Equilibrium Infra Bulletin #19: Digital Signatures x ZKP, Horizontal & Trust-Minimized Scaling, and Proof Supply Chain
Equilibrium Labs designs & builds core infrastructure for the decentralized web. We are a team of ~30 people who tackle challenges around security, privacy, and scaling.
Research, Articles and Industry News:
📚 Sign Everything - Recommended by Joakim:
With AI reducing the marginal cost of content creation close to zero and more realistic deep fakes, it’s becoming increasingly difficult to know what you can trust. While AI keeps improving, our tools to verify authenticity haven’t kept up with the rate of progress - something Andrew highlights in his post:
“The Internet gave us universal information distribution, and AI has given us unbounded content creation, but the tools to ensure that we can trust the data we receive have not caught up.” - Andrew Lu
Digital signatures are a tool of public key cryptography that powers much of the internet today. They also make a good candidate to prove authenticity and provenance in the age of AI due to self-sufficiency (only need to know the public key and which signature algorithm was used), unforgeability (can’t create fake signatures without knowing the private key), and composability (anyone can build on top of existing infrastructure).
There are tradeoffs though with using digital signatures - a key one being lack of privacy as you need to present the original data in plaintext to verify the signature. ZKPs could help here by enabling verifying signatures without revealing additional information. Another problem is around key management and distribution. While this has improved with the use of passkeys, secure elements, and biometrics - there are still questions about what would happen if a private key is lost or ends up in the wrong hands.
Key Takeaway: Authenticity in the age of AI is growing in importance and digital signature & verification can play an important role. Some early examples of using this in practice include Leica’s M11-P camera with built-in content credentials, ZK Microphone (sound attestation), and ZK-IMG (image attestation). Fox News launched its initiative, Verify, which aims to be a central repository for content licensing and attribution. We’ll likely need global standards, however, something the Content Authenticity Initiative is working on (a collaboration between media and tech companies, NGOs, and others).
📚 On Trust Minimization and Horizontal Scaling - Recommended by Hannes:
In a recent piece, Wei Dai (1kx) covers tradeoffs between blockchain scalability and trust minimization. The TLDR reached based on this analysis is that validity rollups (or state diff rollups) would be best placed for horizontal scaling with limited additional trust assumptions. But first some definitions:
Trust minimized (in the context of L2s) = Functions without requiring trust external to the L1 (Ethereum). The three main functions that can be outsourced are liveness/ordering (tx included, executed, and settled in a timely manner), validity (tx processed according to prespecified rules), and data availability (historical data and current state accessible to users).
Horizontal scaling = Instances (apps or rollups) can be added without imposing global bottlenecks. Once horizontal scaling runs into bottlenecks on a shared resource (such as data publication) - vertical scaling is needed. The table below categorizes various scaling solutions according to these two principles:
Overview of trust assumptions for different scaling solutions along with horizontal scalability (source)
Optimistic rollups need to publish call data (all transaction data related to the state transition) to enable verification by re-execution during the challenge period. While alternative data publication layers offer higher bandwidth than Ethereum, these add security assumptions and will also hit limits eventually that require vertical scaling. Hence, they are not truly horizontally scalable.
Validity rollups only need to post a validity proof and state differences for a batch of transactions to Ethereum. This enables better horizontal scaling, as the data per transaction is much lower than for optimistic rollups. Validiums take this one step further by only posting validity proofs to Ethereum and using external DA for associated transactions and states, which adds trust assumptions. Hence, these are not as “trust-minimized” as validity rollups.
Key Takeaway: Enabling horizontal scaling (adding instances without imposing global bottlenecks) is hard, particularly if the aim is to remain trust-minimized. This is not a new insight per se, but the framing used in the post is interesting. It also gives a good overview of how several other trendy topics (such as shared sequencers, interoperability layers, and plasma) fit into the discussion.
📚 The Proof Supply Chain - Recommended by Olli:
As ZK becomes integrated into more parts of the modular stack, efficient proving and verification will only increase in importance. This insight is what initially led us to Gevulot, a general-purpose proof network incubated within Equilibrium Labs. The proof supply chain presented in this post by Figment Capital provides a solid overview of the current state of proving (end-to-end) and how it might develop over time.
The two key components are proof generation and proof aggregation:
Proof generation can be centralized or decentralized. While most proving today is centralized, decentralized proving networks (app-specific or general-purpose) can offer better liveness guarantees and censorship resistance. In a decentralized model, the proof requester (application, rollup…) sends a request to the pool where a matching algorithm allocates it to a specific prover (or several provers). Once the proof is generated, it gets sent back to the requester (or to an aggregator).
Proof aggregation is a technique of combining multiple proofs into one (hence also proving, but instead of execution trace as the input - you have two proofs). This makes verification much more efficient as only the aggregated proof needs to be posted and verified on-chain - enabling amortization of costs across all included proofs. The key questions here concern inclusion (which proofs are included in the aggregated proof) and ordering (the order of included proofs matters as proofs closer to the top of the tree have shorter merkle paths, providing them cheaper merkle inclusion proofs).
Key Takeaways: Proving and verification are fast becoming a crucial part of the modular stack, yet the topic remains quite under-explored. As Trace argues in the post, the proof supply chain is not so different from the transaction supply chain. It’s expected to become more vertically integrated over time as one party handling both proof generation and aggregation benefits from both flywheels. While this should enable cheaper costs for the end-user, the centralizing forces also raise questions about censorship resistance and extractable value by different parties.
Vertical integration means that a party handling aggregation and proof generation benefits from both flywheels
News From Our Partners:
Gevulot announces $6m seed round led by Variant: Gevulot is a decentralized prover network that was spun out from Equilibrium Labs - the first of many to come as we ramp up our R&D efforts! Gevulot enables efficient proving and verification of ZKPs, which will only grow in importance as ZK penetrates more layers of the modular stack.
Ingonyama announces $21m seed round: Ingonyama is focused on hardware acceleration for ZK cryptography - a crucial part of making ZK more accessible, cheaper, and faster. Equilibrium Group invested in the seed round.
Personal Recommendations From Our Team:
📚Reading: The epistemology of software quality: We often focus too much on technical factors and new processes, when in reality it’s the human ones that drive team success the most (something we take seriously at EQ Labs). While this is not just true for software engineering, the quote below hits it home:
Programming is an extension of our minds, and anything that compromises our minds will hurt our programming skills.
🎧Listening: The Whispers - And The Beat Goes On: Swinging it up ahead of the weekend with this old classic🕺
💡Other: Anyone experienced in Windows 3.11? Germany showing the true colors of its technological development (Latest release: November 8, 1993).
