## Hardening rollups with multi-proofs --- ### Today, almost all rollups are still on "training wheels" ![](https://i.imgur.com/eiNVzaM.png) --- ### Why? Code risk. ![](https://i.imgur.com/aNjLFA3.png) PSE ZK-EVM circuits: 34,469 lines of code --- ### 34,469 lines of code are not going to be bug-free for a long long time. ![](https://i.imgur.com/GZ1clKa.png) --- ### Option 1: high-threshold governance override ![](https://i.imgur.com/fxYxfc8.jpg) --- ### Option 2: multi-prover ![](https://i.imgur.com/rXSllhV.jpg) --- ### More complex variants of multi-prover   * If anyone submits two conflicting state roots to a prover and both pass, that prover is turned off * If no successful message is passed through a particular prover for 7 days, that prover is turned off (Inspired by smart contract wallet designs!) --- ### Option 3: two-prover plus governance tie break ![](https://i.imgur.com/Kyu2NO0.jpg) --- ### Advantages   * Don't have to trust governance (it can't contradict the provers) * Protected from a bug in either of the two provers * Ideally, the two provers should have _very_ different construction, to minimize the chance of simultaneous bugs * One optimistic, one ZK? --- ### Conclusions   * ZK-EVMs will not be bug-free for a long time * But we can minimize the chance of bugs leading to catastrophic outcomes with multiple implementations! * There is a tradeoff space of "security against bugs" vs "security against bad governance" * Keeping governance involved but only in emergencies seems like a good idea --- ![](https://i.imgur.com/lZdAljJ.png) And hopefully we will have safe and scalable rollups soon!
{"type":"slide","slideOptions":{"transition":"slide","parallaxBackgroundImage":"https://i.imgur.com/pvPDNWD.png","parallaxBackgroundSize":"100% 100%","parallaxBackgroundHorizontal":0}}
    22109 views