Zero knowledge bridges are a business killer
Zero knowledge bridges are a business killer
But are they a killer business?
TL;DR
Zero-knowledge bridges will bypass existing infrastructure and unlock mountains of value in web3 - but getting there doesn’t just need technical innovation. We need to find the right funding model too.
Setting the scene
Bridges, the multichain future and Aperture Labs
At Aperture Labs we apply cutting-edge cryptography to solve the highest-impact problems for institutions and individuals. Formed in September 2022 on a web3 incubator, we share our prototypes, demos and research with the community. In that spirit, we’d like to share the current state of the bridging ecosystem, as an emerging application of zero-knowledge proofs.
Bridges are incredibly important for a multichain future, but they’re expensive, complex and insecure.
A new type of bridge powered by ZKPs - a ZK bridge - solves for these problems and will create new categories of value.
ZK bridges are “business killers”. Not only will they bypass existing infrastructure - they are tricky to finance.
⚠️ An aside for those who are unfamiliar with web3 and ZKPs - here are a couple of resources. See you at the other end of the rabbit hole!As Vitalik and others have argued, the future is multichain. There are powerful economic forces at play that sustain a rich ecosystem of competing L1s, and L1s are evolving to differentiate themselves by servicing particular needs. Regan Bozman from Lattice Capital gives a great explanation here. We call these independent ecosystems “zones of sovereignty”, and use this as a catch-all term for the rollups, applications and communities built on top of a particular L1.
Crossing between zones is as important - and painful - as crossing between nation states in the physical world.
Let’s say you own some BTC. What if…
…you want to use a dApp on Solana?
…you want to take advantage of the liquidity for wrapped bitcoin on Ethereum mainnet?
…you want to exploit an arbitrage opportunity between chains?
Then you need what all people need when crossing between zones of sovereignty - a bridge.
⬆️ The critical node (single point of failure?) linking your bitcoin to that NFT marketplace on Tezos ⬆️
Right now, most crypto users pick their own bridges, such as Hop or Connext, and manually transfer assets outside the user experience of any particular dApp.
But for convenience’s sake, dApps also implement their own bridges. After all, most people don’t have time to make educated decisions on which bridge is best! For example, SushiSwap enables cross-chain transactions by integrating with Stargate, built on top of LayerZero, and Metamask recently introduced cross-chain functionality. Which leads us onto one of the toughest problems in DeFi today…
It’s really tough to get bridging right
Bespoke integrations and bridge hacks
There are (at least) two big problems with bridging in 2022.
Bridges are bespoke so each new bridge introduces technical and financial risk.
Bridges face big security risks
As a product manager at a leading NFT marketplace told us,
“…bridges are currently one of the biggest vulnerabilities in the web3 space. They are also very complex and hard to maintain”
It’s bad for innovation in web3 when dApp developers are forced to spend time building and maintaining bespoke integrations with every chain - rather than expanding that dApp’s unique capabilities.
Very few developers are truly expert at building cross-chain infrastructure - especially given the inherent security risks. At time of writing, 5 of the top 7 crypto hacks in all history are hacks on bridges, accounting for >$2bn lost.
This isn’t surprising - traditional bridges in web3, much like bridges in the physical world, are single points of failure that control enormous value flows. Unlike a blockchain, which is secured by thousands of nodes, traditional bridges are often composed of just a few nodes and an n-of-m voting mechanic. This is why Ronin network, secured by just 5 nodes, was drained of over $600m in funds.
There are many ways to mitigate traditional bridge vulnerabilities, such as:
Posting a big bounty on ImmuneFi.
Increasing the number of nodes in your bridge.
Paying for more independent audits of your bridge.
But these tweaks just mitigate the problems associated with bridges, and the hacks keep coming. Wouldn’t it be easier if you could just get rid of the bridge and communicate between chains in some other way?
⬆️ He doesn’t need a traditional bridge and why should you? ⬆️
A radical solution for secure cross-chain messaging
Using zero-knowledge to reduce attack surface
What if you could remove a bridge but still communicate? What if, instead of relying on a small set of trusted nodes to relay information about the state of chain A to nodes on chain B, you could get rid of those nodes and establish direct chain-to-chain communication? This would reduce the attack surface that makes bridges so vulnerable. All you need to do is simply run a node for chain A in the execution environment of chain B and vice-versa. Voila, two way cross-chain communication!
