Following Introducing LumiBit’s Type 2 ZK-EVM: Why ZK-EVM?
Key Takeaways
- LumiBit employs a distinctive ZK system, integrating Halo2 and polynomial commitments for efficient and faster ZK verification.
- The use of Halo2 provides quantum resistance and scalability, crucial for processing complex polynomial data.
- Utilizing KZG commitments, LumiBit streamlines transaction verification and Data Availability updates.
- LumiBit aims for full Ethereum ecosystem compatibility, introducing Type 1 ZK-EVM and exploring “fractal scaling” for potential unlimited layering of ZK-rollups.
- The ZK-rollup approach aims to lower transaction fees on the Bitcoin network, with further strategies to decrease storage and computational costs.
Distinctive ZK Features of LumiBit
In LumiBit’s ZK-EVM, the composition and operation of transactions are similar to a standard EVM. However, LumiBit employs a different ZK system in terms of proof and verification to achieve a more efficient and faster ZK verification approach. Unlike other ZK-rollups, LumiBit’s primary change lies in using Halo2 scheme and polynomial commitments (KZG commitments) to reduce verification costs.
Halo2
Halo2, a zero-knowledge-proof system within the zkSNARK category, allows provers to demonstrate the validity of certain information to verifiers without revealing specifics and is typically used to generate succinct non-interactive proofs for transaction validation in ZK-EVM.
Halo2 also provides quantum resistance and scalability. By interacting with provers and verifiers to establish relationships between data sets and polynomials, it can reduce proof length and non-zero polynomial coefficients in each recursive round, leading to a concise constant polynomial for easy external verification.
In LumiBit’s zkEVM, the zero-knowledge proofs for transactions is based on Halo2, aiming to validate the effectiveness of transaction execution. LumiBit breaks down the execution process into step-by-step trajectories, with each opcode executed correctly according to Ethereum’s specifications. After each transaction, the generation and validation of proofs are determined by verifiers based on the correctness of the state transition from S to S’. Once generated, these proofs are prepared for state aggregation and DA updates in the future through polynomial commitments.
Computation Based on Polynomial Commitments
A polynomial is a single mathematical object that can encompass an infinite amount of information. Simply put, it is a multi-dimensional equation capable of supporting inputs of greater complexity. Polynomial commitments are a widely used cryptographic tool that allows nodes to commit to a polynomial without revealing its contents. By computing over a point on a cryptographic curve, these commitments enable the verification of the corresponding content’s validity without the need for revealing original information.
The KZG (Kate-Zaverucha-Goldberg) commitment is a practical polynomial commitment scheme widely used in Ethereum’s Proto-Danksharding and other L2 rollups. KZG, relying on elliptical curve calculations and offering more succinct content, is particularly well-suited for the Bitcoin L2 ecosystem.
In LumiBit’s ZK-EVM, the KZG commitment is employed for both transaction verification and ZK-rollup processes. When developers deploy contracts and users initiate transactions, the executed transactions in ZK-EVM generate computational results and zero-knowledge proofs, leading to the creation of KZG commitments. These commitments are validated by nodes and users to ensure the accuracy of on-chain state changes. During state packaging and submission to Bitcoin blocks, KZG commitments are generated based on transaction-induced state changes and validated. The validation results and original state roots are then submitted as Data Availability (DA) proofs, enabling other nodes and users to verify LumiBit’s L2 transactions without full knowledge of the transaction detail.
Utilizing polynomial commitments effectively reduces the occupation of space in Bitcoin blocks. Thanks to native support for elliptical curves, the generation and validation of proofs in this scheme are more efficient and concise compared to traditional commitment methods.
Future Scalability
- Type 1 ZK-EVM Abstraction
LumiBit’s Type 2 ZK-EVM effectively emulates the EVM, but still has some differences from the native Ethereum environment. To achieve complete migration of the entire Ethereum ecosystem, including Ethereum itself, it’s essential to develop a Type 1 ZK-EVM.
Currently, Type 1 ZK-EVM faces issues of higher transaction costs and slower confirmation speeds. However, with universal and custom circuit designs, and advancements in cryptographic zero-knowledge engineering within the industry, we can layer a Type 1 EVM abstraction on top of the Type 2 EVM, wherein the transaction execution results on this Type 1 layer are then relayed back to the Type 2 EVM. Following this, LumiBit updates the resulting state onto Bitcoin. This approach effectively layers one EVM type over another to utilize their combined capabilities.
For more information on the types of ZK-EVM, please refer to Introducing LumiBit’s Bitcoin L2 Solution: Why ZK-EVM.
- Fractal Scaling with Rollups
The scalability potential of ZK-rollups extends beyond L2, introducing the concept of “fractal scaling.” This enables virtually unlimited scaling by layering ZK-rollups on top of each other. When Bitcoin L1 blocks are filled with L2 validity rollup transactions, a L3 rollup can be constructed atop the L2 rollup. This process can continue with a L4 rollup on L3, and so forth, each layer building upon the previous, thus amplifying scalability at multiple levels.
- Crosschain Lightning Transactions through LumiBit
While the Lightning Network is renowned for settling on the Bitcoin mainchain, Lightning channels can be opened and settled on any blockchain compatible with Lightning Network. A Lightning node with channels on multiple chains can route payments between users on different chains as if they were on the same chain. Thus, LumiBit can build a path with sufficient liquidity, allowing seamless transactions between users who use Lightning BTC channels on Bitcoin L1 and those on LumiBit.
- Enhancement of Decentralization and Security
ZK-rollup’s increased transaction privacy offers advantages in handling future Miner Extractable Value (MEV) issues. Transaction contents are encrypted so that external observers are hard to identify the most beneficial transactions, thus reducing MEV risks while enhancing decentralization and transaction security.
Moreover, as transactions are batch-processed off-chain and then collectively submitted to the main chain, ZK-rollups facilitate fairer transaction handling. This process reduces the likelihood of network information being unfairly exploited and decreases the chances of validators or nodes adjusting transaction orders for personal gains, further mitigating MEV risks.
- Lower Transaction Fees
ZK-rollup and ZK-EVM can reduce the cost of storing transaction states, resulting in lower storage costs on the Bitcoin network compared to OP-rollup. Consequently, this leads to lower transaction fees for users.
Due to Bitcoin’s block size limitations, two approaches will be pursued to further reduce transaction fees:
1. Implementing more succinct ZK proof schemes. Current solutions (STARK and SNARK) still incur significant storage and computational costs. A more Bitcoin-adapted, succinct ZK scheme can reduce state storage space and transaction costs without sacrificing EVM compatibility.
2. Using specialized clients. Danksharding, for instance, allows for partial storage of LumiBit states in specialized clients to reduce storage pressure on Bitcoin nodes and lower L2 transaction fees for users. Historical states will be stored as ZK state roots instead of full ZK proofs, with recent transaction states still stored in full proof form. Nodes may opt to discard states older than a certain threshold, retaining only historical state roots. Full clients can still retrieve historical transaction states.
Final Thoughts
In our journey to enhance Bitcoin’s Layer 2 capabilities, LumiBit’s innovative approach with ZK-EVM and polynomial commitments marks a significant stride towards scalability and efficiency. Our commitment to a future-proof ecosystem, focused on seamless integration and reduced transaction costs, sets the stage for broader adoption and technological advancements in the blockchain sphere. As we continue to explore and innovate, the potential for a more interconnected and efficient blockchain network becomes increasingly tangible.
