Written by: StarkWare
Compiled by: Concave and Convex Man
TL;DR
- Validity Rollups are the most promising way to increase Ethereum throughput in a secure and decentralized manner; zkEVM and Cairo VM (CVM) are two types of VMs used in validity rollups.
- zkEVM focuses on Ethereum compatibility, but sacrifices performance and scalability.
- The Cairo VM used in Starknet prioritizes performance and scalability over compatibility.
When discussing scaling Ethereum, Rollups have been a hot topic this year. Among the various types of rollups, we believe that Validity Rollups (VRs), also known as zk-rollups, are the most promising way to increase Ethereum throughput in a secure and decentralized manner. The core of this scaling solution is the use of validity proofs for verifiable computation. This is how they work:
- Non-farm report is mixed, and the Fed may still pause rate hikes in June.
- Decoding Hourglass and Time-Bound Token TBT: What new possibilities will they bring to the DeFi sector?
- Trapped in Regulatory Quagmire? Binance and CZ are Waiting for the Chaos to End
Operators don’t process each transaction on the Ethereum mainnet, but rather offload transaction execution to a layer 2 off-chain environment. This off-chain environment operates as a layer 2, meaning it runs on top of Ethereum.
After processing a large number of transactions, the layer 2 operator returns results to be applied to Ethereum’s state, along with a validity proof verifying off-chain execution integrity. The proof guarantees that all transactions in a batch are valid and is autonomously verified by an on-chain verifier contract. This allows Ethereum to apply the results to its state.
Validity Rollups
Note: Validity Rollups are often incorrectly referred to as zk-rollups, but this is not accurate. Most Validity Rollups do not use ZKP and are not used for privacy guarantees. Therefore, the term “Validity Rollup” is more accurate.
Off-Chain Virtual Machines
Before we go on, we need to answer the first question: What is a virtual machine (VM)? Simply put, it’s an environment that can run programs, like running Windows on a Mac. It performs computation on certain inputs and transitions between states. The Ethereum Virtual Machine (EVM) is the VM that runs Ethereum smart contracts.
The zero-knowledge virtual machine (zkVM) is a program execution environment that, along with program output, allows for the generation of validity proofs that are easily verifiable. This validity proof proves that the program has executed correctly. When the term “zkEVM” is used, it usually refers to a summary of EVM execution using Ethereum’s Virtual Machine (EVM) that is capable of proving. This term can be misleading because the EVM itself does not generate these proofs; rather, the proofs are generated by a separate proof mechanism that starts with the results of EVM execution. Additionally, these proofs are about validity rather than privacy, so they are not strictly zero-knowledge proofs. Nevertheless, for consistency, we will stick to the traditional term “zkEVM” in this article.
While all Validity Rollups aim to leverage proof of validity to scale Ethereum, they differ in their choice of VM to execute off-chain transactions. Many Validity Rollups choose to replicate the design of the EVM (hence the name “zkEVM rollups”) in an attempt to mirror Ethereum on L2 rollup. Starknet uses a new VM – the Cairo VM (CVM) – specifically designed to optimize proof efficiency.
Each approach has its pros and cons, but zkEVM prioritizes Ethereum compatibility at the expense of performance, whereas Cairo VM prioritizes performance over compatibility, focusing on scalability.
zkEVM’s approach
zkEVM is a Validity Rollup that aims to bring the Ethereum experience fully onto Layer-2 blockchain. It aims to replicate the Ethereum developer environment as a rollup. With zkEVM, developers don’t have to change their code or give up their EVM tooling (and smart contracts) when writing smart contracts or porting them to a more scalable solution.
One major drawback of this approach is that it limits the scalability potential of proof of validity. Because zkEVM is committed to Ethereum compatibility, it is slower and more resource-intensive. Unlike CVM, the EVM was not designed with proof efficiency in mind. This limits the use of optimizations that could improve efficiency and scalability, ultimately impacting the overall performance of the system.
EVM’s Provability
The core challenge of the zkEVM approach is rooted in the original blueprint of the EVM – it was not designed to run in the context of proof of validity. As a result, efforts to reflect its functionality fall short of unleashing the full potential of proof of validity, resulting in inefficient performance. Compatibility between the EVM and proof of validity is hindered by several factors:
The EVM uses a stack-based model, while proof of validity is more efficient with a register-based model. The stack-based nature of the EVM makes it more difficult to prove its correctness of execution and provide direct support for its native toolchain.
The Ethereum storage layout heavily relies on Keccak and large Merkle Patricia Trees, both of which are not favorable for proof of validity and impose a significant proof burden. For example, Keccak is very fast for x86 architecture (which we usually run the EVM on), but takes 90k steps to prove (with a built-in special build). Pedersen (a hash function friendly to zk) takes 32 steps. Even with recursive compression, using Keccak in zkEVM means a significant burden of proof resources ultimately paid by the user.
