Polygon’s Zero Knowledge Strategy Explained

Polygon Labs
January 26, 2022
Polygon Solutions
Image source: Dribbble

Ethereum's big scaling moment is finally upon us. The network’s roll-up centric future begins to take shape this year with the shift to Proof of Stake consensus mechanism. One of the most promising solutions for accommodating the next billion Ethereum users is Zero Knowledge (ZK) proofs.

Over the past year, Polygon has emerged as a ZK powerhouse, assembling an unrivaled collection of R&D efforts under one roof. First was the merger with Hermez Network (now Polygon Hermez) in August. This was followed by the announcements of Polygon Nightfall, a privacy-focused rollup built in collaboration with EY, in September and Polygon Miden in November. Last month, Polygon Zero came into being in a $400 million deal with pioneering ZK startup Mir.

For a primer see A Gentle Introduction to Zero Knowledge Proofs

While ZK proofs are widely seen as the end game for blockchain scaling, it is still early days and it is not yet clear how the various ZK flavors will map onto actual use cases. Different technical choices -- the types of proving systems used, the design of the virtual machine, network architecture, etc -- can have far-reaching consequences for future adoption. 

Polygon’s ZK strategy allows independent teams to experiment with different approaches, while fostering intense collaboration and information sharing that otherwise would not be possible. Put together, the investments in ZK represent a diversified bet on the future of this technology. 

Here is how the pieces fit together.

Polygon Hermez


Hermez has been running the first-ever decentralized ZK Rollup on the Ethereum mainnet since March 2021, operating a payments platform that offers scalability and low fees with all the security of a Layer 1. The ZK-SNARK-based architecture delivers up to 2,000 transactions per second while keeping costs under 300,000 gas.

The team’s development efforts have been focused on creating a zero knowledge implementation of the Ethereum Virtual Machine (EVM), a computation engine that runs smart contracts. Because the EVM wasn’t made with ZK proofs in mind, Hermez is recreating the whole set of instruction machine codes to build a zkEVM from scratch.

Emulating the exact EVM opcodes has many advantages. One is inheriting the time-tested security of the Ethereum mainnet. Another, in terms of adoption, because it allows the established community of developers to easily migrate their work to zkEVM and leverage their existing tools. The network will be decentralized by design and will provide incentives to attract participants.


Jordi Baylina leads the project with a team of about 33 people. Jordi’s involvement in Ethereum started when he helped rescue TheDAO hack funds, and ever since then he has been actively contributing to the ecosystem. Jordi is joined by David Schwartz as Project Lead and Antoni Martin as Business Lead.


A testnet launch for zkEVM is planned for Q2 of 2022, with mainnet release slated for Q3 2022.

Read more: Seven Takeaways From Polygon Hermez Fireside Chat

Polygon Zero


For almost two years, Polygon Zero (previously Mir) has been working toward building the world’s fastest ZK scaling technology. They developed Plonky2, a recursive SNARK that is 100x faster than any alternative on Ethereum.

When the project was started in 2019, it took 2 minutes to generate a recursive proof that couldn’t be verified on Ethereum. With Plonky2, it takes just 170 milliseconds to generate a recursive proof on a laptop. And it works natively on Ethereum.

Plonky2 combines the best of STARKs, fast proofs and no trusted setup, with the best of SNARKs, support for recursion and low verification cost on Ethereum. ZK L2s will ultimately compete on throughput, latency, and fees, and Plonky2 positions Polygon Zero to be best-in-class. 

Polygon Zero will support Solidity code transpiled to ZK bytecode, which can be executed efficiently in our VM running inside a STARK. 


Polygon Zero is an eight-member world-class team of talented cryptographers and engineers based out of four countries on three continents. The members come from an impressive variety of backgrounds and skill sets, from engineering at Google to PhD research in pure math, and degrees from top crypto research institutions like Berkeley and EPFL.


Polygon Zero is moving toward a testnet in Q4 2022, with mainnet to follow.

