming language Cairo.
Source: Starknet Architecture: Overview
Sequencer: The Sequencer in Starknet plays a vital role in managing the verification and execution of transactions and proposing blocks. Its main function is to process transactions in batches. Transactions that fail to pass verification are restricted by the Sequencer, and only verified transactions will be included in the block. The Sequencer also includes a prover, which is responsible for sending the completed rollup data to Layer 1.
Prover:Proverbs in Starknet use zk-STARK to generate proofs. During the proof generation process, the prover saves each transaction execution step to create an Execution Trace and track the state changes in the L2 chain, recording the State Diff. The proof generation process requires a lot of computing resources and is designed to support parallel processing, allowing multiple provers to divide the work and perform tasks simultaneously.
Settlement:The data generated on Layer 2 is transmitted to Layer 1 (such as Ethereum), where components accept transactions and manage proofs and state differences. These components are handled by two smart contracts: the Validator Contract and the Starknet Core Contract. The Validator Contract analyzes the proof received from Layer 2 and exercises a veto on the transaction if any problems are found. If the validity of the proof is confirmed, it is transferred to the Starknet Core Contract, which updates the Layer 1 chain with the provided state changes. This updated state will be added to the Layer 1 chain block, and once the block passes through Layer 1's process, it will be affected by Layer 1.
3.2.3 EVM Compatibility
Starknet is developing its own unique EVM compatibility path through the Cairo language. To deploy smart contracts on Starknet, you must use Cairo. While Cairo does not yet support many Solidity features, and although the number of Cairo developers is increasing, it still lags behind Solidity in terms of community size and adoption.
Starknet's smart contract language Cairo inherits the functionality of Rust. It is optimized for zk-STARK proof generation and can efficiently execute and generate proofs for smart contracts. Overcoming the barriers to using Cairo allows smart contracts to be deployed and executed in a better environment and data can be securely aggregated to Layer 1.
The following table outlines the main differences between Cairo and Solidity.
Merlin Chain is a Bitcoin-based layer 2 zkRollup solution developed by Bitmap Tech, which mainly focuses on Ethereum. Based on Polygon's zero-knowledge proof technology, Merlin Chain has the advantage of being compatible with EVM while securely storing Rollup data to Bitcoin L1. In this way, Merlin Chain aims to increase liquidity and expand the ecosystem within the Bitcoin network, including BTC, with the slogan "Make Bitcoin Fun Again".
3.3.1 zkRollup - A hybrid approach for Bitcoin characteristics
Merlin Chain uses zkRollup technology that combines zk-SNARK and zk-STARK. Initially, due to the structural characteristics of the Bitcoin network being Turing incomplete, ZKP could not be directly verified on the Bitcoin network. However, after the Taproot upgrade, some verification became feasible. Merlin Chain uses Taproot to record the Rollup data and proof data generated off-chain onto the Bitcoin network.
In Merlin Chain, zkProver is responsible for verifying the validity of transaction data and generating proofs based on the verified data. The stages of this process are as follows:
Merlin Chain’s sequence node stores the current state information in a database.
The sequence node sends the transaction to the zkProver.
The zkProver accesses the database to retrieve the data required for transaction verification.
Once the zkProver completes transaction verification, it generates a proof and sends it to the sequence node.
The process involves several steps. First, transactions are verified and processed using the zk assembly language (zkASM)-based zkEVM developed by the Polygon zkEVM team. The generated data is then aggregated and compressed using the high-capacity processing power of zk-STARK to optimize Rollup economic efficiency. Finally, a proof that produces a consistent proof size is generated using zk-SNARK. The generated data and proofs are then verified in the decentralized Merlin Chain oracle network environment and uploaded to the Bitcoin network via Taproot.
3.3.3 Future Upgrades: On-Chain Fraud Proofs
While zkRollup appears to be well suited for L2 solutions in the Ethereum ecosystem (as described in Section 3.2.1), it cannot perfectly guarantee the validity and accuracy of transactions within the rollup by itself. To bridge the gap caused by differences in the Bitcoin network structure, Merlin Chain uniquely plans to introduce an on-chain anti-fraud mechanism similar to optimistic rollup.
The on-chain anti-fraud mechanism operates in the relationship between the rollup data proposer and the challenger. If the challenger believes that the rollup data is incorrect, they can challenge the transaction data, ZK state information, and ZK proofs uploaded to the Bitcoin network. Most L2 transactions do not need to be re-verified on the Bitcoin network (L1), but if a challenge is made to previously proposed rollup data, the data and transactions must be re-executed and verified. If a role is found to be at fault, they will be punished.
3.3.4 EVM Compatibility
Merlin Chain achieves EVM compatibility by using zkEVM based on zkASM in its zkProver. This enables smart contracts developed using existing Ethereum development tools and infrastructure to be executed on the Bitcoin network, providing the advantage of extending Ethereum's functionality to Bitcoin.
SNARKnado is a Bitcoin-based layer 2 solution implemented by Alpen Labs using zk-SNARK. Alpen Labs aims to use SNARKnado to make the blockchain more focused on verification rather than computation, thereby achieving higher scalability and efficiency in the Bitcoin ecosystem.
