https://zerosync.org

ZeroSync | Bitcoin ProofsZeroSync | Bitcoin Proofs State Proofs Developer Toolkit Tech Stack About Roadmap Demo Scaling Decentralization. ZeroSync is spearheading the development of proof systems for Bitcoin. Applying groundbreaking cryptography, we are pioneering the future of Bitcoin scalability, interoperability, and privacy. Learn More Proof Systems Introducing a game-changing compression technique. Succinct zero-knowledge proofs (ZKP) promise a paradigm shift in blockchain scalability and privacy. While considerable engineering effort is underway in the Ethereum community to apply this technology, no similar investment has yet been made for the Bitcoin network. Therefore, ZeroSync was created to bring these proof systems to Bitcoin for the first time. Proving hundreds of gigabytes of blockchain history is computationally expensive, but this compression results in a very compact proof. Once a proof is generated, an arbitrary number of nodes in the network can use it to sync with the network instantly. Proofs are succinct, regardless of the growing size of the chain. When the next block is mined, any prover can incrementally extend the previous state proof. Proof systems play together well with Bitcoin's immutability. They allow to compress the chain and augment it with additional data structures, such as a UTXO set commitment, without requiring any consensus changes. Users can decide individually if they use a proof or conventional bootstrapping. ZKP systems offer great flexibility on top of Bitcoin's rigid base layer and introduce a range of novel applications for exploration. State Proof Demo ZeroSync's Mission Pioneering the Adoption of Proof Systems in the Bitcoin Ecosystem. At ZeroSync, our mission is to catalyze the use of proof systems in the Bitcoin ecosystem to improve scalability, accessibility, and privacy. Our main activities are: Creating a proof system to sync Bitcoin's chain state instantly. Additionally, a toolkit for developers to enhance existing protocols, applications, and services with ZKPs. Building a community around Bitcoin proofs by presenting the tech at conferences, by providing resources to get people engaged, and by collaborating with other projects in the space. Working towards the eventual integration of a ZKP verifier into the main layer of Bitcoin. State Proofs Sync a node instantly, without having to download hundreds of gigabytes of blockchain data. Implementing a chain state proof is highly complex, so we are rolling it out in three consecutive stages. As of today, we have completed prototypes for the first two of them. 1. The Header Chain Proof Similar to an SPV light client, the headers state proof verifies only the block headers, the proof of work, and the difficulty adjustments. Additionally, it augments the header chain with a Merkle tree over all block headers, which enables succinct proofs of inclusion for all blocks and transactions. This state proof is relatively simple, lightweight, and cheap to compute. It will be the first of our proofs to become production-ready. 2. The Assumevalid State Proof Mimics the assumevalid option of Bitcoin Core. It verifies all Bitcoin consensus rules except for the transaction signatures. More precisely: All witness data is assumed to be valid. Additionally, this proof uses Utreexo to augment the chain with a UTXO set commitment. The team completed an initial prototype of this state proof in February 2023. 3. The Full State Proof Verifies all Bitcoin consensus rules, including all witness data. Based on the assumevalid state proof, it also verifies all witness data. This is the most costly proof in terms of computation and it requires significant optimizations of the prover to become feasible. It will be the last to become production-ready. Our first major application will be to broadcast state proofs from space via the Blockstream Satellite, for everyone to instantly sync the Bitcoin blockchain almost anywhere on earth. Developer Toolkit Enabling a next-generation ecosystem with powerful tools for Bitcoin developers to apply zero-knowledge proofs to their own products and services. The ZeroSync Developer Toolkit (ZDK) allows developers with minimal domain expertise to integrate proof systems into the existing Bitcoin ecosystem. This enables a zk layer on top of Bitcoin. The following examples give an idea of the novel design space. Light clients: Currently, many Bitcoin apps are based on servers providing the chain data to clients in a trusted fashion. Bitcoin proofs enable client-server models that require no trust, while adding only minimal overhead on the client-side, which is ideal for mobile devices and web applications. Flexible database: Proofs can transform or filter the blockchain data, and create indexes to query it efficiently. For example, they can augment the chain with Compact Block Filters, which increases the privacy of light clients. Another idea is to filter for unilateral payment channel closes, such that Lightning nodes can skip most of the chain. Attestations: ZKPs allow arbitrarily complex statements to be made over UTXO state and history, including the selective hiding of information. For