menu
search
Index/List/Details
search
headphones
Ethereum researcher: Native Rollups -Super Power from L1
Jinse Finance
Jinse Finance
authIcon
BCrypto Pioneer
2025-01-23 11:24
Follow
Focus
1. Native Rollups are a type of blockchain technology that allows for the execution of smart contracts on top of an existing blockchain network. 2. They are designed to be more efficient and scalable than traditional blockchain networks by using pre-compiled code to execute transactions. 3. The native Rollup is a specific of this technology, which has been optimized for with Ethereum's EVM (Ethereum Machine). 4. Native Rollups have several benefits, including simplicity, safety, and the ability to maintain synchronization with the original blockchain network without governance. 5. They are also able to reduce the cost of verifying smart contracts on the chain by pre-compiling them before execution.
Helpful
Unhelpful
Play

Author:Will Silicon Valley

Author: Ethereum Researcher Justin Drake, EthResearch; Compilation: Tao Zhu, Tao Zhu,

The credit of this article is due to a wider range of Ethereum R & D communities.The key contribution comes from 2017, and the design has been unlocked by a significant increase over the years.The recent ZKVM project breakthrough has caused thorough design space exploration.This article is just trying to try to make up a coherent design for a great creativity that may finally arrive.

summary

We proposed an elegant and powerful EXECUTE pre -compilation that exposed the original L1 EVM execution engine to the application layer.The native execution summary (referred to as the "native summary") is a summary of the EVM state conversion that uses Execute to verify the batch user transaction.The native summary can be regarded as "programmable execution shards", and pre -compilation is packed in the derived function to process the system logic outside the EVM, such as sorting, bridge, compulsory included, and governance.

Because the pre -compilation of Execute is directly executed by the verification device, it enjoys the (ZK) EL client diversity and provides EVM equivalent. This equivalent has no error in the structure, and the EVM upgrade direction with the EVM through the L1 hard fork is upgraded.Compatible.For the EVM equivalent summary of EVM, which hopes to fully inherit Ethereum, it is necessary for EVM forms such as EXECUTE pre -compilation.We will completely inherit the summary of Ethereum security as "a summary of no trust."

EXECUTE pre -compilation greatly simplifies the development of EVM equivalent summary, because there is no need for complex infrastructure (such as anti -fraud games, SNARK circuits, security committees) to perform EVM simulation and maintenance.Using Execute, only a few lines of Solidity code are required, and the minimum native summary and summary can be deployed with a simple derived function, so that there is no need to specialize in sorting, mandatory or governance.

The most important thing is,The native summary can enjoy real -time settlement, without worrying about real -time proof, which greatly simplifies synchronous combination.

This article is divided into two parts, first introduced the proposed pre -compilation, and finally discussed the native summary.

Part 1 -EXECUTE pre -compilation

structure

EXECUTE pre -compilation accepts input pre_State_root, Post_State_root, Trace and Gas_used.When and only meet the following conditions, it returns True:

  • Trace is a good format tracking (such as L2 trading list and corresponding status access certificate)

  • Trace's stateless execution starts with pre_State_root, ends at post_state_root

  • Trace's stateless execution just consumes GAS_USED GAS

There is an EIP-1559 mechanism for measuring and pricing all Execute calls consumed by all Execute calls in the L1 block.Specifically, there is a cumulative GAS limit Execute_cumulating_gas_limit, and a cumulative Gas target Execute_cumulative_gas_target.(When the L1 EVM can be executed by the verification person, the cumulative restrictions and goals can be merged with the L1 EIP-1559 mechanism.)

Calling the pre-compilation requires a fixed number of L1 GAS and Execute_GAS_COST, plus the Gas_used * Gas_price, where the Gas_Price (priced at ETH/GAS) is set up by the EIP-1559 mechanism.Even if the pre -compilation returns FALSE, full payment will be extracted.

Tracking must point to Ethereum data from calling data, blob, status or memory.

