Blockchains will be the bedrock of financial transactions, we’re increasingly convinced. In a recent poll commissioned by my company, StarkWare Industries, some 53% of American respondents agreed that “cryptocurrency will be the future of finance.” The figure was almost 70% for the 25 to 34 age group.
But blockchains can’t cope with demand, which means they are slow and there are high gas fees. We’re hitting the ceiling on how much these decentralized networks can process. The solution is to reduce the amount of work that the computers – or “nodes” –of the blockchain need to perform for each transaction.
That’s really easy to do if we compromise on some of the founding values of blockchain. Yet it’s exceedingly difficult if we hold tight to them.
Algebra hits the headlines
The last week has been surreal for me. The algebra research I conducted years ago with other computer scientists is suddenly the basis of an $8 billion business, which is the biggest “layer 2” scaling solution for Ethereum., a company of just 80 people, just received this valuation in a Series D investment round. When people asked my reaction to this figure, they were bemused by my response. “We expected you to talk crypto, and instead you’ve floated off into philosophy,” laughed one friend.
I’d said the following to provoke this reaction. The great C. S. Lewis said that integrity is “doing the right thing, even when no one is watching.” Imagine if the world operated on this principle! It does on a tiny scale – on blockchain, where every node is watching everything.
For the last five years, I’ve been working with my old college friend Uri Kolodny, StarkWare’s CEO, and a talented team, to enable blockchain to do this on a big enough scale for the whole world to use it. This is not just about enabling transactions; it’s about delivering integrity. That’s why Lewis’ quote has become my company’s unofficial motto.
Different routes to scale
There are various options for creating scale. Let’s consider a couple of them before looking further at the algebra-based approach that I and others have taken.
One is to take some of the strain off the nodes of a well-established blockchain like Ethereum by diverting traffic to lots of connected networks called sidechains. This is an attractive idea in principle, but in practice, something valuable is lost.
Once you leave Ethereum for a sidechain, you also exit its robust security perimeter, overseen by a large number of nodes. Each and every sidechain decides and enforces its own security protocol, which is inevitably overseen by fewer nodes than Ethereum – the equivalent of an under-policed neighborhood.
Blockchain scaling: Chips
Another seemingly attractive solution has a major security drawback. Chips called TEEs (Trusted Execution Environments) could outsource much of the computation currently performed by blockchains, as proposed by some companies and academics. Such chips can spit out a signed key that is written to the chain, concisely attesting that all computation done on the chip, off the blockchain, has been performed correctly.
Yet even the most secure of chips are at risk of being hacked, as a long list of breaches testifies. They include a weakness in Infineon’s “unhackable” SLE66 CL PE chip in 2010, and the identification in 2020 of flaws in the Intel Software Guard Extensions, which supposedly created enclaves, the contents of which aren’t supposed to be readable beyond the enclave.
Returning to my opening assertion, we urgently need to reduce the burden we’re inflicting per transaction on blockchain nodes in order to make crypto mainstream. But as we’re starting to see, a road paved with good intentions can lead to hell.
I feel we have a single overwhelming obligation to the billions who will entrust blockchain with their money, other assets, data and more. It’s to scale using the most objective and uncontested definition of truth – that given by math. I want a reality whereby you just can’t cheat the system any more than you can argue with the mathematical fact that 1+1=2.
Using math to scale
Talking about proofs sounds abstract, so let’s be more specific. They are protocols designed to convince anyone who observes them that computations were done the right way, even when no one was watching. This is much like a geometry proof convinces us that two triangles are the same. But, in sharp contrast to the proofs we used in high school, our proofs are easy for computers to check. In fact, using the same computational effort that would be used to mint a single NFT directly on Ethereum, proof-based technology mints tens of thousands.
We’re living through a Cambrian explosion of mathematical proof systems, with SNARKs, BulletProofs, PLONKs and Halos being tested and deployed on blockchains. The system that I co-invented, STARK, requires the prover to submit a proof that is an annotated log of the computation performed, to attest to the integrity of many transactions.
A lean piece of software, the verifier, now checks that the computation is valid, but without any need to repeat the computation conducted by the prover, nor to read the submitted log. Rather, the verifier conducts random sampling of entries from that log and the number patterns in those samples provide all the information that is needed to ascertain computational integrity.
Blockchain scaling: Valid computation
If the computation is valid, and only if it is valid, the verifier will deem the proof legitimate and agree to accept the transactions to the blockchain. There can be hundreds of thousands of transactions “rolled up” into a single proof of 80 kilobytes — far less than the size of a smartphone photo — before it is added to the blockchain.
There is no hardware that can be hacked, just peer-reviewed and publicly scrutinized math and its implementation in publicly-available software code. This software alone verifies the proof, and it is the only thing needed to enforce integrity at a huge scale, by simple means.
There’s no question that blockchain will become more widespread. But there’s a big question regarding how it will look tomorrow. Will it reflect the founding vision well? Or will it make huge compromises to become mainstream?
My belief is that we can stick to our original guns, and have scale. Or as I like to put it, we can have our crypto cake and eat it too.
What is more, build a scaling system on math and you don’t just make it super-secure for today, but also for tomorrow. Because computers will advance, and perhaps even evolve to harness quantum phenomena that would break many prevailing encryption schemes. Quality cryptographic systems like STARK’s will have enduring validity just as surely as Pi will remain (to cite just the first 10 digits) 3.1415926535. They have the power to deliver integrity today – and for future generations.
About the author
Eli Ben-Sasson is a co-inventor of the STARK, FRI and Zerocash protocols and a Founding Scientist of the Zcash Company. Over the years he held research positions at the Institute for Advanced Study at Princeton, Harvard and MIT, and, most recently, was a Professor of CS at the Technion-Israel Institute of Technology. He left this post to co-found StarkWare. Today he leads the company, as President, together with co-founder and CEO Uri Kolodny.
The postappeared first on .