Read more: Introducing Plonky2

Polygon Miden


Polygon Miden is a STARK-based ZK rollup that promises low fees and very high transaction throughput while maintaining the same level of security as Ethereum. At launch, the rollup will support transactions per second in the 1,000 to 2,000 range, which will reach 20,000 TPS once sharding is deployed on Ethereum.

STARK protocol is a cutting-edge ZK proving system with many attractive properties. For one, STARKs are transparent and scalable, which means that there is no need for a trusted setup or pre-processing. STARKs also use lean cryptography, which makes them future-proof as they are not susceptible to attacks by quantum computers. Lastly, STARKs are very performant, and in the right settings, outperform most other proving systems in terms of proof generation and verification times.

Polygon Miden is being built around Miden Virtual Machine, which supports arbitrary programs. Miden VM has been specifically optimized for STARKs, which will enable fast proof generation even on commodity hardware, and faster yet with GPUs and/or FPGAs. It is also designed to hide all cryptographic complexities of ZK proofs and follows a set of architectural patterns which will be familiar to most developers (e.g., stack machine, read-write memory, regular 32-bit integers).

Miden VM is built with safety as one of its core tenets. The goal is to make static analysis of smart contracts much easier and to prevent many classes of bugs from occurring at the VM level, for example, by disallowing some unsafe features which are available on the EVM.

Despite not emulating EVM one-to-one, Miden aims to be Ethereum-compatible at Solidity level. That is, developers will be able to deploy the vast majority of Solidity smart contracts on Miden without any modifications. In addition to offering first-class Solidity support, Miden will allow for compilation from other safe and blockchain-centric languages, like Move and Sway.


The project is led by Bobbin Threadbare, the core developer of both Distaff VM and Winterfell. Prior to that, Bobbin made multiple contributions in the field of STARK-based proving systems, such as genSTARK library as well as AirScript and AirAssembly languages (supported by the Ethereum Foundation).


Testnet development is planned for Q3 of 2022 and the work on the mainnet is likely to start in the first quarter of 2023.

Read more: Why Miden VM Will Support 32-Bit Integers

Polygon Nightfall


Nightfall combines Optimistic Rollups with ZK cryptography to enable private transfers and payments at scale. It supports transfers of ERC20, ERC721 and ERC1155 tokens so that the recipient and contents of what is transferred remain private. Polygon and EY estimate Nightfall 3 can reduce standard ERC20 token transfer gas fees by up to 86% while providing greater privacy.

With Nightfall, smart contracts are optimized such that any data that isn't required to be stored on the smart contract is stored off chain. The protocol can achieve up to 105 transactions per second with costs of about 9,000 gas per transaction.

Transactions require a one-week finality period to allow for fraud proofs to be submitted. But the team is developing an instant withdrawal mechanism, so that ERC20 transactors that do not want to wait out the challenge period offer an early withdrawal fee. Anyone, such as a Liquidity Provider, can claim this fee and ownership of the future withdrawal by immediately paying out the transactor. They take up this delay on behalf of the transactor after verifying that all the Layer 2 blocks until this transaction are valid.


Paul Brody, the global blockchain leader at EY, spearheads the project.


Nightfall moved to Ropsten testnet on the Ethereum network in December. The roadmap ahead includes a security audit, a restricted value mainnet deployment, followed by a bug bounty program and an unrestricted value deployment.

Read more: A Deep Dive Into Polygon Nightfall

Polygon is so bullish on the future of ZK, the core development team made it a centerpiece of its strategic vision in the Zero Knowledge Thesis published in August. As part of that mission, the team has committed $1 billion, a significant portion of the treasury, to ZK-related efforts.

We have made major progress toward making ZK technology a reality, but this is just the beginning. So tune in to our blog to keep up with the most exciting experiments in this space.

Let’s bring the world to Ethereum!

Website | Twitter | Developer Twitter | Telegram | Reddit | Discord| Instagram | Facebook | LinkedIn

More from blogs