ZKPool's Aggregation of Multi-Prover
ZKPool
0x3d18
October 31st, 2023

What's a multi-prover system?

In a ZKP (Zero Knowledge Proof) system, multiple types of proofs can be generated for the same proving task. The verifier can only verify a state transition when all the generated proofs are verified. The types of proofs include ZK-SNARK, ZK-STARK, SGX, and so on.

Multi-prover system (From Taiko's blog)
Multi-prover system (From Taiko's blog)

Vitalik proposed the multi-prover design in a speech.

Vitalik's multi-prover proposal (From Vitalik's share)
Vitalik's multi-prover proposal (From Vitalik's share)

Especially, SGX proof is a type of proof guaranteed by hardware. It eliminates the need for complex proving computations using special hardware to execute code and ensure honest computation securely.

To run SGX, the prover must have a dedicated machine with SGX support.

Why is multi-prover necessary for ZKP projects?

It's because ZK-EVM or ZK-VM won't be bug-free for a long time. The multi-prover system can avoid the error state being mistakenly verified by error-proof. Requiring and verifying all different proofs guarantees a much safer condition.

Why multi-prover is necessary? (From Vitalik's Share)
Why multi-prover is necessary? (From Vitalik's Share)

Here is a picture to illustrate the meaning of multi-prover.

Safety of multi-prover (From Taiko's blog)
Safety of multi-prover (From Taiko's blog)

How can ZKPool benefit the multi-prover scenario?

Prover operators then face a significant challenge. The ZKP project needs provers to generate multiple proofs simultaneously (to save gas fees) or at different times (like Taiko’s progressive hybrid rollup design) for the same block. It becomes difficult for individual or institutional operators to have ZK and SGX prover capability.

ZKPool can act as a super-prover by aggregating proofs from independent SGX and ZK provers and then sending the aggregated proofs to the verifier.

Therefore, each individual can use either ZK provers or SGX provers exclusively.

Furthermore, in a multi-prover system, by comparing different proofs off-chain before submitting, we can save on-chain costs. The decentralization of off-chain multi-prover benefits such honest comparison.

ZKPool aims to support different Zero-Knowledge Proof (ZKP) projects. It enables using different kinds of provers to generate proofs for various projects, thereby maximizing hardware utilization.

This is how ZKPool benefits the multi-prover based ZK-rollup.

ZKPool's architecture to support multi-prover
ZKPool's architecture to support multi-prover

We are firmly convinced that a multi-prover approach is crucial for the development and success of the ZK-rollup ecosystem and other ZK-related applications, such as ZK-bridge and ZK-oracles.

Reference

  1. Taiko's progressive hybrid rollup design: https://github.com/taikoxyz/taiko-mono/pull/14705

  2. Multi-prover introduction from Taiko: https://taiko.mirror.xyz/Kx1Mp4WJjd83K1KDEwp1pM7xi9QmpSahxJg3S_N7NE4

  3. Vitalik's proposal on "Multi-Prover for Rollup Security,": https://www.youtube.com/watch?v=6hfVzCWT6YI

Subscribe to ZKPool
Receive the latest updates directly to your inbox.
Mint this entry as an NFT to add it to your collection.
Verification
This entry has been permanently stored onchain and signed by its creator.
Arweave Transaction
MikRE1rFWP5HsqX…Zzxc93gaimeBkOo
Author Address
0x3d18c7f54973db2…51231be61EaA126
Content Digest
CSoSVcFujcHCjKP…_Hc4_MteKS42Iis