Circuit

A circuit in a zero-knowledge proof (ZKP) is a mathematical representation of a computation or problem that needs verification. It consists of logical gates and wires that simulate computation steps, similar to an arithmetic circuit.

Each circuit takes inputs known only to the prover, processes them through its logical gates, and computes a result based on these inputs. If the inputs satisfy the circuit’s logical requirements, a proof is generated. Conversely, if the inputs are incorrect, the circuit will not generate a valid proof. Thus, the generation of a proof serves as sufficient evidence for the verifier that the inputs are correct. This allows the verifier to be confident that the prover knows the correct inputs without the prover having to reveal them.

In ZK-rollups, a circuit represents the computation process for a batch of transactions. It takes transaction data (such as sender and receiver addresses and amounts) and the current state of the network (such as account balances) as inputs from the rollup, which functions as the prover. The circuit then processes these inputs to validate the transactions and produces the result: an updated state of the network.

If the result is as expected, meaning all the transaction input data is correct and satisfies the circuit, the circuit generates a proof called a validity proof, typically in the form of a ZK-SNARK or ZK-STARK. This validity proof is then submitted to Layer 1, or the settlement layer, which verifies the proof to finalize the transactions. Since the generation of a validity proof itself mathematically guarantees the correctness of the inputs, Layer 1 does not need to know the details of the batched transactions to verify it, unlike optimistic rollups, which require all the transaction data to be available.

While the use of zero-knowledge circuits is crucial for generating succinct proofs for multiple transactions in a batch on a ZK-rollup, integrating these circuits into an EVM-equivalent environment to develop zkEVMs presents significant challenges. It requires translating smart contract code into mathematical circuits, a task made particularly difficult because the EVM’s general-purpose computations are far more complex than the simpler arithmetic operations for which the original ZK methods were designed.

As a result, early ZK-rollups were not versatile and specialized in specific financial operations, such as exchanges or lending. However, significant progress has been made, and today, many ZK-rollup projects, including Scroll, Linea, Polygon zkEVM, ZKsync Era, Taiko, and X Layer, have developed efficient circuits that can represent the intricate and diverse operations of the EVM, creating zkEVMs that are nearly equivalent to the EVM.

Challenge Period

The challenge period, or dispute window, is a crucial timeframe assigned to each transaction within optimistic rollups and optimistic bridges. This allows netwo...

Consensus Layer

The consensus layer in Ethereum, formerly known as Eth2 or the Beacon Chain, is one of the two layers that comprise Layer 1 of Ethereum alongside the execution ...