Level up your open finance game three times a week. Subscribe to the Bankless program below.

Dear Crypto Natives,

Do any of us fully appreciate the gift we’ve been given…the gift of cryptography?

Cryptography levels the playing field.

The most powerful nation-state on earth can’t hack your private-key. Cryptography means asymmetric advantage to the defender. Power to the little guy. With this technology the small are equal to the big. A level playing field.

Cryptography is crypto’s CPU.

My dad upgraded our Intel 486 PC to a Pentium when I was a kid. Faster processor. Windows 95 ran smoother. Cryptography is crypto’s CPU. It can be upgraded. New cryptography adds throughput—allowing entirely new trustless programs on-chain.

Cryptography is the power to go bankless.

It’s why we don’t have to rely on their vaults, their payment networks, their fiat printing, their banks, their shackles. Power to the people. Coordination without institutional bondage. Cryptographic guarantees rather than kings.

Cryptography is deep magic.

It’s fundamental to how crypto scales—in transactions, in privacy, in fairness, in value. Not just in our past, but in our future. So let’s explore the new cryptography that’ll help us scale this open financial system for the world.

The CPU is getting upgraded.

- RSA

🙏Sponsor: Aave—earn high yields on deposits & borrow at the best possible rate!

THURSDAY THOUGHT

Can fancy new cryptography scale DeFi?

Guest Post: Shiri Perciger, employee at StarkWare

Decentralized Finance (DeFi) promises to democratize the financial world and make it more fair and transparent. But for DeFi to achieve these goals at global scale, decentralized blockchains like Ethereum need to scale! This means adopting new cryptographic proofs (some people call these Zero Knowledge Proofs, or ZKPs).

🧠Cryptographic proofs (or ZKPs) prove that a computation was done correctly.

Cryptographic proofs like zk-STARKs (soon to be deployed on Ethereum Mainnet) are not the only scalability solution out there. Other contenders include Plasma, Eth2.0, many “Ethereum-killers”, and, most recently, Optimistic Rollups. (RSA note—we covered Optimistic Rollups here.)

In this post we’ll explain the challenges that decentralized cryptocurrencies face, the way both cryptographic proofs solve these problem, and the properties that make zk-STARKs best suited to the task.

Preserving decentralization while scaling

We live in an age of ongoing scaling of computer systems. Everything from bandwidth, to storage, to the number of pixels on a screen is constantly going up. So why is it so hard to scale Bitcoin and Ethereum transaction-per-second (TPS) rate?

The answer has to do with democratization. Permissionless blockchains operate under the premise that everyone with a standard laptop must be able to verify the integrity of the entire system. This beautiful principle, that we call inclusive accountability, means that we cannot scale these systems too quickly, lest they devolve into centralized payment systems controlled by a cabal of large parties (a.k.a. “the current financial system”).

(Above) We must chip away at the Blockchain trilemma in order to create a decentralized financial system for the world that’s different from the traditional system

Thus, all scalability solutions, including Plasma, Optimistic Rollups and our approach, based on cryptographic proofs (often called ZK-rollups), create two kinds of entities: a small set of “big” parties that perform significant computations and require significant resources, and a large, inclusive, set of nodes that hold the “big” parties accountable and verify the transactions.

🧠How do you preserve decentralization while scaling? You have big parties do the computation with many small parties holding them accountable. It doesn’t matter if the big entities are evil if the small parties can hold them accountable!

More on that soon—first let’s talk cryptographic proofs.

What you need to know about Cryptographic Proofs

Cryptographic proofs were invented in the 1980s. Their value to permissionless blockchains has led to a Cambrian explosion in new theoretical constructions and new protocols in recent years. For the rest of this post, we’ll focus on STARK, which is an exciting family of proofs StarkWare is bringing to market.

A cryptographic proof is a protocol involving two entities: a prover and a verifier.

• Prover. The prover wishes to prove to the verifier that a computational statement is correct, like “I processed 10,000 transactions and the resulting account database hashes to X”. The prover produces a proof for this particular computational statement, and presents it to the verifier.
• Verifier. The verifier then verifies the proof—in lieu of naively re-executing the original computation—and can thus be satisfied that the original computation is correct.

Notably, in cryptographic proof systems such as STARKs there is an asymmetry in the computational load between the prover and the verifier.

The prover has some reasonable computational overhead compared to performing the original computation; the verifier, on the other hand, benefits from the prover’s overhead, and can thankfully perform exponentially less computational work than the original computation, say, corresponding to checking 10 transactions rather than 10,000 transactions.

Additionally, cryptographic proofs can be boosted to shield private inputs (in the example above, the details of the 10,000 transactions that led to the new state of the account database can be shielded); such proofs are said to have zero knowledge (ZK) and abbreviated as ZK-STARKs.

How cryptographic proofs scale DeFi

Ok, so how are cryptographic proofs helping DeFi today? Three ways:

1. Scalability
2. Privacy
3. Fairness

Let’s go through each.

1. STARKs for Scalability

Let’s return to the challenge of scaling Ethereum while maintaining inclusive accountability. We need a technology that will allow us to dramatically increase the system’s throughput by offloading it to a small set of “big” parties, yet allow the many “small” parties to fully verify the computational integrity of those “big” parties, and do so without increasing the “small guy’s” workload. Other scalability solutions like Plasma and Optimistic Rollups rely on fraud proofs, and we explain elsewhere why cryptographic proofs are better.

Using the scalability of STARKs, i.e., the exponential speedup of verification over proving, we can have the prover be any “big” entity, even one controlled by Darth Vader & Sons. The point is that all actions of the big prover must be accompanied by a succinct proof, that can be checked easily by every “small” node. Thus, through the scalability of STARKs (and other cryptographic proofs) we maintain inclusive accountability while offering nearly unlimited scaling (formally, we offer “only” exponential scaling).

In more detail, the ZK-Rollup scalability solution is based on having a big computation—or a big batch of small computations—performed off-chain, where resources are plentiful. A proof of its validity is computed, and sent to the blockchain (alongside a commitment to the new state of the systems), where it is verified by a verifier smart contract. Network participants can then be satisfied that this computation is valid without adding any trust assumptions. It is the absence of these trust assumptions that would allow us to accept a valid proof, even if produced by Darth Vader & Sons.

Not just theory—you can use this on mainnet next week!

These are no longer theoretical concepts: with StarkEx, our scalability engine, we have already achieved a throughput of over 9K self-custodial trades per second (a 2,000X improvement over native Ethereum!). Moreover, this is not the final throughput: we are not bounded by blockchain resources, only by cloud resources.

End-to-end trading products are coming to mainnet now.

The first StarkEx engine, powering DeversiFi’s decentralized exchange goes live next week. And soon StarkEx soon power an NFT exchange that Immutable (Gods Unchained) is building, to support trading of in-game assets.

👉Will ZK-Rollups help Eth2.0? Yes! They compliment each other in compounding ways. If Ethereum becomes the foundational public good as we expect it to be, it will benefit from every shred of scalability the ecosystem can build.

2. ZKPs for Privacy

Scaling transactions per second isn’t the only thing required for public blockchains to go mainstream. We have scale privacy too.

The pioneers of permissionless blockchains realized the utility of ZKP for privacy, well before realizing its other benefits. Zcash, deployed in 2016, was the first to implement a ZKP solution offering private transactions.

Privacy is essential to achieving an efficient market. Traders wish to operate in the market freely, without the risk of exposing proprietary information to other participants. Permissionless blockchains, and therefore DeFi, are transparent by design: in order to allow all the “small” nodes to validate the state of the blockchain without any trust requirements, every transaction is posted on the chain for all to see.

The challenge—how to maintain privacy without compromising the trustless nature of DeFi? This is where the Zero-Knowledge component of ZKPs kicks in.

As mentioned, zero-knowledge proofs allow proving a computational statement without revealing private inputs to the verifier. This property, when applied to blockchains, allows proprietary information to be included as private input to proofs. The result is the best of both worlds: a system where privacy is maintained while allowing anyone to validate the state of the blockchain, with no trust assumptions.

Not just theory—you can use this on mainnet!

There are several teams building privacy-enhancing solutions over Ethereum which are based on ZKP, including Tornado.cash and AZTEC. Tornado takes a mixer approach while AZTEC is taking a pooling approach (which is more effective?). We expect others will emerge.

⚠️Privacy does not mean a lack of regulation. Market participants’ need for privacy can coexist with the regulator’s need to observe and monitor the health of the market. For example: a business can create a zero-knowledge proof of taxes owed and present it to the tax authority, instead of sharing its accounting books in their entirety. The business’ privacy is preserved, and the regulator is satisfied that taxes were collected in full. (Example of this on Tornado Cash here)

3. ZKPs for Fairness

Fairness in markets is not a matter of philosophy. Traders will refrain from participating in markets they deem unfair, and so fairness begets liquidity. There are numerous ways in which markets can be unfair. Many of these exploits involve a system operator (e.g an exchange) abusing early or privileged access to information. ZKPs can give market participants the assurance that the operator cannot abuse its privileged position, and cannot deviate from its impartial role.

A prime example of this is front-running. Front-running is the illegal practice of market makers trading on advance information, before others have been given the information. Cost estimations of front-running’s impact on markets vary, but there’s consensus that it is huge and detrimental to the efficiency of the market.

ZKPs can solve the front-running problem, by providing traders with privacy not only from each other but also from the operator—making sure no privileged information is available to the operator to act upon, while allowing the operator to fulfill its designated role. We expect to see solutions here soon!

The Road Ahead

There is plenty of work ahead of us. We need to make these technologies more accessible to developers, and more efficient. There is also work to be done on building these Layer-2 scaling solutions without breaking the powerful concept of composability in DeFi (to get an intuition on how that can be done, consider Conditional Payments and their use in supporting Fast Withdrawals in StarkEx).

Cryptographic proofs that have scalability and privacy (ZK) can take DeFi from a cool sandbox for financial innovation to a global force that will challenge the existing financial system.  Not only can cryptographic proofs, like ZK-STARKs, offer better scalability than other solutions, they can also empower better market designs for privacy and fairness, thus creating better markets on a global scale.

Action steps

• Take a minute to appreciate the cryptography in crypto
• In what three ways will cryptographic proofs be most impactful for DeFi?

Guest Author Blub

Shiri Perciger is the head of marketing for StarkWare. Shiri has over a decade of experience in technology marketing. Before joining StarkWare, Shiri co-founded a blockchain collectibles startup.

Subscribe to Bankless. $12 per mo. Includes archive access, Inner Circle & Deal Sheet.

🙏Thanks to our sponsor

Aave

Aave is an open source and non-custodial protocol for money market creation. Originally launched with the Aave Market, it now supports Uniswap and TokenSet markets and enables users and developers to earn interest and leverage their assets. Aave also pioneered Flash Loans, an innovative DeFi building block for developers to build self-liquidations, collateral swaps, and more. Check it out here.

Not financial or tax advice. This newsletter is strictly educational and is not investment advice or a solicitation to buy or sell any assets or to make any financial decisions. This newsletter is not tax advice. Talk to your accountant. Do your own research.

Disclosure. From time-to-time I may add links in this newsletter to products I use. I may receive commission if you make a purchase through one of these links. I’ll always disclose when this is the case.