Plasma + zk-SNARKs: A New Approach to Ethereum Scalability?

Author: dt, DODO Research; 0xNing0x, Senior Researcher at EMC Fund

Last week, Ethereum founder Vitalik (hereinafter referred to as "V") published his latest article on Twitter titled "Exit games for EVM validiums: the return of Plasma." The article focuses on introducing Plasma scaling technology and aims to guide the increasingly marginalized Plasma scaling solutions to combine with ZK zero-knowledge proofs. Following the release of this article, many projects related to Plasma technology saw significant increases, bringing this technology, which had gradually faded from the public eye due to Rollup, back into the competitive landscape of Ethereum scaling.

This week's CryptoSnap allows DODO Research X NingNing (@0xNing0x) to explain Plasma in the simplest way and clarify what V's latest article expresses!

What is Plasma?

The scalability issue has always been a key research focus for blockchain developers. To achieve the goal of a decentralized world computer, creating a cheap and fast blockchain is essential. Various scaling solutions have emerged around the Ethereum mainnet, with Plasma once being a mainstream scaling solution for Ethereum.

Plasma can be simply understood as a chain built on the Ethereum mainnet, controlling the interaction of funds between the mainnet and the Plasma chain through smart contracts. Unlike sidechains (BNB Chain, Gnosis Chain), the Plasma chain needs to periodically return the final state of the chain to the Ethereum mainnet. In contrast to Rollup technology, the Plasma chain does not return the transaction data of the entire chain but only returns the root of the Merkle tree, which represents the state on the Plasma chain.

Source: https://learnblockchain.cn/2018/10/20/plasma-framework

Exit Game Security Mechanism

Since computation does not occur on the mainnet, the Plasma chain can greatly enhance the overall scalability of the network and has a relatively secure verification mechanism to prevent malicious actors. Speaking of security, we must mention the "Exit game" mechanism described in V's title, which is the security "exit game" mechanism of the Plasma chain.

In the design of the Plasma framework, security is protected by its exit mechanism. When a user wants to return to the mainnet or believes that the Plasma chain is under attack, the user can propose an "exit" to the Plasma contract on the mainnet and provide proof. If there are no challengers to contest the "exit" within a seven-day challenge period, the user can successfully retrieve their assets on the mainnet. Conversely, if the exit is successfully challenged, it fails, and the malicious user must bear the corresponding penalty.

Common types of attacks include the following three:

• Immediate exit after sending a transaction (Not latest owner): This attack refers to a user who, after sending a transfer transaction, immediately exits their assets during the challenge period. This is invalid because the latest asset owner should be the recipient of the transaction, and the network can challenge this exit, proving that the asset has been transferred to someone else.
• Double spend attack: A double spend attack refers to the same asset being illegally spent two or more times. For example, Alice transfers 1 token to Bob and then transfers the same token to Charlie. The network can detect that this token has been double-spent, allowing it to challenge this illegal transfer.
• Invalid transaction history: This indicates that an illegal state transition has been detected in the asset transaction history, such as the presence of unspent transaction outputs. Users can respond to this challenge by providing the corresponding proof of consumption.

Plasma Cash

Next, V introduces the project Plasma Cash, which uses the Plasma framework. In Plasma Cash, each token deposited by users is treated as an NFT, with each NFT having a transaction history recorded in the form of a Merkle tree. However, due to the unique and indivisible nature of NFTs, the use cases for Plasma Cash are limited to specific transfer purposes. This led to the emergence of an improved version based on the UTXO model, which can solve the problem of indivisibility in the original NFT transfer design of Plasma Cash, aiding the development of the payment field but also making it difficult to interact with smart contracts.

Source: https://vitalik.ca/general/2023/11/14/neoplasma.html

Technical Bottlenecks of Plasma

The current technical bottleneck of Plasma is the difficulty in implementing EVM. Many state objects in EVM contracts do not have a clear "owner," which contradicts the security model of Plasma. The Plasma exit mechanism requires that each state object has a clear owner who is responsible for monitoring the data of that state object and, if necessary, executing an exit to protect asset security. However, in EVM contracts, many state objects do not have a clear owner. For example, liquidity pools in Uniswap or MakerDAO CDP positions do not have a single owner. In such cases, if there are issues with the Plasma chain, the following situations may arise:

• No owner to execute a state exit, and the state may be permanently locked on the Plasma chain.
• Even if external parties can initiate an exit, Exit Game attacks are likely to occur, posing significant risks.
• Complex state contracts are difficult to verify.

