War of Words Over zkEVMs may herald long battle to technical maturity
Polygon’s Mihailo Bjelic and Matter Labs’ Alex Gulechov are competing to launch the “first” zkEVM chain to help scale Ethereum. When both co-founders happened to announce major updates to their timelines last week, each took the opportunity to poke fun at the security practices of their competitor.
After Gulechov announced that zkSync Era – the Matter Labs platform – was open-sourcing its code and opening the doors to developer testing on Ethereum’s mainnet, Bjelic accused him of lying about the progress of zkSync’s third-party security audits. Gulechov, for his part, suggested that Bjelic was avoid key questions about how Polygon’s zkEVM system will work when it launches in March, reportedly the first such platform to hit the market.
If anything is clear from this exchange, it’s that Ethereum’s layer 2 landscape—zkEVMs and other scaling platforms that allow users to trade Ethereum at higher speeds and lower fees—is still in its early days. As a number of companies scramble to go live, all products are likely to have major security concerns when they open up to users.
Ethereum’s layer 2 rollups are separate blockchains that sit above the base, layer 1 Ethereum chain. These blockchains host apps just like the Ethereum basechain, but they allow users to trade cheaply by aggregating large batches of transactions and then sending them down to the basechain for settlement all at once.
Ethereum’s core developers envision a future where rollups become the main entry point for most users. The big selling point for rollups is that they use technology that allows them to “borrow” Ethereum’s security – meaning that transactions on the rollup chains should be functionally equivalent to transactions on Ethereum itself. But that’s not really the case yet.
“There are currently a large number of (optimistic and ZK) rollup projects, in various stages of development,” Ethereum co-founder Vitalik Buterin explained in a developer forum.
“A pattern common to almost all of them is the use of temporary training wheels.”
Optimistic rollups, the first rollups to hit the market, already process a higher volume of transactions than the Ethereum blockchain. But as CoinDesk previously reported, the leading Optimistic roll-ups – Optimism and Arbitrum – have safeguards in place that depend on the honesty of third parties.
An example of how third parties come into the picture is code upgrading. Due to the relative immaturity of their technology, rollup protocols can be upgraded to fix bugs. While the ability to fix errors may seem like an obvious necessity, many keystone crypto protocols, such as Uniswap, choose to be non-upgradable. This is because upgrades have the potential to introduce more bugs (see the $190 million Nomad bridge hack) or be exploited by bad actors who then sneak in outright malicious code.
There is no evidence that Optimism or Arbitrum ever suffered greatly as a result of their upgradeability. However, this is not the only place where they bake in trust assumptions as a matter of bootstrapping. Until these trust assumptions are significantly reduced, using rollup chains will not actually be synonymous with using the Ethereum blockchain.
ZkEVMs are intended to be a more advanced breed of rollup platform than optimistic rollups, as they use fancy zero-knowledge cryptography to ensure transaction integrity. However, due to their more complex inner workings, they will also come to market with several caveats.
“I guess in the long term we’ll all have your Aaves, Uniswaps and all the standard DeFi applications that have been on Ethereum,” Toghrul Maharramov, senior researcher at zkEVM startup Scroll, told CoinDesk. “So the question is, how do you stand out? How do you build a unique ecosystem?”
According to Maharramov, “Unless someone makes a huge technical breakthrough and there’s a huge gap between them and everyone else, it’s more about the values you present.”
For Polygon, Matter Labs and other zkEVM builders, security will be an important – if not the most important – selling point; hence all the debate online. But beneath the marketing and social media attitude, Maharramov says, all zkEVMs will face similar security challenges.
The “primary concern” in the short term will be failures in the bridges that people use to transfer funds between the Ethereum and zkEVM chains, Maharramov says. Smart contracts that power crypto bridges have long been a prime target for hackers, and in the world of zkEVM, Maharramov says that “bridge contracts are quite complex and it will be difficult to avoid errors.”
Perhaps more worrying than bridges, however, is the difficulty of testing zero-knowledge circuits – the cryptography that will power zkEVMs under the hood.
“Technology has evolved drastically over the years, so it’s not like an established and battle-tested thing,” Maharramov said. Compared to optimistic summaries, the zkEVM code is “much more complex” and there are “fewer people who can audit that kind of thing, so it will also be harder to spot bugs.”
As a result of their security risk, zkEVMs are likely to rely on larger confidence assumptions (ie, training wheels) as they mature compared to optimistic rollups. For example, the code will be upgradeable, and trusted third parties will be able to step in to protect against circuit failures.
As for when a rollup – Optimistic or zkEVM – will be able to take off those training wheels and start in earnest, Maharramov says it will still take a while.
“I think for optimistic roll-ups, the path is shorter just because they’ve been around for a longer time,” he said. “I expect by next year to have at least protocols that are almost true summaries.”
As for zkEVMs, “I would say two years would probably be somewhere around the mark that I would be comfortable saying the technology is mature enough,” he said.