Background
With the advent of new L2 rollup solutions that leverage Zero-Knowledge Proof (ZKP) technologies to drive down transaction costs, the question of investigating the main contributors to transaction price that depend solely on the ZKP stack is pivotal in ensuring that such solutions remain cost-effective and scalable while still enabling mainstream adoption. A fundamental question around such systems lies in investigating the end-user costs incurred by ZKP proof generation at scale. More specifically, since ZKPs can be designed and implemented based on very different rollup architectures and designs, it is unclear how and whether they can be leveraged in an adversarial setting to induce economic distributed denial of service (DDoS) vectors on the rollup operators themselves. This problem will become fundamental as current and future rollup systems increasingly decentralize, opening up their systems to actors who will be able to push transactions that may enforce high fees on the operator while keeping transaction costs low for the end-user.
Problem Statement
This RFP aims to formalize and investigate the robustness of ZKP rollup system design against such behaviors. More specifically, we focus on the three following tracks:
- Formalization of existing ZKP rollup auction mechanisms
- Can we group the transaction fee auction mechanisms of existing mainnet ZK-rollups into distinct yet formally equivalent algorithms?
- Formal specifications of each type of auction mechanism
- Similarities/differences between them
- To what extent does the backend ZKP tech stack used by existing mainnet implementations inform the type of transaction fee auction mechanism used?
- Are there any restrictions on the auction mechanism that are dictated by the backend ZK tech stack?
- Can we make qualitative claims on the type of ZKPs that should be used or avoided based on the above?
- Can we group the transaction fee auction mechanisms of existing mainnet ZK-rollups into distinct yet formally equivalent algorithms?
- Identification of economic DDoS attack vectors
- Can we find economic attacks on existing auction mechanisms that leverage a mismatch between the costs of generating ZKPs and the costs required to push the related transactions to the L1/L2?
- How grave can such attacks be?
- Do these imply fundamental problems that need to be resolved before ZKP L2s move out of a Proof of Authority governance system?
- What aspects of the ZKP tech stack lend themselves to such attack vectors?
- Are some types of ZKPs more robust than others to DDoS?
- How does batching feature or affect this (if at all)?
- Are there some attacks inherent to all ZK-rollups?
- What types of transactions lend themselves to gaming the underlying cost of the ZKPs that they generate?
- How does this inform the design of the gas schedule?
- Any other design concerns that this implies?
- Can we find economic attacks on existing auction mechanisms that leverage a mismatch between the costs of generating ZKPs and the costs required to push the related transactions to the L1/L2?
- ZKP Auction Mechanism Design
- Can we design auction mechanisms that can resolve the aforementioned issues in a universal way?
- Alternatively, are there more restrictive threat models under which robust auction mechanisms can be designed?
- Are some attacks inherent to all ZKP rollups?
- How can these be mitigated?
Although the above scope is broad and allows for flexibility in investigating the existing ZK-rollup landscape, the main areas of focus should be around how existing mainnet ZK-rollups deal with the problem of DDoS/spam transactions and the type of costs that they are expected to incur when they transition out of PoA. Desired formal analyses could include considerations around Data Availability (DA) costs, which are understood to fundamentally affect the costs of current rollup operations, but should focus mainly on answering the following broad yet fundamental question:
How can we ensure that ZK-rollup operators can provide cheap transaction fees to end-users without allowing for economic attacks on their operation?
Related Resources
- Transaction Fee Mechanism Design Literature
- https://arxiv.org/abs/2404.06495
- https://arxiv.org/abs/2111.03151
- https://arxiv.org/pdf/2106.01340
- https://eprint.iacr.org/2024/331.pdf
- Mainnet ZK-Rollup Implementations
- zkSync
- =Nil;
- Mina
- Aztec
- Taiko
- Scroll
- Starknet
- Gevolut
