In the rapidly evolving field of blockchain technology, numerous protocols have been proposed and implemented, each using a different consensus approach - from computational Proof-of-Work to incentive-based Proof-of-Stake, and more. Since the early days of blockchain, liquidity and assets have been increasingly fragmented across chains due to differences in consensus, security, programming languages, and more. Cross-chain bridges have emerged as a solution to this problem, reducing fragmentation and integrating liquidity across blockchains. One such cross-chain bridge protocol is Wormhole, which facilitates the movement of cryptocurrencies and non-fungible tokens (NFTs) between different smart contract blockchains, such as Solana and Ethereum.
Current risks of cross-chain bridges
Cross-chain bridges can be tricky. Ensuring the security of their cross-chain bridges is a major challenge because assets stored in smart contracts or central custodians need to be protected. Bridges have always been targets for hackers because of their centralized storage of funds. The evolving design of bridges also makes it possible for attackers to find new vulnerabilities and exploits. In 2022, Wormhole was hacked after a security fix was uploaded to Github, resulting in a loss of $325 million. The hackers took the funds away after the success. Chainalysis reported that cross-chain bridge attacks accounted for 69% of the total stolen funds in 2022.
Another challenge is poor performance and reliance on a central entity. Current cross-chain bridges face scalability issues. In order to update and adjust the states of the two chains, cross-chain bridges require a lot of computing power and storage capacity, resulting in significant overhead. To reduce this burden, some cross-chain bridges have turned to a committee-style approach, where only a limited set of validators (or even only multi-signature holders) approve state transfers. However, this approach exposes them to vulnerabilities and potential attacks.
It is these issues that have prompted developers to begin looking for alternative solutions, specifically those that leverage zero-knowledge cryptography. Among these approaches, zk-SNARKs technology eliminates the need for a committee model while ensuring the scalability of the network.
Cross-chain bridge based on zk-SNARKs technology
Currently, several projects are developing ZK-based bridge solutions across different ecosystems and development stages, such as:
Succinct Labs
zkIBC by Electron Labs
zkBridge by Polyhedra Network
These initiatives leverage zk-SNARKS technology to revolutionize the design of cross-chain bridges. However, for all of these approaches to be successfully implemented, a key requirement is a light client protocol — a piece of software that connects to a full node and facilitates interaction with the blockchain. The protocol ensures that nodes can efficiently synchronize block headers of the confirmed blockchain state.
There are two main challenges when applying zk-SNARKs technology to cross-chain bridges. First, cross-chain bridges require a larger circuit scale compared to rollups. Second, the problem of minimizing on-chain storage and computational overhead needs to be solved.
Succinct Labs
Succinct Labs is developing a light client for Ethereum 2.0’s PoS (Proof of Stake) consensus, building a trust-minimized cross-chain bridge between Gnosis and Ethereum. This cross-chain bridge leverages the efficiency of zk-SNARKS to verify consensus validity proofs on-chain in a concise manner.
The setup involves a sync committee of 512 validators, which are randomly selected every 27 hours. These validators are responsible for signing each block header during their assigned time period. The state of Ethereum is considered valid if more than ⅔ of the validators sign each block header. The validation process mainly involves verifying the following:
1. Merkle proof of block header
2. Merkle proof of validators in the synchronization committee
3. BLS signatures to ensure correct rotation of the Sync Committee
This process incurs significant computational cost, as the basic concept is that the light client utilizes zk-SNARK (Groth16) to create a constant-sized proof (validity proof) that can be efficiently verified on the Gnosis chain. The proof is generated through off-chain computation, which involves building a circuit that verifies the validator and their signature, and then generating a zk-SNARK proof. The proof and block header are then submitted to a smart contract on the Gnosis chain for verification.
Adopting zk-SNARKs helps reduce storage overhead and circuit complexity, thereby lowering trust assumptions. Nevertheless, this approach is specifically optimized for the Ethereum 2.0 consensus protocol and EVM and may require greater adaptation to apply to other blockchain networks.
