Polygon zkEVM: What it Means for MATIC
Dissecting one of the first zkEVMs to go live
This research memo is for educational purposes only and not an inducement to invest in any asset. Subscribe to Blockcrunch VIP to receive in-depth project analysis, interactive token models and exclusive AMAs from our research team - all for the price of a coffee ☕ a day.
With the recent launch of Arbitrum’s token, much of the Web 3 industry’s attention is back on optimistic rollups (ORUs) (which we recently covered for Blockcrunch VIPs here)
However, zero-knowledge rollups (zkRUs) have always been tipped to be the end-game. With various mainnet-imminent zkEVMs and proto-danksharding coming soon, suddenly the future is much closer than we think.
On Valentine’s Day this year, Polygon announced their zkEVM mainnet launch for March 27th. This announcement resulted in a boost in valuation for not just MATIC, but also various zk-related tokens that had already been gaining traction at the end of January from a narrative rotation. While token prices have since retraced, zk-related tokens are still up largely YTD.
In this week’s Blockcrunch VIP memo, we dive into Polygon’s zkEVM. Is the hype justified? Will zkEVM be the solution to the age-old issue of scalability?
Here’s what we’ll cover:
What are Zero-Knowledge Rollups?
Polygon zkEVM Architecture
The zkEVM Landscape
What does this mean for Matic?
Refresher: What Are zk-Rollups
There has been copious literature on what zk-Rollups are - readers who would like to get into the meat of what makes Polygon’s zkEVM unique can skip this first part.
Like ORUs, zkRUs bundle together transactions before submitting them as a single transaction on Ethereum. However, instead of using fraud proofs and assuming all transactions are valid until otherwise proven, zkRUs utilize validity proofs to instantly prove the validity of transactions.
This gives zkRUs an inherent advantage in terms of transaction finality, as they can instantly finalize transactions while transactions on ORUs can take over a week to finalize - which for users mean a 7-day waiting period before they can obtain their funds. The catch? It’s very computationally difficult to create these proofs, writing code for zk circuits is often highly complex - which explains why most live players today are ORUs, as zkRUs are relatively early in their development cycle still.
On the proofs that zkRUs use, there are two common types of validity proofs used today:
A succinct, non-interactive argument of knowledge (SNARK)
A succinct, transparent argument of knowledge (STARK).
The technical nuance between the two are out of scope for this memo. At a high level, these zk proofs (zkPs) allow one to prove that they know something without revealing information about what they actually know. Elan Halpern explains it really well, where she likens zkPs to the game of Wordle, in which players are able to share proof that they solved the board without revealing the actual solution.
For a more elaborate overview of zkRUs, feel free to revisit our Aztec memo.
What is Polygon zkEVM?
To understand the significance of Polygon’s zkEVMs, we must first understand why there are many flavors of zkEVMs.
zkRU is a grand vision for scalability - of which the zkEVM (zero-knowledge Ethereum Virtual Machine) is the core part. After all, if developers are forced to code in complex zk-circuit math in order to write a simple DeFi protocol, it will be difficult for zkRUs to fully take off.
Introduce zkEVMs - a virtual machine that provides an environment with little to no deviation from the EVM whilst supporting zero-knowledge proof computation.
Polygon is not the first project to pursue the zkEVM vision. To summarize, zkEVMs can be easily understood by breaking it up into two parts:
zk: zero-knowledge technology – instantly proves the validity of a batch of transactions through validity proofs, achieving both computational trustworthiness and scaling
EVM: Ethereum virtual machine – the environment that executes smart contracts written in Solidity (among others) on the Ethereum blockchain
With multiple teams working on zkEVMs, this led to a wide range of zkEVMs due to the different tradeoffs each team is making.
Enter Vitalik’s now highly-referenced article about the different types of zkEVMs, in which he defined 5 types of zkEVMs, each with varying tradeoffs between EVM-compatibility and performance. This framework basically summarizes all of the major players out there today:
Type 1: Fully Ethereum-equivalent, aiming for perfect compatibility, but at the cost of slow prover times.
Type 2: Fully EVM-equivalent at the VM level, but with some modifications to data structures to make development easier and prover times faster.
Type 2.5: EVM-equivalent, except for gas costs, to improve worst-case prover times.
Type 3: Almost EVM-equivalent, with minor sacrifices for faster prover times and easier development, but with more incompatibility.
