Hardening rollups with multi-proofs

Today, almost all rollups are still on "training wheels"

Why? Code risk.

PSE ZK-EVM circuits: 34,469 lines of code

34,469 lines of code are not going to be bug-free for a long long time.

Option 1: high-threshold governance override

Option 2: multi-prover

More complex variants of multi-prover

• If anyone submits two conflicting state roots to a prover and both pass, that prover is turned off
• If no successful message is passed through a particular prover for 7 days, that prover is turned off

(Inspired by smart contract wallet designs!)

Option 3: two-prover plus governance tie break

Advantages

• Don't have to trust governance (it can't contradict the provers)
• Protected from a bug in either of the two provers
• Ideally, the two provers should have very different construction, to minimize the chance of simultaneous bugs
  • One optimistic, one ZK?

Conclusions

• ZK-EVMs will not be bug-free for a long time
• But we can minimize the chance of bugs leading to catastrophic outcomes with multiple implementations!
• There is a tradeoff space of "security against bugs" vs "security against bad governance"
• Keeping governance involved but only in emergencies seems like a good idea

And hopefully we will have safe and scalable rollups soon!