The most interesting tech news in crypto today is @0xPolygon's utilization of @SuccinctLabs SP1 tech for their AggLayer Pessimistic proofs
This is a big deal because it represents a turning point in the competition between specialized ZK circuits and generalized zkVMs
This thread explains why this event will have long-lasting effects on the development of zk-based applications
This is a big deal because it represents a turning point in the competition between specialized ZK circuits and generalized zkVMs
This thread explains why this event will have long-lasting effects on the development of zk-based applications
2/ First, what is the difference between customized zk circuits and generalized zkVMs
Customized zk circuits
It means developing a specialized zk circuit to perform a specific function
(+) Achieving the best performance in proof generation latency and verification time
(-) Requires specialized skills and domain-specific languages (DSLs)
(-) Longer development time
Customized zk circuits
It means developing a specialized zk circuit to perform a specific function
(+) Achieving the best performance in proof generation latency and verification time
(-) Requires specialized skills and domain-specific languages (DSLs)
(-) Longer development time
3/ Generalized zkVM
It means avoiding building customized circuits and converting any program to run in a VM. The instructions of this VM are implemented as zk circuits that can be combined to create a larger zk circuit that executes the target program
(+) Any developer can use the zkVM without any understanding of ZKPs
(+) Shorter development time
(-) Higher overhead and lower performance
It means avoiding building customized circuits and converting any program to run in a VM. The instructions of this VM are implemented as zk circuits that can be combined to create a larger zk circuit that executes the target program
(+) Any developer can use the zkVM without any understanding of ZKPs
(+) Shorter development time
(-) Higher overhead and lower performance
4/ For years, there has been a natural competition between these two approaches
Applications that need the best performance, e.g., zk rollups, had to develop their unique customized zk circuits such as zkSync, Polygon’s zkEVM, Scroll
Applications that need a shorter time-to-market and can endure some performance penalties used zkVMs such as Risc Zero and Succinct SP1
Applications that need the best performance, e.g., zk rollups, had to develop their unique customized zk circuits such as zkSync, Polygon’s zkEVM, Scroll
Applications that need a shorter time-to-market and can endure some performance penalties used zkVMs such as Risc Zero and Succinct SP1
5/ In this competition, Polygon has acquired multiple companies developing zk tech and amassed a stellar team of zk experts to build the most performant zk stack
So it is a surprise that when they needed to develop a performance-critical piece of zk teck, i.e., AggLayer pessimistic proof, they opted to use the Succinct zkVM.
So it is a surprise that when they needed to develop a performance-critical piece of zk teck, i.e., AggLayer pessimistic proof, they opted to use the Succinct zkVM.
6/ At a high level, the AggLayer pessimistic proofs prove the validity of the state of all the rollups connected to the Agglayer.
These proofs are the foundation for proper liquidity management and rollup-interoperability between the AggLayer rollups
Hence, it’s critical to have low-latency proof generation and low-cost proof verification
These proofs are the foundation for proper liquidity management and rollup-interoperability between the AggLayer rollups
Hence, it’s critical to have low-latency proof generation and low-cost proof verification
7/ If Polygon has decided that a generalized zkVM can do this crucial task that means that
1. The performance of the zkVM is not significantly worse than a specilaized zk circuit
2. The advantage of a better developer experience far outweighs the potential performance penalty
If this comes from Polygon’s zk experts, the implications are big
1. The performance of the zkVM is not significantly worse than a specilaized zk circuit
2. The advantage of a better developer experience far outweighs the potential performance penalty
If this comes from Polygon’s zk experts, the implications are big
8/ The first implication is that app developers don't need to worry about performance when they use zkVMs to develop zk apps.
Instead, any developer can develop performant zk apps without acquiring any ZKP experience. They simply use a zkVM black boxe that convert their app into a zk App.
This will push zk app development mainstream and attract a wider developer community
Instead, any developer can develop performant zk apps without acquiring any ZKP experience. They simply use a zkVM black boxe that convert their app into a zk App.
This will push zk app development mainstream and attract a wider developer community
9/ Secondly, we can expect rollups to launch using zkVMs to target different dev communities, e.g., a Rust rollup, a JavaScript rollup, etc. The rollup builders will not need to develop new VMs but instead use existing zkVMs
This will lead to further proliferation of non-EVM rollups
This will lead to further proliferation of non-EVM rollups
10/ Thirdly, zk R&D will be confined to optimizing the implementation of the zkVMs instruction set instead of optimizing the creation of large optimized circuits.
Hardware acceleration will also probably shift to optimizing the computation of the zkVM instruction sets
Hardware acceleration will also probably shift to optimizing the computation of the zkVM instruction sets
11/ It's always impressive to see how fast crypto's zk tech has developed from a niche in 2016 to a platform that can be used by anyone less than a decade after
• • •
Missing some Tweet in this thread? You can try to
force a refresh