Type 4: High-level language equivalent, with very fast prover times but less compatibility with some applications, especially those that use CREATE2 contract addresses or handwritten EVM bytecode.
Although Polygon initially claimed full Ethereum-equivalency (Type-1) in a memo to investors, Mihailo Bjelic, co-founder of Polygon, has since clarified that this claim is inaccurate.
To be precise, in its current form, the Polygon zkEVM is a Type 3 zkEVM on its way to being a Type 2, pending implementation of some precompile smart contracts this year – this is explained at length in this podcast.
Polygon claims to be the first zero-knowledge scaling solution that is fully EVM-equivalent, meaning that all existing smart contracts, developer toolings, and wallets work seamlessly. However, as we have discussed above, this is not yet achieved until critical upgrades are implemented. EVM-equivalency of its zkEVM means that the zkRU will be able to leverage zkPs to reduce costs and increase throughput whilst providing developers and users with the same tooling and apps that they might find on Ethereum.
Breaking Down the Polygon zkEVM
Polygon zkEVM is composed of multiple components that create a fully functional technical stack which allows developers to create zk-based applications. These components are:
Consensus Contract
zkNode
Synchronizer
Sequencers & Aggregators
RPC
zkProver
zkEVM Bridge
Below, let’s break it down in simple terms.
1. Consensus Contract
With Polygon’s updated consensus contract, PolygonZkEVM.sol, Polygon zkEVM will use the Proof of Efficiency mechanism and employs zk-SNARK circuits to ensure the correctness of state transitions.
Those familiar with Ethereum’s famed Proposer-Builder Separation (PBS) - one of the landmark updates in Ethereum - will find Proof of Efficiency easy to grasp.
To tackle the challenge of MEV (which we explained in our Merge memo here), PBS separated the role of validating the blockchain into builders (ie. those who compile transactions into a block) and proposers (i.e. validators, or those who commit the block to the chain).
For Polygon, Proof of Efficiency is spiritually similar. Under PoE, “sequencers” collate transactions on the L2, while “aggregators” batch them and create validity proofs to make those transactions canon. This is particularly important as resources required to create proofs are high, and PoE optimizes for the most efficient proof creators, while avoiding making the network centralized in their hands by separating out a key function into another class of network stakeholder.
2. zkNode
zkNode is the software node operators run in order for the network to run.
zkNode is required to run any zkEVM node, allowing participants to choose between being a node to know the state of the network (Sequencer) or participating in the process of batch production (Aggregator).
By running zkNode, network participants can maintain the Polygon zkEVM economy, whereby:
Sequencers collect transactions and receive fees from the published transactions while paying L1 transaction fees in MATIC, the token
Aggregators process transactions, build zkProof, and receive MATIC fees from Sequencers while incurring a static cost of L1 call cost and server cost to build a proof.
3. zkProver
zkProver is the powerhouse of the Polygon zkEVM. zkEVM uses advanced zero-knowledge technology to create validity proofs, employing a zero-knowledge prover called zkProver that is designed to be compatible with most consumer hardware.
Aggregators will use zkProver to validate batches and provide Validity Proofs, which consists of a Main State Machine Executor, a collection of secondary State Machines, a STARK-proof builder, and a SNARK-proof builder. The zkEVM expresses state changes in a polynomial form, meaning that all valid batches must satisfy specific polynomial constraints.
In human terms…zkEVM uses advanced math to ensure the security and correctness of transactions, and this is enabled by the zkProver.
4. zkEVM Bridge
Now, the Polygon zkRU wouldn’t be of much use to users if they can’t send funds into and out of the chain.
The zkEVM bridge is a smart contract that enables users to transfer their assets between two layers of a blockchain network, e.g. an L1 and L2. It is made up of two identical smart contracts, with one deployed on the Ethereum mainnet and the other on a specific rollup. The bridge smart contract is responsible for managing asset transfers between these two layers, and a verifier smart contract ensures the validity of each transaction by verifying cryptographic proofs. This interoperability mechanism enables the migration of assets between different layers, which is a key feature in any blockchain network.
How zkEVMs Differ
Now that we have a working knowledge of Polygon’s zkEVM, we can reason about the broader zkEVM market. Most of the offerings that are live or coming soon differ by the Type and choice of asset for the gas fee.
