There have been several leaps in the zero-knowledge (ZK) space over the last five months, not least of which was Polygon’s rollout of a benchmarking ZK product. In our continuing series on the state of ZK, we look behind the bunting to bring you a recap of what Polygon’s ZK teams have been up to in Q3. 

EthCC: Presenting the zkProver

https://www.youtube.com/watch?v=gqR59CWCiAk

Last year, at EthCC, Jordi Baylina presented on the construction of a Zero-Knowledge Ethereum Virtual Machine (zkEVM). He was there in his capacity as the founder and technical lead of the Hermez Network, a blockchain company working on such a tool. In that presentation, Baylina said there were two primary challenges: building the ZK prover, the mechanism by which a batch of transactions are shown to be valid, and the time needed to generate  that ZK proof. 

“The question was,” Baylina said, “How expensive is this going to be?” 

In August 2021, Hermez merged with Polygon. For Hermez and several other ZK teams acquired shortly thereafter, the task of building a ZK EVM became Polygon’s guiding focus. 

This summer, one year later, Baylina returned to EthCC as the Technical Lead for Polygon Hermez. There he announced that Polygon’s zkProver was finished and the code was source-available on Github. Baylina outlined the schematic for Polygon zkEVM, including critical improvements to Keccak, the hashing algorithm necessary for Ethereum compatibility. 

“Today,” he said, in closing, “is the first step in securing this system.”

ZK8: AIR and Multivariate Domains

https://www.youtube.com/watch?v=FJJ3gyOulQc

Speaking at ZK8, in Berlin, Polygon Zero’s William Borgeaud presented “Generalizing AIR to Multivariate Domains.” AIR, which stands for Algebraic Intermediate Representation, is an arithmetization scheme used in STARK proofs. 

Simply put, AIR is an arithmetic approach for converting a program into polynomials. AIR can be contrasted with R1CS, an arithmetization scheme more commonly used in SNARK proofs. (For a thorough understanding of SNARKs and STARKS, see Polygon’s Brendan Farmer and Bobbin Threadbare.)

The upshot is that AIR (and its counterpart R1CS) is a critical component in the mathematics that facilitate a ZKproof.

Borgeaud presented on what occurs as we interpolate the polynomials that are at the heart of ZK proof verification. In R1CS (or, Rank 1 Constraint System) there is univariate or multivariate interpolation. But there is no such multivariate option for AIR-derived polynomials.

“The genesis of this work is R1CS,” Borgeaud said. “And so my question was, Can we do the same for AIR-like interpolations? What if we want to use multivariate polynomials?” 

Watch to find out more. 

ZK8: Multiset Checks in STARK-Based Virtual Machines

https://www.youtube.com/watch?v=5hO9NbtFc0g&t=16430s

Grjte, of Polygon Miden, also presented at ZK8. Miden is Polygon’s STARK-based ZK rollup working on the Miden VM. In her talk, “The Power of Multiset Checks in STARK-based Virtual Machines,” Grjte described three arithmetic optimization tools developers can use inside of a STARK-based VM to do a variety of things more efficiently. 

When deployed within Miden VM, these tools have an amplified effect: a practically unlimited stack depth; the capacity to perform large numbers of range checks efficiently, and single cycle Merkle path verification. 

Watch the video to learn more about overflow tables, range checkers, and Miden’s Hash Chiplet.

Devcon Bogotá: Launching Polygon zkEVM 

https://twitter.com/0xPolygon/status/1580239067404709888

Following his July presentation of the zkProver, Jordi Baylina returned to the stage to announce the public testnet of Polygon zkEVM. It’s the first source-available zkEVM to combine Ethereum Virtual Machine-equivalence with ZK proofs generated in a public testnet. That means that, in addition to enjoying the scaling benefits of ZK proofs, any smart contract, any tool, any protocol that works with Ethereum, will work with Polygon zkEVM. Full stop. 

Following the announcement, Polygon invited users to join the public testnet. We invite you to take part and help us bring Ethereum into its next chapter. 

“We are leveraging the Ethereum network. We want to scale Ethereum. We want to bring Ethereum to the world,” Baylina said. “We’re at a very important point in the journey. Right now, anybody can use the system. Anybody can work with the system.”

Stay tuned on the Polygon Blog to follow along, or learn how to deploy a smart contract using Polygon zkEVM with Polygon University, or join us on Discord. 

Let’s bring the world to Ethereum!

‍Website | Twitter | Telegram | Reddit | Discord| Instagram | Facebook | LinkedIn