In our upcoming Mina testnet (3.3), we are releasing Pickles: a new proof system and associated toolkit that is the first deployed SNARK capable of recursive composition with no trusted setup. Pickles will serve as the basis for developers to build private, scalable smart contracts on Mina.
Trusted-set-ups have long bedeviled SNARK users: for the most skeptical amongst us, they make the use of SNARKs unpalatable as they force you to trust some actor in the past behaved honestly.
For those more willing to trust, they stand as an obstacle to deploying new applications, as before the advent of universal setup SNARKs, a new setup was required for each new SNARK circuit.
For Mina specifically, the need for trusted setups presented an obstacle to having smart-contract execution verified on-chain, as creating new smart contracts would require performing new trusted set-ups, which are a costly and logistically complex undertaking.
Happily, as of the next testnet (3.3), Mina will be running on top of our Pickles SNARK, which requires no trusted set up and is tailor-made to enable smart contract based Snapps on top of Mina.
What makes Pickles so delicious
For developers working on private, verifiable applications (what we call Snapps) a proof system and its developer toolkit needs three things:
- An easy road to deployment that addresses the need for a trusted set-up or avoids it.
- Powerful developer tools and a library of high level functionalities.
- Efficient prover and verifier, and a path to scaling.
Pickles has two components: a core zk-SNARK, and a developer toolkit (containing a wide array of library functionality and the Pickles Inductive Proof System) which makes scaling with recursion a snap (pun initially unintended). Together, they provide items 1–3.
Inside the brine: Pickles core zk-SNARK
Pickles’s zk-SNARK improves significantly on Mina’s previous Groth16-based recursive SNARK in a number of ways.
First, it allows for increased efficiency throughout Mina by switching from large, 753 bit fields to small 255 bit fields. This has resulted in:
- VRF evaluation speed increased 16x
- Hashing speed increased about 8x
- reduces storage requirements for the ledger by 3x
As already mentioned, it eliminates the need for a trusted setup. It accomplishes this by building on top of Halo’s inner product argument, augmenting it with a batching technique, custom constraints, and a ton of other optimizations.
Lastly, it supports custom constraints tailored to enabling efficient recursion, specifically allowing efficient:
- Poseidon hashing
- Elliptic curve scaling, addition, and doubling
- This will be included in our 4.1 release of Mina and is currently disabled.
In addition, the toolkit’s Pickles Inductive Proof System dramatically advances on existing solutions for recursion, by abstracting away all the messy details of the underlying cryptography and making designing recursive proof systems accessible to application developers.
Taste testing: How Pickles compares
Pickles is the only setupless zk-SNARK supporting arbitrary branching recursion (which is essential for scalability). In addition, it has a fast prover, and unlike AIR-based STARKs, both has a small proof size and supports general circuits. This table gives an overview of how Pickles stands up against other systems.
Looking forward toward Pickled snapps
For most verifiable applications, running in isolation is not enough, and in addition to items 1–3 above (i.e., a road to deployment, developer tools, scalability), you also want:
4. The ability to composably interact with other applications within a fully-verified ecosystem
Pickles is the fundamental technology enabling Mina to support Snapps, general-computation, fully-verifiable zero-knowledge smart contracts. We’ll be writing more on this topic soon, but some of the applications we’re most excited about are decentralized private voting, trustless partial information games, private proofs of creditworthiness and universal oracles. You can read more about the last one here.
A big thanks to the teams at Electric Coin Co., Aztec, and the ZEXE authors. Pickles wouldn’t be possible without their prior contributions.
If you’d like to discuss cryptography with the team and broader community, or get involved in our testnets, our technical community on Discord is very active.