This article is a community submission. The author is Kenny Li, co-founder of Manta Network, a programmable privacy Layer 1 protocol powered by zero-knowledge proof technology. 

Views in this article are of the contributor/author and do not necessarily reflect those of Binance Academy.

TL;DR

Introduction

The original Ethereum developers didn’t consider ZKP technology when they first proposed the network in 2014. In recent years, however, ZKP has gained attention and is expected to play a much more prominent role in the blockchain space. As such, efforts to combine ZKP technology and Ethereum’s virtual machine have intensified.

To understand what a zkEVM is, let’s first briefly review its two underlying concepts: zk-rollups and EVM.

What Are Zk-Rollups?

A rollup is a scaling solution that compiles numerous transaction executions outside the main chain and sends the data back to the main network as a single transaction. This process increases throughput while reducing the cost of executing these transactions.

On Ethereum, transactions within a rollup are compressed and submitted to the Ethereum mainnet for the cost of verifying a single transaction. The Ethereum mainnet provides settlement and verifies transaction data contained in the rollup.

A zk-rollup is a type of rollup that uses ZKP technology, a cryptographic technology that allows the validity of a piece of information to be verified without revealing the information itself. zk-rollups don't need to publish all transaction data to the Ethereum mainnet; they need only state differences (such as changes in user account status) and validity proof, lowering gas fees in the process.

The security of zk-rollups comes from ZKP cryptography, where cryptographic means are used to verify proof and achieve trustlessness. This is different from other rollups such as optimistic rollups, whose security comes from economic game theory, where bad actors are disincentivized by potential losses and challengers are motivated by incentives.

What Is EVM?

The EVM is a state machine in which the Ethereum account system and smart contracts run. Every smart contract execution triggers the EVM to transition from an old state to a new state. The EVM defines the rule for calculating new and valid states from one block to another.

State is an important concept in Ethereum. It's a Merkle Patricia Trie data structure that represents the current state of Ethereum and allows anyone to trace transaction information from the current block all the way back to the genesis block.

All nodes involved in maintaining Ethereum exist to ensure continuity and consensus, which allows each node to see the exact current state. EVM plays a critical role in maintaining this consistency.

How Does a ZkEVM Work?

EVM doesn’t support ZKPs by default. zkEVM aims to ensure Ethereum state continuity while providing proof that all the information is correct. This way, the various factors involved in the computation of these processes are verified while maintaining security and privacy.

zkEVM does this by replicating the Ethereum environment as zk-rollups. It takes the initial state, computes all the transactions, then outputs a new, updated state together with an accompanying ZKP. This proof is submitted to a verifier smart contract that checks the correctness of both the initial and the new state’s output without having to verify all the transactions individually.

Because zkEVMs are based on the EVM, developers are able to easily port Ethereum DApps and smart contracts to zkEVMs without having to do ZKP development work. In other words, zkEVMs allow zk-rollups to execute smart contracts, in addition to token swaps and payments previously supported without zkEVMs.

Because of EVM’s compatibility feature, developers can build new products using existing EVM tools and programming language, Solidity, while enjoying the enhanced security that comes with zkEVM. The same benefits apply to users as well — they can continue using the same DApps and familiar tools but with added security and privacy.

EVM Compatibility Versus EVM Equivalence

When a blockchain is referred to as EVM-compatible, it means that it offers an environment that can deploy DApps written in the Solidity programming language. Solidity is designed for developing smart contracts that run on the Ethereum network.

In fact, Ethereum developers can copy and paste the code of existing DApps from Ethereum and deploy it on other EVM-compatible chains with minimal modifications. For users, any EVM-compatible chain address is the same as their Ethereum address.

This means addresses are compatible with mainstream wallets such as Metamask and Trust Wallet. Currently, major EVM-compatible chains include BNB Chain, Avalanche C-Chain, and Polygon.

EVM compatibility is not to be confused with EVM equivalence, which means that from the DApp developer perspective, Layer 2 rollups are nearly identical to Layer 1 Ethereum.

To use an operating system analogy, EVM equivalence is akin to restoring files and settings through Apple Cloud if a user’s previous computer and new computer both run on Apple’s operating system.

In contrast, EVM compatibility means that if a new computer switches to a Windows system, the original files need to be downloaded through cloud storage and converted to recover preferred settings and old files.

Different Types of ZkEVMs

Generating and verifying ZKPs directly using EVM is extremely slow because Ethereum wasn’t originally designed to support ZKP technology. In some cases, it could take as long as several hours. However, it’s imperative to strike a balance between EVM compatibility and ZKP efficiency.

Ethereum founder Vitalik Buterin categorized zkEVMs into the following four types. Similar to the blockchain trilemma, they each have different tradeoffs between ZKP performance efficiency and EVM compatibility.

Type 1: Consensus-level equivalence — zkEVM that is completely equivalent to Ethereum

At the consensus level, a Type 1 zkEVM — also known as an enshrined rollup — is equivalent to Ethereum, and the zkEVM chain state and transactions are identical to those of Ethereum. They can mutually verify blocks and be directly used with Ethereum execution clients.

Type 1 zkEVMs make Ethereum itself more scalable and can be directly introduced onto the Ethereum mainnet. The disadvantage is that ZKP efficiency is extremely poor and requires a large amount of computation to verify. The solution is to use large-scale parallel validators or specialized integrated circuits for zk-SNARKs in future.

Type 1 zkEVMs with high ZK efficiency would be the most ideal form of zkEVM. Currently, there are many projects building or exploring this type of zkEVM.

Type 2: Bytecode-level equivalence — completely equivalent to EVM

Type 2 is completely equivalent to the EVM but not Ethereum. It differs from Ethereum in terms of data structures (such as block structure and state tree) and deletes some stack operations that are not ZK-friendly.

It’s fully compatible with Ethereum's existing DApps, debugging tools, and developer infrastructure. Bytecode-level equivalence can speed up prover times, albeit not significantly. A clear downside of Type 2 is that it's expensive, not synergistic with ZK, with low and expensive efficiency.

Type 2.5: Similar to Type 2 but with modifications to gas fees

Type 2.5 shares Type 2’s advantages and disadvantages but has slightly lower gas fees.

Type 3: Bytecode-level equivalence — nearly equivalent to EVM

Based on Type 2, Type 3 further sacrifices compatibility for improved ZK efficiency. It deletes functions that are difficult to implement on zkEVM, such as precompiles, so some coding used in DApps that require this function must be rewritten.

Type 4: Development language-level equivalence — high-level language equivalent to EVM

Type 4 EVMs have the highest ZK performance but relatively subpar compatibility.

Closing Thoughts

The main purpose of zkEVM implementation is to extend the support of ZKP computation to smart contract execution and in doing so, extend DApps to all EVM-compatible protocols. But ZKPs’ applications don’t stop here.

ZKP technology can potentially be compatible with Web2 use cases. Combining various Web2 use cases with ZKP could make Web3 applications smoother and more user-friendly. It would also grant users who are already accustomed to traditional Internet browsers access to Web3 and in turn, drive Web3 adoption.

Read more: https://academy.binance.com/en/articles/what-is-a-zkevm-and-how-can-it-enhance-the-ethereum-ecosystem