Preface
Over the past year, we struggled to face all the doubting voices, but we choose not to escape. It would be hard for us to believe back then that we would make it till now, yet today we are continuing on this road, ever firm and strong. With all the preparations in place, we are ready to embark on our next journey.
ZKSwap V1 (2021/02) — The First AMM Using ZK-Rollups
The ZKSwap V1 mainnet was officially launched on Ethereum on February 8, 2021, as the first Layer2 AMM using ZK-Rollups, which eased the transaction congestion on Ethereum at that time, with a maximum of 50 TPS (TPS would be higher if more machines were used), far exceeding that of the Ethereum chain.
We have been paying attention to Ethereum scalability for a long time. After a period of research, we chose the ZK-Rollups, the only scalability solution that can maintain the same security level as Ethereum . After all, the safety of user funds is of the most importance.
In terms of technology , ZKSync was the most reliable Layer 2 scalability solution based on ZK-Rollups, but it was very inefficient and only supported simple transfers. Based on this, we carried out a rapid iteration and added a series of functions of the AMM model, such as creating trading pairs, adding/removing liquidity, swapping, etc.
ZKSync is the first of its kind to implement the Layer 2 scalability plan based on ZK-Rollups, which is indeed respectable and worthy of applause. In the early stage, the solution developed by ZKSync had its own problems in functionality and performance. Nevertheless, being able to read the code and write the circuit to support more functions and better efficiency is already a big technical challenge.
ZKSwap V2 (2021/07) — Permissionless Token Listing
ZKSwap V2 added the Permissionless Token Listing function (also called Unlimited Independent Token Listing). Users can list tokens issued by themselves on the platform after paying certain fees. Using two variables to control the total number of tokens listed is the logic of ZKSyncV2. One variable is the hot-configured ListingCap, which is used to control the number of pairs, and the other is the fixed-configuration MAX_AMOUNT_OF_REGISTERED_TOKENS = 16384. The two variables are enough to support a great number of new cryptocurrencies (and because of the token listing fees, malicious listings can be avoided).
ZKSpace (2021/12) — ZKSwap V3, ZKSea, and ZKSquare
ZKSpace supports multiple layer 2 functions, covering DEX, NFT, and payments while integrating ZKSwap V3, ZKSea, and ZKSquare. Therefore, starting from ZKSwap V3, we launched a series of rebranding activities, moving towards a ZK-based platform that involves multiple products and gradually forming a full-featured layer 2 ecosystem.
ZKSea — NFT for Everyone
Mint
The advantage of allowing NFT minting on layer 2 is to save the Gas fee of users, and at the same time to improve users’ layer 2 trading experience.
After connecting to the wallet, users can fill in the NFT recipient address and the NFT content Hash (such as the IPFS content identifier) and then click “Mint” to create an NFT.
Transfer
NFT transfers on layer 2 are supported whether the sender is an existing address or an address not registered on layer 2.
Withdraw
NFT withdrawals are also supported. Users can withdraw NFT officially issued by ZKSpace or third parties on layer 2 to layer 1. When the NFT officially issued by ZKSpace is withdrawn to layer 1, it will be minted for the user’s specified address through the NFT contract deployed on layer 1. If the NFT to be withdrawn to layer 1 is issued by third parties other than ZKSpace, the ERC-721 standard SafeTransferFrom method will be called to transfer the NFT from the ZKSpace contract to the address specified by users.
Deposit
Withdrawing an NFT issued by ZKSpace to layer 1, or depositing it back to layer 2 is both supported. In addition, a major feature is that ZKSpace also supports depositing NFTs issued by third parties on layer 2, so that NFT transactions will be operated on layer 2 with lower Gas fees and at a faster speed.
ZK-Rollups-Based PLONK
The Zero-Knowledge Proof (ZKP) system of ZKSpace adopts a distributed architecture and PLONK, the latest ZKP algorithm, to generate proofs. The Prove server supports multiple Provers, which actively check out the proof tasks in the Prove server and send the proof back to the Prove server after it is generated. PLONK’s global trust setup only needs to be generated once, and applications within a certain range of circuit scale can be reused, which greatly reduces the threshold for the use of ZKP. And in order to continuously improve the system performance of processing transactions, we have always been optimizing and exploring the PLONK algorithm.
Basic PLONK
We may say that the emergence of the PLONK algorithm has pushed the application of ZKP to a new stage. A more friendly way of circuit description makes it more universal than other ZKP algorithms. For an in-depth explanation of the PLONK protocol, you may refer to Vitalik’s Understanding of PLONK.
Improved GPU PLONK
The PLONK algorithm can be split into multiple ROUNDs, and some of the steps are particularly complicated to calculate, such as the calculation of polynomial T(x).
The PLONK protocol also requires a large number of pre-computations, such as q_M, q_O, s_σ, etc.; the FFT with a large size is about 4 times more expensive than other polynomial operations.
Even though some teams have done a lot of parallel optimization when implementing their projects, it still requires high-performance configurations for operation. Therefore, we have developed the GPU version of PLONK, which can improve the efficiency at least 6 times compared to the CPU version of PLONK. Meanwhile, GPU has a unique architecture including more cores and relatively low clock speed.
Aggregative PLONK
Due to the limitation of circuit scale, the number of transactions carried on a circuit is limited, which means that the number of transactions contained in a proof is also limited. Therefore, we have implemented an aggregation algorithm to aggregate multiple Proofs into one Proof, so that the number of transactions contained in such a Proof increases several times, greatly reducing the average overhead. The principle diagram of aggregation is shown in the figure below:
The pseudo-code is as follows:
for proof_idx in 0… self .num_proofs_to_check {
let proof = &proof_witnesses[proof_idx];
let vk = &vk_witnesses[proof_idx];
let [pair_with_generator, pair_with_x] = aggregate proof::<, _, T, CS::Params, P, _, _>(
cs,
self .transcript_params,
&proof.input_values,
&vk,
&proof,
& self .aux_data,
self .rns_params,
)?;
pairs_for_generator.push(pair_with_generator);
pairs_for_x.push(pair_with_x);
}
From PLONK to Halo2
With the continuous development of ZK technology, the ZKP algorithm has been evolving towards higher performance, from CRS to SRS and from simple 2-fan gate to customized gate. Therefore, algorithms designed for circuits based on simple 2-fan gates, such as PLONK, have gradually started to be abandoned. It is undeniable that the size of the circuit directly affects the efficiency of the ZKP algorithm, so customized gate and lookup argument technologies emerged, which reduced the scale of the circuit to a great extent by simply introducing some additional calculations.
For the principle of customized gate and lookup argument technology, you may refer to the Analysis of Lookup Technology Principle , which is written by Sin7Y Labs.
So far, Halo2 is the best practice of combining the technologies of the customized gate and lookup argument. For the interpretation of Halo2 principles, please refer to the following articles:
-
Halo and more — written by Vitalik
-
Interpretation of Halo2 principle — written by SIN7Y
-
How to develop circuits with Halo2 — written by SIN7Y
About ZKSpace
The all-new ZKSpace platform consists of three main parts: ZKSwap, the innovative Layer 2 AMM DEX utilizing ZK-Rollups technology, payment service ZKSquare, and an NFT minting center and marketplace called ZKSea. With an all-new-look user interface, NFT support, unlimited token listing, smoother withdrawal, optimized efficiency, and multi-chain support, ZKSpace aims to implement EVM-compatible ZK-Rollups and bring the community more layer 2-based products in the near future.
Stay Tuned
Website|APP|Twitter|Telegram|Discord|Forum|Medium|GitHub