Replying to Avatar Kis Sean

https://open.spotify.com/episode/3cemC6cxTLqgFtuVdRHYgf?si=PBU7jdmCR9i_AIVR49icrw&nd=1

A very good intro podcast to zk by the developer of starknet.

ZK, zero knowledge proof is a very also tool for many applications. The most brought up topic about zk is zk rollup on ETH. Fundamentally, blockchain is really not good at any general storage or computation, that's why programs on blockchain are called smart contract. In the long term, I still don't see the system built on blockchain could or should be used to handle too much general computation. What zk rollup brings to the system is only cheap computation with minimum accessible storage (so don't expect any server software running on it).

Zk is basically proof that you know something without actually revealing the information. The basic zk validity proof roll up process to L1 is: 1. the sequencer(s) aggregates all transactions into a block 2. the prover computes the block with a special paradigm and generate the results and the validity proof of the computation. 3. the prover submits the state difference/result and the proof to L1, there will be a verifier on L1 to verify those results.(verify takes very little computational resources)

This process separates the computation from the blockchain. It's crucial since, computation will be run on all nodes on L1, not scalable at all. Now you can only verify the results, you can also bundle them to further decrease the computational requirements. As comparison to optimistic rollup, which assumes all transactions processed are valid until the fault proof process, zk roll up doesn't have to wait for the days of roll up confirmation to L1.

Zk proof is the proof of the execution of transactions, so that is blockchain agnostic, meaning it could verify another chain from one chain. One major application is BTC <-> ETH atomic swap, without zk, you'll need some oracle (program outside the chain) to know whether the BTC address you want to swap actually did follow the swap process. Now with zk proof on the BTC chain's state change, you don't have to deal with all the problems come with the oracle. And other application is storage chain verification.

The contents in the podcast are very detailed. Some interesting topic includes why computation is cheap, but storage is not; how they went from ASIC to cpu;how the states are stored; the domain specific language to program zk.

#zk #zeroknowledge #zkproof #ETH #Blockchain #scale #scaling #AtomicSwap #BTC #rollup

Avatar
Kis Sean 2y ago

https://vitalik.ca/general/2022/08/04/zkevm.html

"The different types of ZK-EVMs"

In the current stage, trade off between compatiblity and performance must be made when implementing zk-EVM. But different types of EVMs could co-exist to make the blockchain more scalable in different aspects.

Type 2's future market dominant makes most sense to me, it basically preserves the EVM environment while improves a lot on the prover time. Only the stuff from outside, like block structure and state trees are not compatible. Polygon and scroll are building towards this kind of EVMs.(Their product is about type 3 in current state)

“不同类别的ZK-EVM”

在当前阶段,实现zk-EVM时必须在兼容性和性能之间做出权衡。但是不同类型的EVM可以共存,以使区块链在不同方面更具可扩展性。

对我来说,类型2的未来市场主导地位是可预见的,它基本上保留了EVM环境,同时大大改善了证明时间。只有来自外部的内容,例如块结构和状态树不兼容。Polygon和Scroll正在构建这种类型的EVM。(他们目前的产品属于类型3)

https://twitter.com/luozhuzhang/status/1581385011604750336?s=46&t=Z3hVuhwSUrHhg3xDzw5U5w

Reply to this note

Please Login to reply.

Discussion