Open Rollup VS Zero Knowledge Rollup

“It was the best of times, it was the worst of times.” Just as Dickens relives a revolutionary Europe, so does Ethereum today. The ecology on Ethereum, especially DeFi, is full of vitality and innovation, but the exponential growth of network activities has triggered a congestion crisis. Transactions on Ethereum have become prohibitively expensive for the vast majority of potential users. Improving scalability is something that Ethereum urgently needs to do. I believe Rollups are the new direction of development. Much has been written about their key trust assumptions and security properties, and how they differentiate Rollups from other sidechain and EVM-compatible scalability solutions. In this article I focus on the similarities and differences between the two main categories of Rollups: Open Rollups and Zero-Knowledge Rollups. The basic design and guiding principles are basically the same for both. They differ in how the "review process" works. In other words, how Ethereum decides whether a batch of Rollups transactions should be accepted or rejected. As we can see, this difference has important implications for the security, EVM compatibility, and user experience of open and zero-knowledge rollups. These attributes, in turn, have profound implications for users, developers, and investors. Before diving into the intricacies of the respective designs, let's start with a high-level comparison. ZK Rollups send batches of transactions back to Ethereum with a special type of cryptographic proof attached. The Ethereum network uses this so-called "proof of validity" to verify the correctness of the batch of transactions. In the ZK Rollups protocol, Ethereum only accepts those batches of transactions that can be cryptographically verified. In a word: Guilty until proven innocent. The open banking platform TrueLayer plans to lay off 10% of its staff, and raised $130 million last year: Jinse Finance reported that the open banking platform TrueLayer announced plans to lay off 10% of its staff. TrueLayer co-founder and CEO Francesco Simoneschi said, "We are now operating in a very special environment and challenging market conditions. Although TrueLayer is in a strong position, it is not immune to these more macro factors." TrueLayer currently provides Services include payments, payments, user account information, and user verification, and its clients include crypto companies such as MoonPay, Ramp, Revolut, Freetrade, and Cazoo. As previously reported, on September 21, 2021, TrueLayer announced that it had completed a financing of US$130 million at a valuation of US$1 billion, led by Tiger Global Management and participated by payment company Stripe. (The Block) [2022/9/16 7:01:54] In contrast, in Open Rollup, Ethereum assumes that a given batch of transactions is legitimate. It only rejects a transaction if a node (not just an open Rollup validator, but any participant monitoring the Rollup chain) submits a valid statement ("fraud proof") that the transaction is fraudulent. So: innocent until proven guilty. ZK Rollups rely on cryptographic proofs to determine the integrity of transactions, while Optimistic Rollups have a grace period between when a transaction is processed in the Rollup and when it is finally accepted by the underlying chain. This "dispute period" gives users ample time to submit proof of fraud. Although in practice, this will result in longer withdrawal periods (1-2 weeks at most) for tokens to migrate from the Rollup chain back to the Ethereum base layer. For open rollups to operate securely, only one honest participant is required to submit a fraud proof if necessary. Additionally, "Open Rollup" uses economic incentives to ensure that malicious users cannot spam the network with false evidence of fraud. More specifically, both validators processing transactions and network participants submitting proofs of fraud are encouraged to do so, as they must stake tokens at their discretion, and if they fail, the tokens will be forfeited. Tidal Finance, an open programmable insurance market, completed a $1.95 million seed round of financing led by KR1: On December 23, Tidal Finance (TIDAL), an open programmable insurance market on the Polkadot ecosystem, completed a $1.95 million seed round of financing , the blockchain investment company KR1 led the investment, and NGC Ventures, Kenetic Capital and Genesis Block participated in the investment. Tidal Finance is an insurance market built on the Polkadot ecology. It has the function of creating a custom insurance pool for one or more assets in multiple chains. It maximizes capital efficiency by giving the pool creator part of the deposit income as a reward . Tidal Finance has previously received investment from NGC Venture, AU21 Capital, Kenetic, QCP, Genesis Block, DFG, LD Capital and other institutions, and has established cooperative relations with well-known security companies Peckshield and Haechi Audit. (Coindesk) [2020/12/23 16:13:29] At first glance, ZK Rollup seems to be relatively strict. Not only do they add a cryptographic proof burden to each transaction, but they also avoid the week-long withdrawal delays that plague "open rollups". However, in essence, ZK Rollup is not better than open Rollup. It is much more complicated to implement than imagined. No matter how many theoretical advantages ZK Rollup has, at least at the current stage it is limited by the components it can provide for scaling DeFi. DFINITY supports multi-language development, and there are already multiple open Internet applications: At the online summit co-organized by DFINITY, DfinityFUN Chinese community and SNZ on December 17, Alexa and Liz, heads of DFINITY product operations and ecological cooperation, said that DFINITY will It supports various developments such as Motoko, Rust, C, etc. Developers have built a decentralized version of the video streaming platform, scalable decentralized games, luxury platform Origyn, decentralized Douyin CanCan and other applications on the upper layer. [2020/12/17 15:35:20] Open Rollups such as Arbitrum and Optimism provide an execution model very similar to the Ethereum Virtual Machine. For developers, switching to Open Rollup is an easy process, regardless of the complexity of the code. Arbitrum's recently updated documentation clearly shows how easy the process of migrating applications is. In general, Open Rollups can provide the same functionality as offered by alternative EVM-compatible scaling solutions like Matic/Polygon and Binance Smart Chain. On the other hand, for leading ZK Rollup protocols such as Starkware and ZkSync, compatibility is a more thorny issue. Because ZK Rollup is designed to have a proof of validity associated with each single type of transaction, its rollup technology is much more onerous to build. ZK Rollup has been successfully used for some discrete tasks, such as direct transfers and transactions. But they have not