Plasma + ZK-SNARKs

Regarding the technical bottlenecks currently faced by Plasma, V responded that if the mature validity proof technology (zk-SNARKs) could be combined, it would effectively address some of the bottlenecks. Specifically, this can be divided into the following five points:

1. zk-SNARKs can prove the validity of Plasma blocks on the main chain, reducing reliance on the exit mechanism.
2. Immediate withdrawals of assets on the Plasma chain can be realized, eliminating the seven-day fraud proof challenge period and reducing chain reorganization issues.
3. A parallel UTXO structure representing EVM states can be constructed, with zk-SNARKs proving its equivalence, avoiding some issues of EVM.
4. Using zk-SNARKs will significantly reduce the amount of state data users need to verify and store, optimizing user experience.
5. For smart contracts where it is difficult to define ownership, if key parts can be split into verifiable objects, some security guarantees can also be obtained.

Although these methods still cannot cover all complex EVM contracts, with the further development of ZK technology and the ongoing exploration of the design space of Plasma, we look forward to finding new solutions that achieve a better balance between security, scalability, and user experience.

Author's Perspective

DT @19971122:

Before reading V's article, I was not familiar with the technical architecture of Plasma. After all, the current Ethereum scaling solutions can almost be said to be dominated by Rollup technology, with various teams rushing to launch Rollup-based L2 networks and developing modular architectures that build data availability layers (DA layers) on other networks (Celestia, EigenLayer, and Avail). This led to statements like that of Dankrad Feist, a researcher at the Ethereum Foundation, on Twitter, saying, "A modular blockchain that does not use ETH as a DA layer is neither Rollup nor Ethereum L2." The question of who represents the orthodoxy of Ethereum's development has always been a topic of debate. Just as discussions about the development of Rollup were heating up, V's article seemed to inject new life into Plasma, telling the Ethereum community that there are more scaling solutions than just Rollup, and the new direction of ZK + Plasma could also be an option.

I believe that in a decentralized world, diverse development is a natural process. However, when considering capital efficiency, the modular and homogeneous development seems more economical, leading to standardized frameworks like OP Stack or Polygon zkEVM CDK for various capitals to build their own L2 networks, but at the same time losing some diversity. V's move may be an attempt to guide the development of Ethereum's scalability solutions back to balance. Whether teams will emerge to implement this in the future is something worth tracking. As a long-term user and supporter of Ethereum, I welcome a balanced development of Ethereum's scaling technology.

NingNing @0xNing0x:

Plasma is a solution aimed at improving blockchain scalability by moving most data and computation off-chain. It first appeared in 2017 and has undergone several iterative versions, including Plasma Cash and Plasma Cashflow. However, due to the fundamental limitations of Plasma when scaling beyond payment applications (such as the issue of unowned states and incentive flow problems), Plasma L2 solutions have gradually become marginalized.

Meanwhile, Rollup has become the mainstream L2 solution, with its main advantages being design simplicity and developer friendliness. However, with the realization and maturation of ZkEVM technology, Plasma has welcomed a new design space, providing new possibilities for simplifying developer experience and protecting user assets.

V's introduction of Plasma L2 may emphasize the importance of diversity and innovation in the L2 paradigm, rather than suggesting that the new paradigm of Plasma L2 solutions can challenge the mainstream status of Rollup L2 solutions. Currently, Rollup L2 solutions are absolutely leading in terms of TVL scale and user numbers, and due to the Matthew effect, this position is likely to strengthen in the foreseeable future.

In recent days, the new paradigm L2 Blast launched in collaboration between Paradigm and the Blur team has showcased another exploratory path. Although its architecture does not conform to V's strict definition of L2, it has gained considerable success in the market and community, quickly attracting community attention and significant capital participation. This indicates that the market and community are eager for diversity in the L2 paradigm and are no longer satisfied with just one or two standard designs.

Overall, Plasma L2 solutions have certain potential and innovation, but the development of L2 should not rely on a blueprint designed by a top-level designer with supreme rationality; rather, it should grow out of complex, nonlinear market competition.