The long-awaited transfer of Ethereum from Proof of Work (PoW) to Proof of Stake (PoS) finally came to an end on September 15. At that time, PoW miners who had contributed years of computing power to the development of Ethereum were also out of work.
According to whattomine data, the computing power of the whole Ethereum network still stood at 840 Th/s on September 14, and more than one million mining machines were still operating on the eve of the Ethereum merge, most of which were GPU mining machines. Although these mining machines can no longer mine Ethereum, this does not mean that they are leaving the industry. Apart from selling the equipment, there may be several ways out, including:
• Switching to other public chain projects that support GPU mining such as ETC
• Participating in other Web3 protocols to provide computing power
• Transforming into a data center operator
• ZK mining
Among them, ZK mining, once a relatively marginal solution, has gradually grabbed people’s attention. ZK mining refers to the method in which machines calculate Zero-Knowledge Proofs by providing computing power based on the Zero-Knowledge Proofs (ZKP) algorithm. According to Hardware Acceleration for Zero Knowledge Proofs published by Paradigm this year, the importance of ZK mining was highly rated, and the opportunity for ZK miners/provers could be of similar size to the Proof of Work mining market. Several scenarios of ZK mining include decentralized storage, L1 public chain, L2 scaling, etc. This article will list these scenarios, including the basic principles and the latest status of the representative projects.
Decentralized storage - Filecoin
Filecoin announced the introduction of GPU solutions for ZKPs as early as the testnet stage in 2019, and has been using zk-SNARKs on the mainnet since 2021. The team, Protocol Labs, even dedicated itself to developing the technology and has launched a research site called zk-SNARKs for the World that reviewed the work done to implement ZK cryptography on the Filecoin network. They claimed that Filecoin is one of the largest networks that have deployed zk-SNARKs to date. Filecoin generates 6 million to 7 million zk proofs per day, mostly using GPUs to generate proofs in parallel.
Both Proof of Replication (PoRep) and Proof of Spacetime (PoSt) in Filecoin's Proof of Storage Mechanism use zk-SNARKs for compression. Storage miners run the PoRep when the first storage transaction occurs, proving that they store a physically unique copy of the data, and each on-chain PoRep includes 10 separate SNARKs proofs. By comparison, PoSt is run repeatedly to prove that they continue to provide storage space for the same data over a period of time, and the final stage of PoSt compresses these proofs into a single zk-SNARK proof.
Source: https://research.protocol.ai/
While the process of creating zk-SNARKs for Filecoin is computationally expensive, it effectively saves costs associated with block storage and network bandwidth. Compared to original proofs, zk-SNARKs are small, allowing them to be efficiently stored in the blockchain. For example, a proof that would take hundreds of KB on the Filecoin chain can be compressed to only 192 bytes using zk-SNARKs. With the help of zk-SNARKs, each proof can be kept small and valid, which minimizes the storage pressure on each node in the Filecoin network, avoids taking up a lot of network bandwidth, and allows validators to complete the verification process quickly and cheaply.
In April 2022, the team announced Lurk, a programming language for recursive zk-SNARKs that supports the development of the Filecoin protocol in a variety of ways. For example, the integration of Lurk with the Filecoin Virtual Machine (FVM) enables the Filecoin network to run smart contracts that can be proved using zk-SNARKs.
It is easy to find out that zk-SNARKs will play a more important role in the Filecoin network. As they say in their blog, “Zero knowledge has long been part of the Filecoin network, and it will continue to prove vital to the evolution of the network in the future. As more and more data is stored, maintained, and accessed on Filecoin, the ecosystem needs to continue delivering efficient, cost-effective, and secure solutions to verifying. Zero knowledge is a game-changer for the Filecoin network, reducing complex verification processes to fractions of their original size without compromising security, trust, or confidence.”
L1 public chain - Aleo
Aleo is positioned as a privacy-based Layer 1 public chain that supports smart contracts. Through the off-chain, trust-free execution environment zkCloud, it separates the program execution and state maintenance of traditional blockchains and improves transaction throughput, meeting the privacy and programmability requirements of the blockchain. On-chain validators are responsible for verifying and generating blocks, and off-chain provers are responsible for computing. This design incentivizes validators to stay vigorous by producing blocks and also provers to provide proof capabilities for the Aleo ecosystem. Since Aleo transactions are processed off-chain, network nodes do not perform computations, and are only responsible for verification, which enables Aleo to support larger transaction volumes. In a way, we can compare Aleo's design to the integration of Ethereum and zkRollup. To apply privacy to any application, Aleo provides the corresponding infrastructure and tools to write ZK applications. In addition to the specific ZK solution Zexe, it also includes the programming language Leo for writing ZK applications, the IDE tool Aleo Studio, Aleo Package Manager, and more.
In August 2022, Aleo started Testnet 3 and announced AleoBFT, a hybrid architecture consensus model that combines the instant certainty of new blocks from the validators with the computing power of the prover. Under the consensus model of this hybrid architecture, the prover needs to solve the core components of ZKPs on the network, namely Multi-scalar Multiplication (MSM) and Fast Fourier Transform (FFT), and generate a Proof of Succinct Work (PoSW) to be submitted to PoS stakers in exchange for a portion of the reward in each block, which is somewhat like the relationship between the execution layer and the consensus layer after the Ethereum PoS upgrade. PoSW is a consensus protocol specific to Aleo, which is a variant of the Bitcoin PoW algorithm based on SNARK. The key difference is that the underlying computation is not an arbitrary hash function, but a ZKP. The reward that the prover can get depends on the speed of generating the proofs. The more ZKPs the prover can generate per second, the more rewards he can get.