3.4.1 zkRollup - BitVM's Successor
SNARKnado is a modified model that is further optimized for zk-SNARK, which borrows the prover-challenger structure used in the BitVM Optimism method. This improves its performance by about eight times compared to BitVM. However, it still does not reach the advantage of BitVM2 that allows anyone to initiate challenges, because SNARKnado currently limits the challenge ability to allowed roles.
3.4.2 Structural Features
Proof Verification Method - Bisection Polynomial
Using zk-SNARK allows SNARKnado to manage Rollup data and proof data on Bitcoin with a smaller proof size, but Bitcoin's restrictions on complex calculations require optimization of proof verification. SNARKnado solves this problem by transforming the proof data using a bisection polynomial. The verification process is performed through on-chain computation enabled by the Taproot upgrade.
When a prover receives a challenge, they disclose some of the data required for the challenge and go through the verification process with the challenger. The bisection polynomial method is used for verification, determining which role (prover or challenger) is at fault.
3.4.3 SNARKnado vs. BitVM or BitVM2
SNARKnado has many similarities with BitVM, especially appearing as a midpoint between BitVM and BitVM2. So, what are the differences between them? (Since BitVM2 is a more advanced model than BitVM, the comparison will focus mainly on BitVM2.)
First, consider the usage of resources within Bitcoin. BitVM2 inherently shows a linear increase in on-chain resource usage, while SNARKnado reduces this increase to the square root level, thereby optimizing on-chain resource usage. Another difference lies in the accessibility of roles that can issue challenges. While SNARKnado restricts challenges to allowed roles, BitVM2 allows anyone to issue challenges without permission.
3.4.4 EVM Compatibility
According to Alpen Labs’ latest record, EVM compatibility is not officially supported yet, and there are no future plans for EVM compatibility.
Looking back at recent zkRollups mainnet launches, we saw zkSync Era in August 2023 and Polygon zkEVM in December 2023. These projects haven’t been around for very long, so most are still under active development. In addition, the scope of development is no longer limited to zkEVM. General purpose zkVM, zkWasm, and off-chain coprocessors are also under development for execution, using custom zk routes.
As basic execution and proof generation become more reliable, efforts are being made to improve supply chain efficiency. Strategies include building a marketplace for attesters, aggregating multiple attestations, and creating verification layers for cost-effective verification. It is expected that the supply chain of zkRollups will become more efficient and affordable in the future.
Bitfinex lists MEME, the token of Memeland by 9GAG, blending internet culture and technology in the Web3 space. Henry Child from Bitfinex highlights MEME's integration as a step towards innovative, community-focused projects, marking a significant move in the crypto sphere.
JoyBitGo's Singapore arm secures in-principle approval from MAS for a major payment institution licence, paving the way for non-retail investor trading. The firm plans to expand its cryptocurrency services in Singapore, targeting institutional clients with its innovative cold storage custody solution.
JoySEC Twitter hack falsely announces Bitcoin ETF approval, causing price volatility. Security lapse exposed, leading to eventual real ETF approvals and significant crypto market implications.
BrianExplore the implications of Ethereum co-founder Vitalik Buterin's recent proposal for a 33% increase in the network's gas limit. This article delves into the background of Ethereum's gas limit, the specifics of Buterin's proposal, and its potential impact on network efficiency and scalability. Discover how this change could shape the future of Ethereum, balancing the demands of a growing user base with the technical challenges of blockchain technology. Ideal for cryptocurrency enthusiasts and blockchain professionals looking to stay informed on the latest developments in Ethereum's ongoing evolution.
KikyoThis move follows a similar announcement made on January 6 by VanEck, stating its intention to donate 5% of the profits from the Bitcoin Spot ETF to Bitcoin developers.
AlexDive deep into the dynamic realm of cryptocurrencies with our expert analysis on DIGIFINEX, CRYPTOFI, AGIX, SATS, MATIC, CAKE, and the intriguing Coconut ChiCken(Coq). Explore the future trends and innovations shaping this exciting digital landscape.
AlexExplore how Elon Musk's views on Bitcoin and the upcoming halving event in 2024 are shaping the cryptocurrency landscape and impacting investor strategies.
BrianThis collaborative effort aims to strengthen cooperation with relevant authorities and virtual asset exchanges to actively address crimes related to illegal foreign exchange transactions involving virtual assets.
AlexThe SEC's approval of 11 spot bitcoin exchange-traded funds (ETFs) marks a historic moment, allowing everyday investors access to bitcoin without direct ownership. Big names like BlackRock and Grayscale securing approval signal a significant shift, raising expectations for increased bitcoin investment and mainstream acceptance.
JoyIndia has heightened its crackdown on offshore crypto exchanges, leading Apple to remove apps of platforms like Binance and Bitfinex from its App Store within the country. Regulatory measures, including compliance notices and a 1% levy called Tax Deducted at Source (TDS), reflect India's commitment to enforcing crypto regulations, impacting both local and offshore exchanges.
Joy