Hardening rollups with multi-proofs
Today, almost all rollups are still on "training wheels"
Why? Code risk.
PSE ZK-EVM circuits: 34,469 lines of code
34,469 lines of code are not going to be bug-free for a long long time.
Option 1: high-threshold governance override
Option 2: multi-prover
More complex variants of multi-prover
- If anyone submits two conflicting state roots to a prover and both pass, that prover is turned off
- If no successful message is passed through a particular prover for 7 days, that prover is turned off
(Inspired by smart contract wallet designs!)
Option 3: two-prover plus governance tie break
Advantages
- Don't have to trust governance (it can't contradict the provers)
- Protected from a bug in either of the two provers
- Ideally, the two provers should have very different construction, to minimize the chance of simultaneous bugs
- One optimistic, one ZK?
Conclusions
- ZK-EVMs will not be bug-free for a long time
- But we can minimize the chance of bugs leading to catastrophic outcomes with multiple implementations!
- There is a tradeoff space of "security against bugs" vs "security against bad governance"
- Keeping governance involved but only in emergencies seems like a good idea
And hopefully we will have safe and scalable rollups soon!
Hardening rollups with multi-proofs
{"metaMigratedAt":"2023-06-17T11:16:49.190Z","metaMigratedFrom":"YAML","title":"Untitled","breaks":true,"slideOptions":"{\"transition\":\"slide\",\"parallaxBackgroundImage\":\"https://i.imgur.com/pvPDNWD.png\",\"parallaxBackgroundSize\":\"100% 100%\",\"parallaxBackgroundHorizontal\":0}","contributors":"[{\"id\":\"1d678dc3-c84d-4629-8c9b-69b6187e7a0b\",\"add\":2452,\"del\":580}]"}