Just this July, Succinct Labs made a major announcement, confirming that its Ethereum ZK light client has been officially integrated on the mainnet to enhance the security of Gnosis Omnibridge. This integration will make Succinct Labs responsible for protecting Gnosis Omnibridge, which currently has a total locked value (TVL) of more than $40 million and has facilitated more than $1.5 billion in stablecoin asset flows to date.
zkIBC by Electron Labs
Electron Labs is building a cross-chain bridge that originates from the Cosmos SDK ecosystem, a framework for application-specific blockchains. Its cross-chain bridge will use IBC (Inter-chain Communication) technology to enable seamless communication between all independent blockchains defined within the framework.
However, implementing the Cosmos SDK light client into Ethereum is fraught with difficulties. The Tendermint light client used by the Cosmos SDK runs on the Twisted Edwards curve (Ed25519), which is not natively supported by the Ethereum blockchain. Therefore, verifying Ed25519 signatures on Ethereum's BN254 curve is expensive and inefficient. To overcome this obstacle, Electron Labs is developing a solution based on zk-SNARKs technology. This system will generate an off-chain proof of signature validity and only verify the proof on the Ethereum chain, effectively solving this problem.
By adopting this approach, Ed25519 signatures in the Cosmos SDK can be verified on the Ethereum blockchain efficiently and cost-effectively while avoiding the introduction of any additional trust assumptions. However, one potential problem this approach may face is latency. The block generation rate in the Cosmos SDK is 7 seconds, and in order to keep up with this rate, the time for proof must be greatly reduced. Electron Labs intends to solve this problem by using multiple computers to generate proofs simultaneously and then merge them into a single zk-SNARK proof.
zkBridge by Polyhedra Network
Compared to the other two industry-leading zero-knowledge proof-based cross-chain bridge constructions, zkBridge stands out with its flexible and diverse framework, which facilitates the development of multiple applications on its platform. It effectively uses zk-SNARKs to establish an efficient communication process, allowing the prover to convince the receiving chain that a specific state transition occurred on the sending chain. The zkBridge framework consists of two key components:
Header Relay Network: This component takes the block headers from the sending chain, generates proofs to verify the block headers, and then transmits both the block headers and proofs to the update contract on the receiving chain.
Update Contract: This part maintains a light client state and automatically includes the block header of the sending chain after the association proof is verified. In addition, it also keeps the current main chain state of the sending chain updated.
The main difference between zkBridge and other industry-leading approaches is that zkBridge only requires the presence of an honest node in the relay network and assumes the reliability of zk-SNARKs.
A key advance in this construction lies in the parallel use of zk-SNARKs: the Virgo prover (deVirgo), which introduces a novel distributed proof system to speed up the proof generation process and uses recursive proofs to reduce the cost of on-chain proof verification. deVirgo relies on the GKR protocol and a polynomial commitment scheme to generate proofs for circuits that verify multiple signatures. The deVirgo proofs are then compressed through a Groth16 prover and verified by an update contract on the target blockchain. The combination of these proof systems enables zkBridge to achieve efficient cross-chain communication without relying on external trust assumptions.
The mainnet Alpha version of zkBridge was released in April 2023 and is now facilitating cross-chain interoperability between several L1 and L2 blockchain networks, such as BNB Chain, Ethereum, and Arbitrum. At the 2023 ETHCC Paris zkDAY event, Polyhedra Network's CTO, Tiancheng Xie, emphasized that since its mainnet launch, the protocol has attracted more than 50,000 daily active users and 800,000 monthly active users.
With its modular architecture, zkBridge opens up a wide range of possibilities for developers and users. These possibilities include token bridging and swapping, message passing, and computational logic that adapts to state changes between different blockchain networks.
Summarize
Incorporating zk-SNARKs technology into cross-chain bridge design can effectively solve problems related to decentralization and security. However, this also creates a computational bottleneck due to the large circuit scale involved. As the focus on interoperability continues to increase, I believe that more developers will work hard to develop secure and scalable cross-chain bridge technology. These developments are expected to have a positive impact on the overall advancement and application of ZK technology. Therefore, we can expect significant progress in research, innovation implementation, and wider adoption of cross-chain applications in the near future.