Therefore, various zkEVMs aim to provide different levels of support for Ethereum tools – the higher the compatibility of zkEVM with Ethereum, the worse the performance. (For more information on zkEVM types, please refer to the end of the article.)
Approach of Cairo-VM
While zkEVM solutions invest a lot of development time in “making EVM work for Validity Rollups” and prioritize compatibility over long-term performance and scalability, there is another option: using a brand new dedicated virtual machine and adding support for Ethereum tools on top as an additional layer. This is the approach adopted by Starknet, an Unpermissioned Validity Rollup launched in November 2021. Starknet is the first Validity Rollup to offer a general-purpose smart contract platform on a fully composable network.
Starknet uses Cairo-VM (CVM), a high-level language of the same name. Cairo-VM is designed for efficient generation of program execution validity proofs.
With Cairo (VM and language), we have:
1. Optimized validity proofs – each instruction has a valid algebraic representation
2. A Rust-like language for writing provable programs
3. An intermediate representation (Sierra) between high-level Cairo and Cairo Assembly (VM instructions) that allows efficient execution of Cairo code
Developing a new language allows people to tailor it to specific needs and equip it with features that meet previously unmet needs.
Cairo and Coding Diversity
In order to create a validity proof about some computation, the computation must first be represented as a set of mathematical constraints that describe the computation. This process can be very tricky due to the challenges of optimizing computations for efficiency and the need for specialized tools.
The Cairo language was initially designed to simplify this task and make it easier to add functionality and complex business logic to StarkEx. Cairo programs are compiled into algebraic machine code – a sequence of numbers – that is executed by a fixed VM. With Cairo, the entire complexity of generating mathematical constraints that describe the computation – a tricky problem of validity proof – is abstracted away and captured by a fixed set of constraints (less than 50 in total). As a result, developers can leverage validity proofs to extend their applications without knowing the underlying mathematics and infrastructure, simply by writing code using syntax they are familiar with.
Built for Scale:
1. Lowest amortized gas/tx. Will only go lower, fast.
2. Best smart contract language. Will only get smarter, fast.
3. Highest throughput in production. Will only go higher, fast.Onboard fast to Cairo 1.0 @StarkWareLtd https://t.co/qLpjVtogMv
— Eli Ben-Sasson (@EliBenSasson) March 21, 2023
Starknet is about innovation, and this is reflected in its diverse code approach. The ability to use STARKs to achieve optimal scalability in Cairo is not limited to those who write contracts natively in Cairo. Developers can choose the approach that best suits them:
Writing code natively in Cairo: With the release of Cairo 1.0, developers can now use the ergonomic and safe Rust language, making programming logic easier and less error-prone.
Solidity compatibility: Solidity developers can write code for Cairo VM. This approach provides a similar development experience to Ethereum and makes Solidity smart contracts portable to Starknet. There are two ways to do this:
Transpilation: Transpilation is the process of converting source code written in one programming language to another. The Nethermind team created the Warp transpiler to convert Solidity code to Cairo. Warp makes Solidity smart contracts portable to Starknet, effectively making it a Type 4 zkEVM. It has already been used to transpile and deploy Uniswap contracts with minimal modifications.
zkEVM on Starknet: The Cairo VM can be used to prove the execution of another VM. Kakarot is a zkEVM written in Cairo that can be used to run Ethereum smart contracts on Starknet. The Cairo VM and zkEVM are not competing methods, we can have both Cairo VM and zkEVM at the same time, instead of choosing between them!
Despite its short existence, Cairo is the fourth most popular smart contract language in terms of TVL and has raised over $350 million.
Summary
The zkEVM aims to replicate the Ethereum environment as a rollup and allow developers to use familiar Ethereum tools. However, this approach suppresses the full potential of validity proof and may be resource-intensive.
The Cairo VM is designed specifically for validity proof systems and is not limited by the EVM. It is supported by a new, secure, and ergonomic Rust-inspired programming language called Cairo 1.0, forming a powerful tool aimed at achieving maximum efficiency in scaling Ethereum using STARK proofs.
It is exciting to see the weekly achievements of Cairo and the growth of developers’ different choices, such as Kakarot zkEVM and Warp. As Starknet dApps enter production, demonstrating the powerful capabilities of Cairo, we believe it will be used for more ambitious projects in the future.
Thanks to the three avenues for extending STARK outlined above, as well as other avenues that are undoubtedly forthcoming over the next few months, developers now have an unprecedented level of control over extending blockchain.
Like what you're reading? Subscribe to our top stories.
We will continue to update Gambling Chain; if you have any questions or suggestions, please contact us!
