Electron SDK: An Open Source Library for Building ZK Applications(Part 1)
This is the first article in a series of posts on Electron SDK.
Electron SDK is an open source library that ships with multiple cryptographic primitives that are required by virtually all zk powered applications. Currently, developers have to spend months figuring out circuit implementations of various encryption, hashing, and signature schemes. As a result, most builders shy away from building ZK-powered applications. The goal behind Electron SDK is to reduce the lead time for developers to learn ZK so that they can start building within 3 weeks rather than 6 months. We aim to abstract away the complexities of ZK systems and cryptographic constructs so that developers can focus on their use case.
Let’s look at the various cryptographic libraries provided as part of Electron SDK.
zk-Ed25519
zk-Ed25519 is a circuit implementation written in Circom to prove validity of a batch of Ed25519 signatures. Today, most ZK builders choose to use Snark-friendly signature schemes such as EdDSA on babyjubjub curve for their applications, in spite of the fact that this leads to compatibility issues with existing blockchains This is because it’s hard to create a zk-prover for Ed25519 since it uses a finite field which is bigger than the altbn128 finite itself, the one used by zk-snarks. We solved this problem by defining the prime 25519 finite field on base 2⁸⁵. This enables fast multiplication and modulo operations on the twisted Edwards curve while keeping all field elements within altbn128 finite field.
Potential use cases include compression of Light Client headers, making privacy dApps compatible with existing wallets, and powering scalability rollups on rust-based chains.
Electron-rs
Electron-rs enables on-chain proof verification in rust-based ecosystems like Solana, CosmWasm, and NEAR. Till now rust based provers like arkworks-rs were not directly compatible to run on-chain due to various reasons like their dependency on non-wasm/BPF compatible dependencies and heavy computations which generally exceed the gas limits for any chain. Electron-rs is a complete plug-and-play verifier that is available as a ready-to-deploy smart contract that allows you to :
- Store prepared verification keys in on-chain storage for quick access and updation.
- Do fully optimized on-chain proof verification for as less as 150 TGas.
Available on NEAR, Solana and CosmWasm
AES-circom
The Advanced Encryption Standard (AES) is a specification of data encryption. AES is a symmetric key algorithm.
We have implemented the AES-GCM-SIV encryption scheme in Circom in order to be able to generate zk-snark for encryption, which can then in turn be verified on-chain. Even though AES-GCM-SIV is not Snark friendly, we still chose this encryption scheme as the Snark-friendly schemes haven’t yet been fully verified.
sha512-circom
sha512-circom is a circuit implementation for SHA-512, or Secure Hash Algorithm 512, a hashing algorithm used to convert arbitrary byte stream to a fixed-size output. SHA-512 is used in popular signature schemes, for eg. Ed25519; and some merkle tree implementations.
So far, our work on Electron SDK has been focused on building cryptographic primitives. However, going forward, we are focussing on improving the proof generation infrastructure for applications.
Future Roadmap for Electron SDK
In the future, there are two places where proofs will be regularly generated — cloud machines and client-side such as browsers. We are working on accelerating proof generation in both these places.
Proof Generation in Browsers
Electron SDK is moving away from Snarks and towards Starks. Proof generation using Snarks required the use of a proving key which can be several gigabytes in size even for the simplest applications. For privacy use cases, this means users will be required to download very large files for every dApp they interact with and re-download it every time their existing dApps go through an upgrade. Starks are very interesting here since they do not have large proving keys, and require fewer resources for proof generation.
We have run tests using distaff VM, a Stark-based VM which is easily compilable to Wasm and hence easy to make compatible with browsers. We were able to achieve 300 ms proof generation time for a simple adder circuit. We will be conducting more tests going forward to set benchmarks. Eventually, the goal is to achieve sub 1 second proof generation time even for complex applications.
Proof Generation in Cloud and Recursion Proofs
Since the computational resources with a smart contract are limited, it would not be possible to submit a proof for every user interaction. This is where recursion comes in. Recursive proving allows combining several proofs into one, thus compressing a massive number of user interactions into a single proof.
Starks are preferable in this case also since stark-based proof recursion is much easier, making it possible to aggregate multiple stark proofs into a single stark.
We are working on using plonky2’s recursive engine to reduce the proof gen time for zk-Ed25519. Based on initial tests, we believe we are close to reducing proof generation time to ~ 90 seconds from the current 16 minutes. We aim to achieve sub-5-second proving times for large batches of ed25519 using GPU-based acceleration.
Putting it together
Based on the research so far, we believe the future of ZK infra will have 3 components -
- Proof generation in the browser using prover-friendly schemes such as Starks.
- Use of recursive proofs to aggregate client-side proofs.
- Use of hardware acceleration for speeding up cloud-based proof generation.
- Use of recursion to convert the final aggregated proof to a Snark or similar verifier-friendly scheme before submission to a blockchain.
Ending Note:
We are already using Electron SDK to power the use cases we are building at Electron. Many members of the community have reached out to us to use our libraries, and we are happy very to provide support to projects that are building using our engine.
Continue reading part 2… (coming soon)
Join Electron’s Community:
Twitter | Telegram | Discord | Website | GitHub | LinkedIn | Youtube