The table above provides an overview of the various teams developing zkEVMs. Of these zkEVMs, only StarkNet, zkSync, and Polygon have launched their public mainnet. Interestingly, there appears to be a correlation between a zkEVM's proximity to full Ethereum-equivalency (Type-1) and its distance from mainnet launch, underscoring the complexity of achieving full compatibility with the EVM. With other Type-2 zkEVMs like ConsenSys and Scroll some ways off from mainnet, Polygon might yet be the first EVM-equivalent zkEVM to go live, should their planned upgrades this year be successful.
It is interesting to note that besides dYdX, an app-specific zkRU that’s moving to Cosmos as an appchain soon, no general-purpose zkRU has gained significant traction or market share thus far in the L2 sector!
This space is currently dominated by ORUs, with Arbitrum and Optimism commanding more than 80% of market share. However, with Polygon’s thriving ecosystem and business development prowess, we may be seeing a monumental moment in adoption for zkRollups.
Impact on MATIC Token
The burning question that undoubtedly most of us are asking: What does Polygon zkEVM mean for MATIC?
While users will be using ETH for gas, Sequencers have to pay fees in MATIC to Aggregators, which process transactions published by Sequencers. This means the value of MATIC should approximately have a linear relationship with usage of the zkEVM, as the higher the usage, the more the number of transactions Sequencers need to batch, and the more MATIC they will need to acquire.
As fees from Polygon zkEVMs could be shared with MATIC stakers, should this become significant then it may be possible for MATIC to have a super-linear relationship with zkEVM usage as stakers price future potential fee earnings forward, as Sandeep (CEO of Polygon) noted below in a hypothetical example.
For context, this may already be happening as Polygon is already the 4th most valuable network (not including Bitcoin, stablecoins, or Dogecoin) today despite its zkEVM being in its nascent phase.
As of the time of writing, the MATIC token is trading at a valuation of $10.4 billion market capitalization. With a total supply of 10 billion tokens and a circulating supply of ~9 billion tokens, this gives MATIC an FDV of $11.4 billion. Note that the MATIC supply has been fully unlocked as of October 2022.
To caveat the above, most of the value accrued to MATIC to date is from the Polygon network, a layer 2 Proof-of-Stake chain that existed long before the proposed zkEVM. With Polygon’s existing network, under the introduction of EIP-1559, each time a user pays for a transaction, the base fee is locked in the burn contract. Once a threshold amount is accumulated, anyone can permissionlessly initiate the burn process. As of the time of writing, over 8.5 million MATIC tokens have been burned.
Over the past year, this has resulted in a total of $9.6 million in MATIC accrued to holders (burned) and ~$17 million in fees paid to validators.
Catalysts
Below we will cover some upcoming developments that can catalyze adoption on Polygon’s zkEVM. Note that we are not making a statement about the the following catalysts’ impact on MATIC’s price as a token.
Immutable zkEVM
Polygon recently partnered with Immutable to use Polygon zkEVM as the base for the new Immutable zkEVM.
In this partnership, Immutable will be utilizing Polygon zkEVM and the security of the entire MATIC validator set as a foundation for the Immutable zkEVM. Not only that, but Immutable will be using the Polygon-powered Immutable zkEVM to enable gaming partners to launch their own zkRUs.
This new ecosystem of application-specific rollups will form an ecosystem of Layer 3s (L3) on top of the Immutable zkEVM, as illustrated above. While Immutable’s token IMX will be used as the fee token, all Immutable zkEVMs will be secured by MATIC. This means that fees will be paid to MATIC validators.
Polygon’s partnership with Immutable is a significant one. In 2022, Polygon and Immutable invested nearly $2 billion into the gaming sector. Polygon has already partnered with big names like Ubisoft, Atari, Animoca, Decentraland, and the Sandbox, while Immutable’s existing tech stack has already been leveraged by games like Gods Unchained, Guild of Guardians, and Illuvium, among others, processing ~20 billion API calls in the last quarter alone.
As mentioned in the previous section, this partnership with Immutable will empower game studios to launch their own zkRU via Immutable’s new zkEVM, which is in turn powered by the Polygon zkEVM. This will bring in a significant amount of fees to MATIC stakers once the Immutable zkEVM and its application-specific rollups start to go live.
EIP-4844 and Beyond
As we covered in our Arbitrum memo, proto-danksharding (EIP-4844) is a critical upgrade that provides a separate fee market for blobs posted on L1 by L2 chains, significantly reducing transaction costs for L2 users by orders of magnitude.
