zkSync is a layer 2 scaling solution that allows Ethereum to achieve scalability without sacrificing security or decentralization, powered by so-called zero-knowledge (ZK) technology. Anthony Rose, Head of Engineering at Matter Labs, shares his thoughts on the current L2 landscape and its promising future.
Until now, Ethereum has faced the same design problem that all blockchains face. This problem is known as the blockchain trilemma, originally outlined by Ethereum founder Vitalik Buterin. The blockchain trilemma states that blockchains are forced to make a compromise between security, decentralization, and scalability. Essentially, they can only optimize for two out of three parameters.
The Ethereum blockchain has consciously been optimized for the most important parameters required by any layer 1 blockchain: decentralization and security. For a system that aims to be a settlement layer for global digital value, prioritizing security is a must. Similarly, decentralization is a core characteristic for public blockchains to stay trustless. However, this means Ethereum only processes around 15 transactions per second on average and can’t possibly be used by everyone around the world at the same time. As one of the leading layer 2 solutions, zkSync - developed by the Matter Labs team - is designed to solve this problem.
CVJ.CH: First things first, how would you describe Layer 2 scaling solutions (L2s)?
Anthony Rose: Layer 2 scaling solutions, like ZK rollups and optimistic rollups, are protocols that aim to increase the overall capacity of a blockchain network. They do this by allowing transactions to be processed and verified off-chain, outside of the main blockchain network, and then settled on-chain in batches. This helps to reduce congestion on the main chain, improve transaction speeds, and lower transaction fees.
This is such a critical problem for the ecosystem to solve, and multiple teams are working on solving it. zkSync, StarkWare, and some projects by Polygon teams are examples of ZK rollups, while Optimism and Arbitrum are two of the biggest optimistic rollups. While ZK rollups use advanced cryptography called zero-knowledge proofs to ensure the validity of transactions, optimistic rollups rely on economic incentives and game theory.
Why do you believe L2s to be so important for the crypto ecosystem?
We believe Ethereum’s scalability is the most important problem to solve at the moment. As previously mentioned, Ethereum can only process around 15 transactions per second, which can lead to high gas fees and long confirmation times. This limitation places a big constraint on its ability to settle value all over the world at any significant scale. L2s provide additional capacity and allow for more transactions to be processed per second, making the network more scalable and accessible to users.
By using layer 2 solutions, Ethereum can maintain its security and decentralization while also improving its scalability, which is essential for the continued growth and adoption of the network.
Can you explain so-called zero-knowledge proofs in simple terms?
At its core, zero-knowledge proofs (ZK proofs) are a type of advanced cryptography that allows one person (the prover) to prove to another person (the verifier) that they know a certain piece of information without revealing the actual information itself. This means that the verifier can be sure that the prover knows the information, but they cannot learn what the information is. This is done using math so it cannot be cheated or deceived.
To give a simple example, imagine that Alice wants to prove to Bob that she knows the secret password to a certain website, but she doesn't want to actually reveal the password to Bob. Alice can use a ZK proof to prove to Bob that she knows the password without revealing the password itself. In this case, the password would be the "information" that Alice is proving that she knows, and Bob would be the "verifier" who is being convinced that Alice knows the password without learning the password itself.
Without getting too deep into the weeds, the specific approach we use is something called “zk-SNARKs”, which stands for “Zero-Knowledge Succinct Non-Interactive Argument of Knowledge”. While we talk about these systems as ZK rollups, it really isn’t the "zero knowledge" aspect of this technology that we use them for, it is actually the "succinct" part. This succinctness refers to the proofs themselves; we’re able to generate these small proofs which are very quick to verify they’re correct, but which represent the much larger amount of computational work done on the L2.
How does this technology apply to a scaling solution?
The way that zkSync uses ZK proofs is in verifying the validity of multiple transactions, and creating a zero-knowledge proof that these transactions are valid. As previously mentioned, this cryptographic proof is based purely on math and cannot be faked. The network then posts this proof on Ethereum via a L1 transaction, along with the data needed to recreate them. A smart contract that we have deployed on Ethereum verifies that the proof is valid and that our blockchain state is transitioning correctly.
