Skip to main content

Introduction

A zero-knowledge proof is a method by which one party (the prover) can prove to another party (the verifier) that a given statement is true without conveying any additional information apart from the fact that the statement is indeed true. It is used by privacy-preserving chains like Zcash and Aleo, layer-2 scaling solutions like ZKSync and StarkNet and applications like Filecoin and Semaphore.

The generation of ZK proofs involve intensive computations with the bottlenecks usually being Fast Fourier Transforms (FFTs) and multi-scalar multiplications (MSMs). Research into new algorithms have made such computations more efficient. However, proof generation for a block in a ZK rollup still takes between 10 to 20 minutes while sending a privacy-preserving transaction can take above a minute due to the time it takes to generate the proof in a local wallet or browser.

Hardware acceleration

Proof generation can be further optimized by using hardware optimized for ZK computations - GPUs, FPGAs and ASICs. FPGAs are cheaper and more energy efficient than GPUs. ASICs, on the other hand, are expensive to develop and are less flexible than FPGAs as they need expensive development cycles for every individual ZKP logic designs which themselves are at a nasccent stage right now.

The Marlin network consists of nodes which provide FPGAs to which ZK proof generations can be outsourced. A scheduler running inside an Oyster delegates requests it receives from clients to nodes registered with it. Responses are similarly sent back to clients once the proof is generated by the node. Since Marlin nodes also feature enclaves (see Oyster), secrets that otherwise can't be shared publicly in ZK computations can be shared with third-party nodes in the Marlin network.

Use cases

As generation of ZK proofs are computation intensive and time consuming, applications that aim to be user-friendly benefit by outsourcing them to external hardware suited for such tasks instead of generating them locally in the user's device. Some obvious use cases are:

(i) Mobile wallets: Mobile wallets that use ZK proofs for transactions can benefit by outsourcing the generation of proofs so as to not overload the device (ii) ZK rollups: Since sequencers in ZK rollups might not have the best hardware for generation of ZK proofs, time and cost of proof generation can be minimized by time-sharing common outsourced infrastructure