Execute

If the Execute_cumulating_gas_limit is small enough, the verification device can simply re -execute the correctness of the execution of Execute calls.The initial deployment based on the re -executed pre -compiled can be used as a scoot stone, which is similar to the simple re -download Blob to complete Danksharding.Please note that simple re -execution will not bring status growth or bandwidth overhead to the verification device, and any execution overhead can be parallelized between the CPU core.

The verification device must hold a clear copy of the tracking to re -execute, so as to prevent the use of a Blob data pointer using the BLOB data through DAS (instead of downloading).Please note that the optimistic conclusion may still release summary data in the form of BLOB, and only retreats to the call data in the fraudulent proof game.It should also be noted that the optimistic native summary can have a far more than the GAS limit that exceeds Execute_cumulative_gas_limit, because Execute pre -compilation only needs to call once on the small EVM segment to solve the challenge of fraud.

As a historical record, Vitalik proposed a similar "EVM Inside EVM" pre -compilation 16 in 2017, called ExepTX.

Execute through Snark

To unlock the larger Execute_cumulating_GAS_Limit, it will naturally make the verifier selectively verify the SNARK proof.From now on, we assume that a time slot is delayed, and there is no effort (or invalid transaction) as no operation.(For more information about delayed execution, please refer to this EthResearch post 15. This design of this EIP 18 and Francesco 19.) A time slot delay execution will generate a few seconds (entire time slot) to prove.They also avoid the inspiration of MEV -driven certification competitions, which will introduce centralized vectors.

Please note that even if Execute is enforced by Snark, there is no clear proof system or circuit into consensus.(Please note that EXECUTE pre -compilation will not use any clear proof as input.) On the contrary, each pledge operator can freely choose their favorite ZKEL verification client, similar to today's subjective choice EL client.The next section of "Certificate of Chain" will explain the benefits of this design decision.

From now on, we assume that the proposal is mature in the context of the proofer of alternating execution and consensus time slot-proposal separation (APS).In order to motivate the proposal of rational enforcement to generate proof in a timely manner (within 1 time slot), we require the proof of the proof of the execution block n to prove the execution block N+1.(We recommend binding the block N+1 with the EXECUTE proof of the block N in the P2P layer.) The executioner who skip the proof may miss their timeline, causing the cost and MEV.We further impose a fixed punishment for the missed execution time slot, and set it enough (e. eth) to always exceed the cost of the proof.

Please note that in the context of APS, the generation of consensus blocks will not be blocked by missed execution slots.However, timely generating proof is important for light clients, so that they can easily read the status at the end of the chain without re -execution without state.In order to ensure a proof of the light client in time, even in the special case of the next executing proposal missed its time slot, we also rely on the hypothetical assumptions of the minority proof.A single altruistic proof is enough to generate proof within 1 time slot.In order to avoid unnecessary redundant proof, most of the provers can wait for the stand, and it only starts when it is not proved to be reached within one time slot, so as to serve as a fault safety measure of up to 2 time slot delay.

Please note that Execute_cumulative_gas_limit needs to be set enough to make a small number of proofers be credible (and the execution proposal will not be unrealisticly complicated).The conservative strategy can be set to set the Execute_cumulating_gas_limit so that the laptop (such as the high -end MacBook Pro) can access the single slot proof.A more pragmatic and positive policy may be aiming at a small part of the GPU, and once they are fully commoditized, they may eventually aim at the Snark ASIC certificate.

Under -chain proof

To reiterate, we recommend not to prove the ZKEL Execute on the chain, but share it under the chain.No preservation proof is a good idea, which was proposed by Vitalik 22 for the first time. It has several advantages:

  • Diversity:Verifications can freely choose the proof verification device (including proof systems and circuits) from the development team they trust, similar to the method of chosen EL clients they trust.This provides stability through diversity.ZKEL Verification Client (and Basic ZKVM of some clients) is complex crypto software.An error in any client should not cause Ethereum to collapse.