Since many L2 transactions are settled together via a single L1 transaction, this allows for a higher volume of transactions to be processed per second, improving the scalability and the cost-effectiveness for end users. On top of this, our upcoming release, zkSync 2.0 is EVM compatible, which means that all the projects deployed on Ethereum or other EVM chains can easily be redeployed on our system to easily take advantage of low gas fees and high transaction speeds.
The best articles of the week, directly delivered into your mailbox.Subscribe to our newsletter
What’s the main difference between a ZK Rollup and an Optimistic Rollup?
With optimistic rollups like Optimism and Arbitrum, the validator takes a number of transactions and posts them on Ethereum, and essentially the state transition of these L2 systems is assumed to be valid. Enough information is posted publicly that third-party watchers can check the validity of the update, and have a time frame within which they can prove that these updates were invalid or fraudulent in case an issue is detected. If no one provides proof within this window (which is typically seven days), the state is considered valid. If someone submits a valid claim that the transactions are fraudulent, the state update is rejected.
Optimistic rollups rely on trust and game theory, in the sense that you must trust that there are actors watching for invalid updates given the economic rewards available for discovering an issue. However, this approach has a lengthy dispute resolution period and relies on people acting according to financial incentives, and you can imagine circumstances in which these systems could be vulnerable.
ZK rollups like zkSync use cryptographic proofs instead of game theory to ensure the validity of transactions on L2. Since it’s impossible to create an invalid proof, it does not rely on trust or assumptions made about the humans behind the system. It simply relies on the math that enforces the computational integrity of the block.
Where have been the biggest hurdles when developing your EVM-compatible ZK Rollup?
ZK proofs are computationally intensive. That is to say, you need a lot of calculations to generate a proof of validity, but this is necessary to ensure the integrity of the system and prevent fraudulent transactions from being included. The zkSync v1, which is now 2 years old, takes about an average of 3 hours to generate the validity proof. Sometimes, it takes as little as 45-50 minutes. We’re pushing hard with v2 of our system to make substantial progress on this and have done an enormous amount of work to build on what was in place for v1. We intend to bring it down to single-digit minutes over the next year.
Recently, our team has won an award from ZPrize, an open contest aimed at encouraging technological advancements in zero-knowledge cryptography. An essential part of ZK computations is multiscalar multiplication (MSM), which needs to be fast. Our solution achieved a latency of just 2.528 seconds and won the prize for the fastest MSM using GPUs.
Do you see any regulatory boundaries for zk-based technologies?
Some regulators have shown concerns around criminals leveraging privacy-preserving technologies. While ZK proofs can be used to maintain a very high level of privacy, the application of ZK proofs and other ZK-based technologies within the blockchain space today is to improve the scalability, and it is the succinctness of the proofs rather than the zero-knowledge property that we take advantage of. Our system is not private in the way that some technologies based on zero-knowledge cryptography are.
However, I believe in the fullness of time we’ll see much more mainstream adoption of these technologies. There are lots of use cases you could imagine for ZK systems at scale, in particular for financial applications (or other areas where there is sensitive data on which we want to run computation). There will be no appetite for making all of the world’s financial transactions public, and I expect ZK tools to contribute broadly to improvements in many areas as they mature.
What are you most excited for in the next 3-5 years? How much will the ecosystem change?
Over the next 5 years, it's likely Ethereum and ZK rollup space will undergo significant changes as the technology continues to evolve and improve. As more developers and businesses adopt these technologies, there will be demand for faster, cheaper, and more scalable solutions to process transactions more efficiently and at a lower cost. As the use of blockchain technology becomes more widespread, the need for privacy and security will also become more important. Native privacy, which zkSync supports at layer 3 could become more popular as a result.
Anthony Rose is Head of Engineering at Matter Labs, the team building zkSync. Anthony oversees all of the Engineering teams building the Layer 2 solution as Matter Labs prepares for the Full Alpha mainnet launch early 2023. Prior to joining Matter Labs, Anthony led engineering teams at SpaceX for several years, building software for Falcon, and Dragon, and Starlink. Before that he held engineering and data science roles at Uber and Expedia. He holds a PhD from the University of Sussex. He now lives in Los Angeles with his family.