Unfortunately it’s really, really hard to do that. It’s just not feasible given the constraints of a blockchain’s virtual machine, where computational resources are limited. Proving the state of chain A within the execution environment of chain B would be so expensive as to be practically useless.
That is, until recently.
In 2022, cryptographic innovations transform this theoretical exploration into a practical proposal for secure cross-chain communication. To understand why, we have to first understand that ZKPs enable a new form of communication between nodes in a network.
In particular, a ZKP can give one node the mathematical certainty that another node executed some computation F, without having to repeat all that computation themselves.
This is really important for a large and complex F, because it means that nodes can communicate trustlessly without one node having to repeat another’s complex computation. This is often called the “scalability” property of ZKPs (or SNARK), to contrast it from the related but separate “privacy” property (the “ZK” bit).
Conversely, this scalability property is really helpful in environments where computational resources are limited - for example, within the execution environment of a blockchain’s virtual machine.
⬆️ If a Game Boy Color can run DOOM, can the EVM verify the state of Solana? ⬆️
You can, at least in theory, create a ZKP that state consensus has been reached in chain A, send it to chain B, where nodes can efficiently verify this proof, and so directly access the state of chain A. Chain B still needs some relayer to create and forward the proof, but assuming the proof implementation is secure, there are no extra trust assumptions.
We call this kind of communication a ZK bridge. You can think of it as “cross-chain proof of consensus”. There are a few teams working on this currently, and we’ve taken particular inspiration from Succinct Labs, an offshoot of 0xPARC.
ZK bridges dramatically reduce the attack surface, preventing the kind of hack we saw on Ronin. By proving the state of chain A from within the execution environment of chain B, we remove the trusted nodes inbetween. If a hacker wants to attack the bridge, they have to attack the security of an entire chain (relatively hard), rather than just the security of a few nodes (relatively easy).
A caveat - this work is still theoretical and there are technical constraints preventing the widespread adoption of ZK bridges. Two key barriers are lengthy prover times and the difficulty of integrating with bespoke, chain-specific consensus mechanisms. However, the security benefit is enormous. We’re talking about dramatically improving the security of cross-chain communication, and thereby addressing the biggest security risk in all of crypto. In time, technical innovation on ZK bridges will deliver secure, generalised cross-chain messaging protocols, and we’ll see fewer crypto hacks in the headlines, propelling us towards the promised land of decentralised, trustless, secure communication.
Who’s going to pay?
ZK bridges don’t just need technical innovation - they need strong financing
There are two ways to pay for innovations in web3 - venture capital for hyperfast growth, or public goods financing via grants, retroactive funding and potential tokenisation.
Are ZK bridges suitable for venture capital? VCs seeking return on their investment are looking for a strong business model, but it’s not clear how to monetise cross-chain proof of consensus. For security’s sake, the ZK bridge would need to be as trustless and decentralised as possible, and to this end would require open-sourcing its code. This would make the margins on a fee extraction model razor thin (you may get away with a few years of outsize fee extraction before you get cloned, but the party would need to end at some point).
Without proprietary software to provide defensibility, you face perfect competition between ZK bridge clones, all forcing fees down and squeezing margins. This is great for consumers but not great for venture funds!
In fact, ZK bridges potentially will be so effective at communicating state cross-chain that they could make existing bridges (and associated profits) redundant. A ZK bridge effectively destroys the need for traditional bridges and so replaces a private good with a public good. This is why we’ve often heard ZKPs described as “business killers” - because they are productive forces of creative destruction.
Alternatively, you could treat a ZK bridge as a public good and finance it through grants and retroactive & quadratic public goods funding. As ever, ZK bridge builders could even tokenise the network of provers and verifiers, although this could place undue restrictions on the development team to navigate the murky legal waters of tokenisation and securities law.
We’re not sure what the answer is, but we think about it a lot.
Do you? We’d love to chat.