  • Neutral:With the ZKEL Verification client market, the consensus layer is allowed not to choose technical winners.For example, the ZKVM market is fiercely competitive, and the choice of winning suppliers (such as RISC0, SUCCINCT, or many other suppliers 31) may not be regarded as neutral.

  • Simple:The consensus layer does not require a specific SNARK verification device, which greatly simplifies the specifications of the consensus layer.You only need to include the format of the state access proof, not the details of the specific proof verification device.

  • flexibility:If you find an error or optimization, the affected authentication can update their client without having a hard fork.

It will indeed bring some controllable and complicated situations with a certificate under the chain:

  • Prove load and P2P fragmentation:Because there is no single specification proof, multiple proofs need to be generated (at least one of each ZKEL client).Each ZKEL client is customized (such as replacing one RISC-V ZKVM with another). It requires different proofs.Similarly, each ZKEL version upgrade requires different proofs.This will lead to an increase in load.If each type of proof has a separate gossip channel, it will further fragmented the P2P network.

  • A few zkel:It is difficult to motivate a small number of ZKEL to generate proof.The proposal of rational execution may only generate sufficient proof to achieve the vast majority of proof without missing their time.In order to solve this problem, the pledged operator can be encouraged to run multiple ZKEL client parallel, similar to today's VOUCH 4 operator.Running K-OF-N settings also has an additional benefits to improve security, especially to prevent sound vulnerabilities. This vulnerability allows attackerscommon).

The proof of the chain will also reduce the efficiency of real -time settlement L2:

  • No replacement DA:Since the tracking input of Execute needs to be provided to the L1 verification person, the L2 (that is, the L2 of its standard state root) of the real -time settlement must consume L1 DA, that is, summary.Please note that the optimistic L2 of the game delayed by the fraud proof does not have this limit, that is, it can be an effective value.

  • Status access overhead:Since the tracking must be executed without a state, it must include the state of reading or writing Trie leaves, which introduces a small amount of DA overhead than the typical L2 block.Please note that optimistic L2 does not have this limit, because only the state of Trie leaves in the challenge of fraud, and the challenger can re -calculate the Trie leaves.

  • No state difference:Because the given tracking, it is proved that there is no need to be licensed, so the summary state difference cannot be performed.However, if the corresponding special proof is included in the consensus, it can compress the stateless access certificate or EVM transaction signature.

RISC-V native execution

Given that in fact, the convergence of the RISC-V ZKVM 31 may have the opportunity to convert the RISC-V state to EVM (WASM similar to the ARBITRUM Stylus 5 environment) and maintain Snark friendship.

Part 2 -Native Rollup

name

We first discuss the naming native Rollup to solve several problems that are easily confused:

  • Replacement name:The native summary was previously called ENSHRINED summary. For example, please refer to this article 13 and this article 7.(The term "standard summary" has also been used as a short use in Polynya 12.) The term "ENSHRINED" was later abandoned and replaced by "native" to indicate that the existing EVM equivalent summary can be upgraded to native.The name "native" was independently proposed by Dan Robinson and a Lido contributor who wanted to keep anonymous in November 2022.

  • Based on summary:Based on the concept of summary and native exchange: "Based" is related to L1 sorting, and "native" is related to the implementation of L1.At the same time, based on the native summary, it is called "supersonic summary".

  • Execute shards:Executing a piece (ie, the ENSHRINED copy of the L1 EVM chain) is a different but related concept related to the native summary, which is a few years earlier than the original summary.(Before the execution of the film is the "second stage" of the Ethereum 2.0 roadmap.) Unlike the native ROLLUP, the execution shard is not programmed, that is, there are no customized governance, custom sorting, and custom GAS token.The execution of the segment is usually instantiated with a fixed quantity (e.g. 64 or 1,024 pieces).Unfortunately, Martin KöPpelmann uses the word "native L2" 7 in a speech on DevCon in 2024.

benefit

Native Rollups have several benefits, we will introduce in detail below:

  • Simple:Most of the complexity of the native Rollup VM can be packaged by pre -compilation.Today, thousands of lines of Optimism and ZK-Rollup are equivalent to EVM. There are thousands of lines of code for their fraud proof games or SNARK verifications. These code can be compressed to a line of code.Native ROLLUP does not require an auxiliary infrastructure, such as proof of the network, watchtower and security committee.

