β¨ZK-ROLLUPS on Solana
What happens when we use ZK-STARKs as computational integrity proofs? In two words - massive scalability.
Why Solana?
Solana allows developers to write programs in Rust & C++, both fully generalisable, low-level languages. Unlike EVMs, highly performant LLVM runtime on Solana enables more complicated programs, such as high frequency trading and margin settlement. This for the first time, opens the door for general-purpose programs to be written and executed trustlessly on the blockchain. But Solana too imposes significant compute restrictions blocking such applications - in particular, Solana has a limit on 200k BPF compute steps that can be performed by a program, and a 4KB stack size limit, before the compute budget is exceeded.
Why ZK-STARKS?
ZK-STARKs are ~10x faster than ZK-SNARKs as computation size increases.
Newly emerging, scalable ZK-Proof technology solves this challenge - allowing any single node to perform an arbitrary computation, and then share a succinct, transparent argument-of-knowledge (STARK) with the chain, which the other nodes can verify using a small fraction of the compute needed for the initial execution.
As the cost of execution is at least three orders of magnitude cheaper than Solana on Zilch v1, developers will find an extremely rich design space of applications that can be built on Zilch, comparable to the design space of all apps that can be built using centralised cloud providers.
ZK-STARKS are the ideal prover-verifier system for scalable applications, as the prover complexity only increases sub-linearly with increased computational complexity (unlike ZK-SNARKs, which scale linearly with increased complexity).
The following graph demonstrates this point, showing the communication complexity relative to computational complexity for zk-starks and zk-snarks.
Furthermore, ZK-STARKS require virtually constant verifier complexity, regardless of the complexity of the computation being proved. This is an excellent property that theoretically allows for infinitely complex applications, that can be easily proved on chain with a simple proof (that can even be verified on a mobile phone).
This represents an incredible advance in the design space of provable applications, and will likely be the primitive on which the bulk of computation of web3 will be performed in the coming years.
What are Compute Markets?
Zilch pioneers the concept of compute-markets on Solana. For v1, we adopt a hybrid approach of ZK + optimism, to maximise scalability and to build a PoC early and get devs in on the ground floor. Our approach is more powerful than simple Optimistic rollups, since posting a proof commitment on-chain with each computation is mandatory. For optimistic proofs, checking correctness of a computation is expensive, and requires keepers to repeat all the computation and compare results. In contrast, in Zilch, a ZK-STARK proof is commited on chain with each set of outputs, making it trivial for anybody to verify the correctness of the computation.
At the same time, our approach is cheaper than mandatory on-chain zk-verification of every computation, which drives up gas costs significantly while providing minimal additional security.
Last updated