yet provided general support for DeFi smart contracts. BK Capital announced its strategic investment in the open financial platform DeFiner: Recently, BK Capital announced its strategic investment in the open financial platform DeFiner, and will fully support DeFiner's global influence in terms of exchanges, communities, products, etc. , Vigorously develop the global DeFi business. DeFiner is a fully decentralized encrypted asset savings, financing, and payment platform. The team was established in the United States in 2018. In 2019, it won the American Fintech Challenge Championship. It was named the 8 most noteworthy fintech startups in the United States in 2020 by Fintech News, and received investment from well-known venture capital Techstars. BK Capital is a subsidiary of Bike Group, and it is the only digital currency fund under the group that covers investment and incubation. Its business includes currency investment and equity investment in the primary market of the blockchain industry, and digital asset asset management services in the secondary market. . It is reported that DeFiner has successively obtained investment from many well-known blockchain institutions such as Signum Capital, Alphabit, Consensus Lab, Leading Capital and Bisheng Capital. [2020/10/10] This in no way diminishes the future potential of ZK Rollup. It is worth mentioning that, sooner or later, ZK Rollup may provide many of the things that Open Rollup has done: near full EVM compatibility, computational efficiency, and easy portability of complex code. However, according to the current situation, only open Rollup can solve the emergency congestion problem of Ethereum and provide a method for the rapid expansion of DeFi. The question is, is the speed of scaling worth it at the cost of security? Supporters of ZK Rollup believe that ZK Rollup provides sealed cryptographic verification of off-chain execution, so it has a decisive security advantage over open Rollup, which means that ZK Rollup may have great potential in the gradual expansion of DeFi protocols. Aspro Digital Tony: will focus on open financial business: Jinse Finance live report, August 2, sponsored by Jinse Finance, Alibaba Cloud, Zhongke Yunchuang, 99EX, Asproex, Rebi, ChainUP, and Jinse Power Cloud chief cooperation The Co-For Innovators Conference was held in Zhengzhou. Tony Gu, Executive President of Aspro Digital Asia Pacific, delivered a speech titled "Asproex Apollo: A Leader in Open Finance". Tony said that finance is the application scenario with the most logical logic and the widest range of people in blockchain applications. The current financial market is developing along the path of centralized finance, open finance, and decentralized finance. Asproex has built an open financial business , Next, efforts will be made to open up the mapping relationship between real-world financial assets and digital tokens on the chain. [2020/8/2] However, in reality, security issues are not so simple. ZK Rollups are constructed by a designated party that executes transactions, builds blocks and includes proofs of validity. This behavior is called a "relayer" (or "prover"). In ZK Rollups, relayers are encrypted to prevent fraudulent transaction submissions and lock funds processed by the Rollup. However, this reliance on one party creates some potential loopholes. Repeaters prove the work of building blocks with zero knowledge requiring expensive computing infrastructure. If a repeater goes offline for any reason, there won't necessarily be another party with proven technology to seamlessly take over processing duties. In practice, this means that ZK Rollup does not have strong flexibility guarantees. Now we compare it with open Rollup. On an open Rollup, a unilateral "sequencer" is also designated as a block producer and transaction processor. In most cases, other validators on the open Rollup network act as "referees" that can "throw a foul call" on the sequencer. That is, they can issue proof of fraud if necessary to trigger the dispute resolution process. But, importantly, these additional validators can also assume the role of block production without additional processing power or technical knowledge. Arbitrum's founders even claim that it's possible to run an Arbitrum node using a regular laptop with some extra RAM. Proponents of ZK Rollup argue that similar vulnerabilities exist in Open Rollup, and that these vulnerabilities are more severe when exploited due to the lack of cryptographic constraints. This parameter works as follows: Open Rollup assumes that "one of n participants" is honest. This means that as long as there is an honest network user who can submit proof of fraud, the Rollup protocol can process transactions correctly. The problem, these critics insist, is that while the “one honest participant” requirement is weaker than a sidechain’s simple majority consensus mechanism, it is still vulnerable to censorship. If all participants are compromised or forced offline, fraudulent batches could theoretically be submitted to Ethereum without triggering dispute resolution. In theory, this attack scenario makes sense, but in practice there are two important factors: First, as mentioned above, open rollups have a long dispute resolution period of one to two weeks. Any participant other than validators who is monitoring the state of the network can submit a fraud proof during this dispute period. This means that the "one in Rollup" hypothesis is not "one n validators in the rollup", but "one in the rollup", as John Adler, a leading Rollup researcher, put it to me like that. Furthermore, for game-theoretic reasons, we assume that already corrupted network participants will defect and submit proofs of fraud, since doing so entitles the defector to a forfeited stake in the block producer. In other words, "an honest participant" is really just a hypothesis, and there is a high probability that a greedy participant will be willing to submit correct proofs of fraud for a monetary reward. Besides liveness guarantees and the "one honest validator" assumption, there are various other security issues worth exploring. The purpose of the discussion is not to draw black and white conclusions on the complex issues of trust and security. On the contrary, my goal is to make ZK Rollup's original low-pass function more secure than open Rollup through cryptographic verification. Although the above discussion emphasizes the usability of the open Rollup network and emphasizes the advantages of its security model, ZK Rollups still have decisive advantages over Optimistic Rollups in terms of user experience. Specifically, ZK Rollup transactions can be confirmed instantly. Therefore, users of ZK Rollups theoretically don’t have to wait any significant amount of time to withdraw their funds back to Ethereum. On the other hand, as mentioned earlier, open rollups require a delay of 1-2 weeks to exit in order to resolve disputes.

Tags：

FTX