example, a Bitcoin exchange can prove its solvency to all its customers without ever revealing any balances or transaction history. Proofs are composable: For example, the full state proof is the same for everyone, but it can be easily extended, which makes custom state proofs cheap. For example, a custom proof could additionally provide the average transaction fee of the latest blocks. Lightning privacy: ZKPs can probably help enhance the privacy of payment routing in the Lightning Network. Currently, the gossip network requires channels to be public, but ZKPs could enable private routing channels. Layer-2: Transaction history compression for client-side validation protocols such as Taro and RGB, as well as for embedded consensus protocols such as Omni Layer or Counterparty, or Ordinals. Furthermore, ZKPs can add best-in-class privacy by obfuscating both the transaction values and the graphs. Interoperability: Trust-reduced cross-chain bridges from BTC to foreign chains. Also trustless pegs for assets from foreign chains to assets on Bitcoin. Domain name system: Proofs enable an efficient decentralized domain name system, which solves many flaws of previous designs. Sell data: Proofs can be sold using Zero-Knowledge Contingent Payments. This also works well on the Lightning Network. It might be possible to further develop it into a data layer protocol which offers an incentive for servers to provide light clients with chain data and proofs. More generally, this toolkit can be used to develop more sophisticated off-chain applications, with improved scalability, usability, and privacy. pip install zerosync The toolkit is still early-stage and experimental, but you can already integrate our Bitcoin Cairo library into your own project using the Python package manager. Long-term Vision ZeroSync catalyses the process of adding ZKP systems to Bitcoin's main layer. A proof verifier on Bitcoin enables a variety of powerful new features such as validity rollups, trustless two-way pegs, or perfect transaction privacy. Our works on off-state proofs aim to explore this design space and help develop tools and best practices for future on-chain proofs. A good candidate could be a STARK verifier written in Simplicity, if/when it is activated on Bitcoin. Experimenting with STARKs in Simplicity might be possible on the Liquid sidechain soon. Tech Stack ZeroSync is based entirely on free and open-source software. STARKs and the Cairo Language ZeroSync is based on STARK proofs, which are are relatively simple in comparison to other proof systems. STARKs rely only on hash functions and polynomials. No novel cryptographic assumptions are required. And most importantly, there is no trusted setup. To implement Bitcoin proofs we are using the Cairo language created by StarkWare. We are working closely together with the developers of all STARK tools underlying ZeroSync. read more We are using Giza, a free and open source STARK prover and verifier, based on Winterfell To generate proofs on consumer devices we're using MiniSTARK, a GPU-accelerated prover In the long-term, we might switch to StarkWare's open source StarkNet prover when it is published ZeroSync Cairo Codebase Our Cairo code base is available on GitHub, and offers various modules such as a Bitcoin library implementing the consensus rules an Utreexo implementation for UTXO set commitments a recursive STARK verifier for incrementally verifiable computation “After years of frustration about slow syncing, users will be able to sync with the network much faster, and with less computation. It’s a technological leap akin to the transition from slow dial-up internet to high-speed broadband” — Eli Ben-Sasson STARKs co-inventor and StarkWare president “ZeroSync is first of its kind in the Bitcoin space, compressing the chain and producing proofs about processing its state in a light client manner today and as a full node in the future, enabling new ways to interact with Bitcoin. It’s an ambitious project which is led by a motivated and smart team that I had the luck to see take it from an idea that seemed extremely hard to a reality.” — Kobi Gurkan Head of Research at Geometry “ZeroSync is an amazing project tackling this design space.” — Olaoluwa Osuntokun CTO and Co-Founder at Lightning Labs About We are a Swiss nonprofit organization developing public goods. Board The ZeroSync Association, based in the Swiss canton of Zug, is governed by a board represented as a multi-signature wallet with key holders who have earned a strong reputation in the field of Bitcoin or ZKP systems. The key holders' names are not public as a security measure and to preserve their privacy. If you consider sponsoring ZeroSync, they can contact you to reveal their identities. Core Contributors Robin Linus, Lukas George, Tino Steffens, Max Gillett, Andrew Milson Sponsors ZeroSync development is sponsored by research grants from Partners ZeroSync collaborates in projects with various industry partners Media Learn more about STARKs on Bitcoin Publications and Articles A selection of publications and articles about the technology and the project. Research paper ZeroSync: Introducing Validity Proofs to Bitcoin