  • Safety:Building an errorless EVM fraud certification game or SNARK verification device is a very difficult engineering task, which may require deep form verification.Today, each Optimism and ZK EVM Rollup are likely to have serious vulnerabilities in their EVM state conversion functions.In order to prevent vulnerabilities, centralized sorting is usually used as crutches that control confrontation block production.Pre -compilation of native execution allows security deployment without permission.Rollup, who is completely inherited with L1 security, also completely inherits the exchangeability of L1 assets.

  • EVM equivalent:Today, the only way to maintain synchronization with the Rollup and L1 EVM rules is to upgrade the governance (usually the security committee and/or govern the token) mirror L1 EVM.(EVM update is still carried out by about once a year.) Governance is not only a medium of attack. Strictly speaking, it deviates from L1 EVM and prevents any rollup from achieving true long -term EVM equivalent.On the other hand, native Rollup can be upgraded synchronously with L1 without governance.

  • Snark Gas cost:The cost of verifying Snark on the chain is very high.Therefore, many ZK-Rollups rarely settle to reduce costs as much as possible.Since Snark is not verified on the chain, EXECUTE pre -compilation can be used to reduce verification costs.If you use SNARK recursively to batch the execute proof of multiple calls in a block, Execute_gas_cost can be set relatively low.

  • Synchronous combination:Today, synchronization with L1 requires real -time proof of the same groove.For ZK Rollups, the implementation of ultra -low latency proof (such as 100 milliseconds) is a particularly challenging engineering task.Using a single groove delay state root, the proof of pre -compiling proves can be relaxed to a complete groove.

Open App for Full Article
DisclaimerThis website, hyperlinks, related apps, forums, blogs, media accounts, and other platforms' content are all sourced from third-party platforms and users. CoinWorldNet makes no guarantees about the website or its content. All blockchain data and other materials are for educational and research purposes only and do not constitute investment, legal, or other advice. Users of the CoinWorldNet and third-party platforms are solely responsible for the content they post, which is unrelated to CoinWorldNet. CoinWorldNet is not liable for any loss arising from the use of this website's information. You should use the data and content cautiously and bear all associated risks. It is strongly recommended that you independently research, review, analyze, and verify the content.
Comments(0)
Popular
Latest

No Comments

edit
comment
collection
like
share
Bitcoin trader warns of downside as gold rally continues to pull focus from BTC
01-29 13:17CoinDesk
http://img.528btc.com.cn/pro/2026-01-29/img/176966521943594b85xajhhjxj5j430h7382x4xb9x349.jpg
Open App
Fidelity launches FIDD on Ethereum – Could this boost ETH?
01-30 14:09AMBCrypto
http://img.528btc.com.cn/pro/2026-01-30/img/1769753440225hachcc1ch4acbx978hh1cx29a1474aba.jpg
Open App
From geopolitical tensions to tightening liquidity, BTC has been dragged into an out-of-control market.
01-30 10:12Odaily
http://img.528btc.com.cn/pro/2026-01-30/img/1769739845563cj93538x429189cab82hc58x1c85b1j3.jpg
Open App
Bitcoin, Ethereum and XRP Plunge as Gold and Stocks Lose Ground
01-30 00:31Decrypt
http://img.528btc.com.cn/pro/2026-01-30/img/1769709649155jac4h558592x11axjcjc311cx62a97ba.jpg
Open App
BitMine deepens Ethereum bet with 41,788 ETH buy, ramps up staking
1d agoThe Block
http://img.528btc.com.cn/pro/2026-02-02/img/177004262347115h16c541857h7755j9x9j8hhjb5441j.jpg
Open App
Open App for More News