As an open platform, Aleo has attracted more than 10,000 nodes on Testnet 2, generating up to 20,000 proofs per second. On Aleo Testnet 3, developers are encouraged to develop faster GPU proof programs and make them open source, so GPUs will play a more important role.
L2 Scaling - Scroll
Scroll is a zkRollup, the equivalent of EVM, which is designed to scale Ethereum. Scroll is compatible with EVM to support the generation of ZKPs, and Ethereum smart contracts can be deployed and run directly without modification. In the technical architecture of Scroll, the three main components are Scroll Node, Roller Network, and Rollup/Bridge Contracts. Among them, Rollup/Bridge Contracts are deployed on Ethereum and Scroll to verify zkEVM validity proofs, provide data availability for Scroll transactions and allow users to move assets between Ethereum and Scroll. The Rollers in the Roller Network act as provers in the network to generate zkEVM validity proofs and submit them to the Roller Network. The Coordinator serves as the coordinator, distributing tasks to the Roller Network and passing the transaction information and the proofs returned by the Roller Network to the Rollup contract of Ethereum.
According to the operation principle of zkRollup, there is a Sequencer, which is responsible for collecting transactions, and sorting, packaging, and publishing them to Ethereum, and then the Prover will generate proofs for these transactions. These transactions are finally confirmed only after the proof is submitted and verified. The current mainstream zkRollups such as zkSync and StarkWare's Sequencer and Prover are centralized, that is, in the hands of the project party. An important difference between Scroll and other zkRollups is that the former hopes to create a proof market through a decentralized network, that is, the Roller in the Roller Network can be outsourced to miners who provide machines such as GPUs, FPGAs, and ASICs. In the context of market competition, the decentralized computing power market is likely to give birth to things like Bitcoin or Ethereum mining pools, and capable developers/mining pools will optimize various algorithms to improve the efficiency of generating proofs and reduce costs so that they can obtain more rewards. Ordinary miners directly access such mining pools and receive rewards based on the computing power they’ve contributed.
At present, Scroll is still in the testnet stage, but it has attracted considerable attention from the market. The Scroll team also worked with the Privacy & Scaling Explorations team at the Ethereum Foundation to explore this area.
The potential scale of ZK mining
Here we have a preliminary analysis of these possible solutions for the Ethereum mining machines, and a rough guess of how much Ethereum computing power each approach might attract, including the potential scale of ZK mining.
As the original chain of Ethereum, ETC can seamlessly support ETH mining machines. However, the computing power of the ETC accounted for less than 10% of ETH on September 14. After the merge of Ethereum, the computing power of ETC exceeded 300T, but the price of ETC did not increase synchronously. The mining profit of miners plummeted, and computing power also began to decline. Even with other GPU-enabled projects and the emergence of ETH fork projects, the amount of new computing power they can absorb is quite limited.
Projects that require GPU computing power are constantly growing, such as Livepeer Network (a decentralized video streaming service network that provides video transcoding services), Render Network (a decentralized GPU rendering solution provider), and Akash (a GPU cloud computing platform), but the demand for computing power has not seen explosive growth. An influx of large-scale GPU computing power from Ethereum mining machines will probably cause an oversupply.
As for ZK mining, among the listed decentralized storage, L1 public chain and L2 scaling, Filecoin storage is most likely to absorb GPUs and other machines. However, Filecoin mining requires more hardware than just GPUs. It also requires machines like storage servers. For Ethereum miners to switch from Ethereum to Filecoin mining, they need to invest in other machines for the corresponding hardware and architecture design. Although ZK mining has great potential in L1 public chain and L2 scaling, related projects are still in the testing stage, and many projects are not open to GPU miners. In other words, the ZKPs are mainly generated by the server controlled by the project team. Among projects that are open to GPUs, Aleo is still in its infancy, and the rewards from testnet mining cannot be transferred yet, which is somewhat another form of early investment. Scroll is also in the testing stage, and there have been no testing\mining events with rewards.
Therefore, for a period of time after the Ethereum merge, most of the Ethereum mining machines may stay idle or be sold. As tracked by Tom's Hardware website, GPU prices have continued to fall in the past six months, which also reflects the selling pressure of Ethereum mining machines on the secondary market. Recently, Nvidia’s CFO also stated that the price of GPUs has almost dropped to normal, putting an end to the boom that once resulted in the short supply of GPUs due to Ethereum mining.
However, it is believed that with the development of ZK technology, major ZK-related projects will go live one after another, and the computing power required by ZK will see explosive growth. As Vitalik notes in his blog, "Type 1 ZK-EVMs are what we ultimately need to make Ethereum Layer 1 itself more scalable", and ZK-EVM, the equivalent of Ethereum, is believed to require quite a lot of computing power to provide ZKPs. Perhaps one day, Ethereum mining machines will stage a comeback and return to Ethereum mining, and the difference is that they will no longer generate random numbers, but ZKPs.
Reference:
Hardware Acceleration for Zero Knowledge Proofs, https://www.paradigm.xyz/2022/04/zk-hardware
Zero Knowledge and the Filecoin Network, https://filecoin.io/blog/posts/zero-knowledge-and-the-filecoin-network/
Introducing Lurk: A programming language for recursive zk-SNARKs, https://filecoin.io/blog/posts/introducing-lurk-a-programming-language-for-recursive-zk-snarks/
The Future of Zero Knowledge with Aleo, https://www.aleo.org/post/the-future-of-zero-knowledge-with-aleo
Announcing Aleo Testnet 3, https://www.aleo.org/post/announcing-testnet-3
An overview of Scroll's architecture, https://scroll.mirror.xyz/nDAbJbSIJdQIWqp9kn8J0MVS4s6pYBwHmK7keidQs-k
The different types of ZK-EVMs, https://vitalik.eth.limo/general/2022/08/04/zkevm.html