The options for layer-2 scaling are expanding as Polygon launches its long-awaited zkEVM technology on Ethereum mainnet today.
The zero-knowledge Ethereum Virtual Machine is a technology that can execute smart contract transactions in a way that can prove the information is executed correctly without revealing the information itself on Ethereum’s mainnet, thereby bundling more transactions in less mainnet blockspace.
Sandeep Nailwal, the co-founder and chief operating officer of Polygon, told Blockworks this type of technology is considered the “holy grail of scaling.”
“With the power of mathematics…you can compute something off-chain on layer-2, then verify everything back on Ethereum in a very succinct way in a very short amount of time,” Nailwal said.
Polygon’s launch on Ethereum comes just days after Matter Labs zkSync Era opened to the public on Ethereum mainnet.
Similar to zkSync’s offering, most of the Polygon zkEVM’s code is open-source, but under an AGPL v3 license.
“That means that not only current repositories, but all future modifications and distributions as well, will remain open source, ensuring the code cannot be used for proprietary purposes,” Nailwal said.
The exception is the Polygon zkEVM prover, for which an open-source license has not been selected at time of publication.
Nailwal notes that Polygon zkEVM is EVM equivalent, whereas zkSync’s offering is EVM compatible.
According to the framework laid out by Ethereum co-founder Vitalik Buterin in August 2022, zkSync Era is classified as a “Type-4 (high-level-language equivalent),” and there are advantages and disadvantages of various approaches to bringing the EVM to a zero-knowledge rollup. The merits of various tradeoffs are an ongoing topic of debate.
Like zkSync Era, and the current crop of optimistic rollups, the Polygon zkEVM is not yet decentralized, but eventually, Nailwal hopes that Polygon’s new offering will take that step.
“Everything is in the hands of the community,” he said.
Security comes first
In addition to three internal audits, Nailwal notes that Polygon’s zkEVM has also gone through two rounds of external security audits from blockchain cybersecurity companies Hexens and Spearbit.
Ongoing, continuous audits are expected for the next three to four months following mainnet launch and a multi-million dollar bounty program will also be in place, he said.
The emphasis on security was also central to zkSync Era’s mainnet release, but Polygon said that Matter Labs had shared audits that cover their smart contracts and sequencer, not their prover.
“This raises serious questions about security, at least until a full audit is released. The prover for Polygon zkEVM, meanwhile, has been audited, and is open-source,” Brendan Farmer, Polygon Zero co-founder, told Blockworks.
A spokesperson for zkSync told Blockworks that the prover had been audited by Halborn Security, and pointed to the blockchain’s documentation, which notes that a recently completed review has not yet been published.
Even conscientious security measures can leave gaps, however, and Nailwal notes that he does not wish users to bring millions of dollars to the zkEVM immediately.
“Zk is new technology…so we [want] people [to be] as cautious as possible,” he said.
Drawing on the example of the recent Euler Finance attacks, Nailwal cautioned that interacting with smart contracts is not without risk.
“Euler, after running for two years, a bug was found — this can happen any day, on any smart contract-based application.” he said.
ZkEVMs are sure to be compared to their optimistic rollup counterparts — the most successful to-date being Optimism and Arbitrum.
“Arbitrum took one and a half years before people actually started bringing in money,” Nailwal said. “So we don’t expect people to bring a lot of money [initially].”