Geometry Notebook: Introduction to ZeroSync ZeroSync and Blockstream to Broadcast Bitcoin Zero-Knowledge Proofs From Space - CoinDesk Zero-knowledge proofs coming to Bitcoin, overhauling network state validation - CoinTelegraph Tested on Ethereum, StarkWare’s Zero-Knowledge Proofs Are Now Live on Bitcoin - Decrypt Bitcoin Nodes Now One Step Closer To Instant Sync - Bitcoin Magazine Bitcoin’s first zero-knowledge light client seeks to drive innovation - Blockworks ZeroSync implements first Stark-based ZK client for Bitcoin - The Block Presentations and Podcasts Newly Formed ZeroSync Association Brings Zero-Knowledge Proofs to Bitcoin - Interview with CoinDesk Andrew Milson’s talk on Provers for Consumers at StarkWare Sessions 2023, Tel Aviv Olaoluwa Osuntokun's talk on STARKs on Bitcoin: From Outside In at StarkWare Sessions 2023, Tel Aviv Lukas George and Robin Linus on Blockstream Talk ZeroSync & Blockstream Satellite Presentation Zero-Knowledge Proofs for Bitcoin at MIT Bitcoin Expo 2023, Cambridge MA Presentation Building a Zero Knowledge Proof System for Bitcoins at Bitcoin Builders 2023, Miami Robin Linus' presentation Introducing Validity Proofs to Bitcoin at Bitcoin 2023, Miami Lukas George and Robin Linus on the Bitcoin Optech Recap about our research paper Stephan Livera Podcast ZeroSync: Speeding up Bitcoin IBD Robin Linus on the Bitcoin Optech Recap about the Some Day Peg Presentation Bitcoin STARKs at StarknetCC 2023, Paris Online presentation zkCoins: A novel token protocol with strong privacy and scalability at BTC Startup Lab Can the Bitcoin Blockchain be compressed from 600GB down to a few MBs? Interview with Bitcoin News Roadmap Heading to production-grade Bitcoin proofs. Our prototype is a strong indicator of the technical feasibility of a Bitcoin proof system. Now we want to bring this technology into the real world. Improve Prover Performance The fundamental bottleneck is the prover performance. Significant optimizations are required. read more Switch to the cairo-rs runner, which is much faster because it is written in Rust, in comparison to the runner we're currently using, which is written in Python. Use a STARK-friendly hash function for the recursive verifier Implement Cairo builtins for sha256 and secp256k1. Also implement remaining builtins for bitwise, pedersen, ecdsa, ec_op Use the Goldilocks Field to save memory and improve performance Complete Bitcoin Consensus We still have to implement some remaining Bitcoin consensus rules. read more The sighashes (ALL, NONE, SINGLE, ANYONECANPAY, ... ) A script interpreter (implement all opcodes) All payment types, Legacy: p2pk, p2pkh, p2sh, SegWit: p2wpkh, p2wsh, Taproot: p2tr; key path & script path spend Schnorr signature verification Security Hardening Applying best practices to ensure the security of the proof system. read more Do plenty of automated testing. E.g., use all static test vectors from Bitcoin Core. Also add fuzzing Hire externals to perform code reviews and security audits Run a public bug bounty program Integration into the Ecosystem Gradually rolling out the proof system for real-world use cases. read more Integrate the header chain into a light client like Neutrino. Integrate a full state proof into btcd or Electrum Build a tool to sync a Bitcoin Core full node. Running a zerosync'd full node requires no modification of the code of Bitcoin Core. We just copy the UTXO set into Core's chainstate directory after verifying it. Ideally, this is combined with the new AssumeUTXO mode to sync instantly, while still having a backup check for the state proof. Define a set of new network messages for Bitcoin's peer-to-peer network to share state proofs among nodes. History Growing from an idea into reality. In February 2022, Lukas George started STARK relay, his bachelor's thesis at Technical University of Berlin, in which he implemented and benchmarked a first basic proof of Bitcoin's header chain. Geometry offered a research grant to fund the initial development. In July 2022, Robin Linus joined as project lead and together they founded ZeroSync to implement a full state proof. Ruben Somsen gave the project its name ZeroSync. In September 2022, Max Gillett, who developed the Giza prover, joined the team to help implement a STARK verifier in Cairo for proof recursion. In February 2023, they completed their first major milestone, a basic prototype of a recursive state proof that verifies all Bitcoin consensus rules except for the witness data. In March 2023, Giacomo Zucco, who co-authored the RGB protocol with Peter Todd, helped them found the ZeroSync Association in Switzerland to grow now into a long-term project. StarkWare's open-source initiative, OnlyDust, also offered a research grant to sponsor the development. In June 2023, Andrew Milson, who developed the miniSTARK prover, joined the team to help optimize the prover performance and complete a production-ready chain proof. In July 2023, ZeroSync received a research grant from OpenSats. In September 2023, the team completed a header chain proof, enabling Bitcoin's first zk-client. ZeroSync | 6300 Zug | Switzerland1728334861https://zerosync.org

Edit your site?

What are you doing?