Loopring has just open-sourced the circuit repository for protocol 3.0: protocol3-circuits. The repository contains the following circuits:
- Deposit, for handling (on-chain) deposit requests (including account creation and public key reset);
- Transfer, for handling internal transfer requests;
- Off-chain Withdrawal, for handling off-chain withdrawal requests;
- On-chain Withdrawal, for handling on-chain withdrawal requests;
- Order Cancellation, for handling off-chain order cancellation requests;
- Ring Settlement, for handling DEX operator’s off-chain, batched settlement requests.
protocol3-circuits and protocols constitute the complete Loopring 3.0 protocol. We believe these circuits are ready for deployment, although our engineers are still trying to optimize the code. The circuits are currently being audited by SECBIT.
We are extremely excited, as this is one of the final significant steps before Loopring 3.0 is ready for the world.
Why there are 6 circuits
On Ethereum, the more complex a smart contract is, the more gas it costs to execute its functionality. A similar thing is true for circuits: the more complex a circuit is (measured in the number of constraints, where a constraint is an equality check in the form of A x B = C, a circuit is just a long list of equations of this type) the more expensive the proof generation is. This complexity also limits the scalability because there is a limit on how many constraints we can efficiently generate proofs for. So it is very important that the complexity of circuits is kept as low as possible. This is one of the reasons we have a specific circuit for each DEX function.
What this means for the layperson
These circuits are largely what gives Loopring 3.0 its ‘superpowers’, allowing us to scale from 2–3 trades per second, to 1400 trades per second — without sacrificing security. This unwillingness to sacrifice security is really the most salient point; if we weren’t so stubborn on maintaining Ethereum level security guarantees, this would all be a lot easier. But of course, that is our raison d’être: scalable, secure, non-custodial orderbook exchanges. And that’s where these circuits come in: proving with 100% certainty that what a user thinks will happen, and what a DEX says will happen, will happen. And that’s why it’s important that we open source them.
These zkSNARK circuits allow for verifiable computation off-chain— ensuring protocol rules are respected (ex: users did indeed authorize this trade, by virtue of this signature, and the price is respected, and no extra fees are being siphoned, etc.). The result of the circuit is a zkSNARK proof that says as much: that all computation was done faithfully. This validity proof is then submitted (by a DEX operator) to the Loopring protocol smart contracts on Ethereum, which simply says, “yes, this proof is verified”… a new state is sealed.
The development of the circuits would not have been possible without standing on the shoulders of giants. We specifically thank HarryR (EthSnarks) and barryWhiteHat for bringing zkSNARKs to Ethereum and so much more. Their work is the foundation of our circuit code base. We’d also like to thank SCIPR Lab for their libsnark.
We have set up a 500K LRC bounty program to reward those who identify bugs in our circuits. For more details, follow the link below: