Pinned
Bobbin's Threadbare
1,429 posts
Bobbin's Threadbare
@bobbinth
blockchains, zero-knowledge proofs, virtual machines. working on @0xMiden
Joined September 2018
I'm super excited to finally make this public! Miden is a culmination of my past two years of working with STARKs. Thank you @0xPolygon for this opportunity. A lot has already been done, and there's also a lot left to do. So, if you are interested in helping out, drop me a line.1/7 💫 We are proud to reveal the newest member of the Polygon family - Polygon Miden, an upcoming STARK-based, EVM-compatible Rollup! The project is led by @bobbinth, former Facebook's lead ZK researcher who led the development of Winterfell. A 🧵 on why this is exciting...
00:00- This may be an obvious point, but ZKPs open up a whole new design space in how we can scale blockchains. In the context of rollups, this means that zk rollups can scale way beyond what is possible with the alternatives. A short 🧵
- Big news today! This has been in the works for a few months now, but in many ways it is a culmination of what I worked on in crypto for the last 7 years. So, a not so quick 🧵on how it started and where it is going 👇Introducing Miden, the Edge Blockchain. Today, we announce our $25 million seed fundraise and spinout from @0xPolygon.
00:00 - Yesterday, we released a new version of Miden VM (v0.7). It packs lots of new features and performance improvements. The full changelog is here: github.com/0xPolygonMiden… A short thread with key highlights 👇
- In ZKP systems, recursive proof verification is borderline magic: it lets us compress many proofs to the size of one. But it doesn’t come for free. Recursively verifying proofs can get quite expensive. A quick 🧵 on how to make it a bit less expensive in STARK-based systems.
- A quick take on zkEVM vs. zk-optimized VM performance (specifically in the context of rollups). First, a bit of historical context: even as recently as a couple of years ago, many people believed that zkEVMs would not be practical in the near or even medium term future.
- This is huge! Proving mainnet Ethereum transactions is now just a fraction of a cent. And it will go down by another order of magnitude over the next year.Releasing the Type-1 upgrade to the zkEVM prover, the next generation of Polygon’s proving tech. It can generate proofs for any EVM chain—sidechain, optimistic rollup, even Ethereum itself. When proving Ethereum mainnet blocks, avg per-transaction costs are $0.002 - $0.003.
- Apple Silicon Macs have a cool feature: unified memory between CPU and GPU. @andrewmilson recently used this feature to speed up Miden proof generation by interleaving computations between CPU and GPU like so:
- Yes, proving is slower than executing (though the gap is closing fast, especially with HW-accelerated ZK proofs), but there is no way to scale blockchains to the level we need for mass adoption without ZK. There are 3 basic reasons for this: 1. With ZK, we need to run aReplying to @mteamisloadingZK is slower than classical computation. So solana will always be faster than zk since there is no religious reasons to limit full node capacity
- There are only 3 reasons for blockchains to exist: - Self-custody of assets. - Censorship-resistance of transactions. - Trustless enforcement of commitments. If a chain does not provide these, it probably does not need to be a blockchain.
- One of the main goals of Polygon Miden is to make sure the rollup does not require datacenter-grade hardware to operate. To achieve this, we need to prevent the state size from exploding even at very high TPS. The blogpost below explains our approach. The important points are:Polygon Miden is a ZK rollup with configurable privacy and concurrency. Designing for these features contained the seed of another problem: State bloat would inevitably limit network performance. Read how Miden solves for the endemic blockchain problem: go.polygon.technology/43rxb3s
- At Polygon, we constantly work on pushing the state of the art forward. One recent example of this is a new and improved Rescue Prime Optimized (RPO) hash function which we developed in collaboration with @aszepieniec, @TomerAshur, and Willi Meier. eprint.iacr.org/2022/1577 A 🧵
- Evolution of transaction execution models in blockchain
