Zk rollups vie for throughput crown
Celer Network releases benchmarking results pitting zero-knowledge provers head to head
tomertu/Shutterstock modified by Blockworks
Validity proof-based rollups have gone from purely hypothetical to potentially hyperscaling Ethereum in just a few years.
Blockchain interoperability protocol Celer has a new framework to benchmark a key component of these rollups — the prover — revised on Monday to include the latest edition of zkSync’s prover, called Boojum.
The name derives from a fictional animal in Lewis Carroll’s poem The Hunting of the Snark, where a Boojum was a particularly dangerous kind of snark — one that can make its victims “softly and suddenly vanish away,” never to be seen again.
That’s not unlike the modern day cryptographic SNARK, or Succinct Non-Interactive Argument of Knowledge, which is a core component of some of today’s zero-knowledge rollups, such as Polygon’s zkEVM.
The validity proof in a zk rollup is a cryptographic assurance that a batch of transactions was processed faithfully, while the transactions themselves can be softly vanished off-chain.
ZkSync Era launched its zkEVM in March 2023 with a SNARK-based system as well, but one which Boojum is now poised to replace.
A new polynomial commitment scheme (in the cryptographic lingo du jour) is on the hunt, out to FRI the SNARK and turn it into an even more fearsome creature, a STARK.
STARKs provide a couple of key advantages: There’s no need to worry about the security of a trusted setup, or the future computational prowess of quantum computing.
Modern SNARKs utilize a universal trusted setup that can rely on randomness contributed by anyone, and remain secure as long as there is at least one honest participant. While Ethereum itself is not quantum resistant, it may be overly optimistic to solely rely on the post-quantum security of layer-2 rollups.
The more immediate benefit — and the one motivating the switch from zkSync — is speed and scalability, according to Alex Gluchowski, CEO of development company MatterLabs.
Zk-STARKs generate proofs faster, and they become more efficient as the number of transactions increases.
“The new proof system is orders of magnitude more performant than what we had before,” Gluchowski told Blockworks. “If you look at the Celer benchmarks, it’s basically an order of magnitude of the fastest proof systems in general. So it’s an order of magnitude faster than Plonky2 used in Polygon and it’s comparable to some of the fastest, pure STARKS.
Starky is an alternative prover from Polygon, which did not return Blockworks request for comment by publication.
StarkWare co-founder Eli Ben-Sasson, who co-authored the original paper on STARKs, called zkSync’s move “amazing news.”
“It shows what we’ve said from day 1: [STARKS] are most scalable,” Ben-Sasson told Blockworks. “That’s what you see from [Boojum] and Starky!”
StarkWare’s prover was not included in the published benchmarks, and StarkWare did not provide a comparable benchmark reference.
Celer refers to their benchmark framework as the Pantheon of Zero Knowledge Proof and calls it, “a public good community initiative,” with the goal that the findings “will enable developers to make informed decisions when selecting the most suitable framework for their projects.”
Comparing proof systems is a challenge, according to Elena Nadolinski, CEO at the Iron Fish Foundation, which contributes to a decentralized zero-knowledge based privacy solution.
“For example, some zero-knowledge proof systems (like STARKs) do exceptionally better for SHA-256 hashes than some of the pairing based systems like certain SNARKs (like groth16),” Nadolinski told Blockworks.
But groth16 is incompatible with a zkEVM implementation, she added.
Celer said it opted to use SHA-256 for its benchmark “due to its applicability to a wide range of ZKP use cases, including blockchain systems, digital signatures, zkDID and more.”
ZkSync’s implementation will wrap the proof in a SNARK as a final step. This reduces the size of the data needed to include an Ethereum mainnet block.
“For now what matters is performance and the costs,” Gluchowski said.
And decentralization — a core part of the ZK Credo.
“With this new implementation, it opens the path for complete decentralization of the prover because now you can run it on any GPUs that have been used for Bitcoin or Ethereum mining,” he said. “You can use it on gaming machines that people have at home.”
Start your day with top crypto insights from David Canellis and Katherine Ross. Subscribe to the Empire newsletter.