Proto-danksharding is particularly important for zkRUs, because it enables synchronous composability between zkRUs. What this means is that pooled liquidity between rollups will be possible – users would be able to swap assets between rollups just like they can do so between DEXs on the same chain. This greatly improves UX and fixes the issue of fragmented liquidity. Listen to Justin Drake elaborating here:
Thus, the race for synchronous composability between chains begins and zkRUs could be the first one to get there. ORUs and Cosmos appchains are working towards synchronous composability as well, although they seem to be way behind as these quoted tweets show.
Risks
Early Days
While zkEVMs may be slowly coming out of the woodwork into mainnet, there are still some ways to go before the above catalysts are implemented. Time will tell if zkRUs will be able to gain significant traction and take market share from their optimistic counterparts.
Complexity
It's no secret that constructing zkEVMs is a complex task, particularly as they approach full Ethereum compatibility. Over $6 billion has been lost to hacks in the DeFi space thus far, and emerging, unproven technologies like SNARK proofs provide even more opportunities for exploiters.
Thus, it is crucial to not only have security measures in place but also to be proactive and implement preventive measures where feasible. The three security audits being conducted by Polygon (two external, one internal) serve as an excellent example of this approach.
Security
Polygon zkEVM has been undergoing two separate security audits. The results of one of them was just released by Hexens. The report highlighted nine vulnerabilities and gave seven recommendations. As of the time of writing, all 16 highlighted issues have been fixed. The full report can be found here. The other security audit is being carried out by Spearbit and is in addition to Polygon’s own internal audit.
Closing Thoughts
The emergence of Polygon's zkEVM has undoubtedly piqued the interest of the crypto community, especially with the potential of zkRUs to revolutionize the scalability and security of Ethereum. While Polygon's zkEVM is still in the process of achieving full EVM-equivalency, the team's efforts and ambitious plans for future upgrades signal that the technology could become a frontrunner in the L2 scaling race.
The zkEVM landscape is still in its infancy, with projects like StarkNet and Polygon leading the pack in terms of mainnet launches. However, the road to widespread adoption is likely to be paved with technical challenges and potential security risks. As projects like Polygon continue to refine their zkEVM implementations and explore partnerships with other teams, investors should keep a close eye on the growth of the ecosystem, potential value accrual opportunities, and technological advancements in the space.
Polygon’s partnership with Immutable is likely the first of many to come, and could signal the beginning of a new ecosystem of rollups powered by the Polygon zkEVM. Ultimately, the successful implementation of zkRUs and zkEVMs like Polygon's could mark a new era for Ethereum, transforming it into a more scalable, secure, and efficient environment for decentralized applications. With the stakes so high, the race for zkEVM dominance will undoubtedly be an exciting one to watch unfold.
References
All about Polygon zkEVM and zkEVM Rollup
Proof of Efficiency: A new consensus mechanism for zk-rollups
150 - Bull Case for Ethereum IV with Justin Drake, DCinvestor, & Anthony Sassano
Polygon and Immutable zkEVM Partnership with Sandeep Nailwal & Robbie Ferguson
Disclaimer
The Blockcrunch Podcast (“Blockcrunch”) is an educational resource intended for informational purposes only. Blockcrunch produces a weekly podcast and newsletter that routinely covers projects in Web 3 and may discuss assets that the host or its guests have financial exposure to.
Some Blockcrunch VIP posts are written by contractors to Blockcrunch and posts reflect the contractors’ independent views, not Blockcrunch’s official stance. Blockcrunch requires contractors to disclose their financial exposure to projects they write about but is not able to fully guarantee no such conflicts of interest exist. Blockcrunch itself will not buy or sell assets it covers 72 hours prior to and subsequent to the publication of a piece; however, its directors, employees, contractors and affiliates may buy or sell assets prior to or subsequent to publication of any content and will make disclosures on a best effort basis.
Views held by Blockcrunch’s guests are their own. None of Blockcrunch, its registered entity or any of its affiliated personnel are licensed to provide any type of financial advice, and nothing on Blockcrunch’s podcast, newsletter, website and social media should be construed as financial advice. Blockcrunch also receives compensation from its sponsor; sponsorship messages do not constitute financial advice or endorsement.
For more detailed disclaimers, visit https://blockcrunch.substack.com/about