Disclaimer

1) There are many aspects of zero-knowledge proofs and rollups that I have yet to learn. This piece should be seen as a key to open the doors of the zero-knowledge world for the interested ones out there!

2) So called zero-knowledge rollups are in fact not zero-knowledge as they don’t implement zero-knowledgeness in their proof systems: they are better described as validity rollups.


What are rollups?

Rollups are a type of scaling solution for Ethereum. They allow to perform transactions on a separate off-chain network, and commit them regularly on the parent blockchain to attest their validity. In general, rollups improve the scalability (speed and cost) of transactions, while using different security mechanisms. The regular commitments of rollups on the parent blockchains allow them to benefit from their underlying security. The two main rollup systems developped today on Ethereum are optimistic and zero-knowledge rollups.

Optimistic rollups rely on the optimistic assumption that rollup participants are honest, due to economic incentives. If they are not, other participants have some time to dispute the state of the rollup that has been committed to the main chain. Arbitrum and Optimism are two examples of optimistic rollups live at the moment.

Zero-knowledge rollups rely on complex cryptography called zero-knowledge proofs. In zero-knowledge rollups, there is no assumption to be made about the honesty of the participants. All the rollup activity is being proven through zero-knowledge proofs before it can be committed and verified on the main chain. This allows ZK rollups to exponentially increase the computational capacity of transactions at a very small cost, while fully inheriting Ethereum’s finality as soon as a rollup state is published in an Ethereum block.

Now, let’s dive into what zero-knowledge proofs are, and have a look at two of the most advanced projects in the zero-knowledge rollups space.

ZKP: Zero-Knowledge Proofs

Basics

Zero-knowledge proofs (ZK proofs, or ZKP) are cryptographic proof systems that rely on a prover and a verifier. The prover can prove that he knows a secret without revealing the secret itself, and this proof can be verified by the verifier with certainty. Under the hood, these systems rely on algorithms (the provers) that translate some computations in a short format (proof) that is verifiable by the verifier without having to translate it back to the original problem and perform the computation again.

This allows verifiers to have proof that some computations happened without spending the resources to actually perform those computations.

Zero-knowledge proofs require:

Through these properties, zero-knowledge proofs can be used to perform heavy computations on one side, and prove their validity on the other by using the much lighter proof, and without revealing anything about it in the process. Thanks to that, they can help improve both scalability and privacy.

Zero-knowledge Proofs for Rollups