- Crypto for dummies
- Posts
- The Gang Learns How Validiums Work
The Gang Learns How Validiums Work
The Polygon Upgrade: From PoS to Validium
Polygon co-founder Mihailo Bjelic recently published a proposal to upgrade the Polygon PoS network to a zkEVM Validium. This is a post on what this transition means for the network, its security guarantees, and the various network participants (and what it doesn't).
Polygon PoS -A ”commit” chain
Before diving into the Validium structure, first, let's understand how the PoS network works and the various challenges it faces.
The PoS network has $2B+ assets bridged from Ethereum, tens of thousands of apps, and 300M+ unique addresses participating in the network. It is a "commit" chain that ‘commits’ its state transitions to the Ethereum Mainnet.
The chain relies on a set of validators to secure the network. Anyone can permissionlessly stake MATIC tokens with a staking management smart contract deployed on Ethereum. From the group of stakers, a random set of validators is chosen periodically.
The role of this set of validators is to run a full node, produce and execute blocks, participate in consensus, and commit checkpoints to Ethereum. Rewards are distributed to all stakers proportional to their stake at every checkpoint. The validators who double sign, or are inactive, are slashed.
Any block is considered final only if ⅔ of the total stake votes for it. At regular intervals, the state of the chain is posted to Ethereum as "checkpoints". The smart contract on Ethereum accepts the checkpoint update only if it sees ⅔ of the validator stake behind it. The smart contract is considered the ultimate “source of truth” for the final state of the PoS.
The PoS validators also maintain a 2-way bridge with the Ethereum mainnet. This bridge can be used to transfer tokens between Ethereum and PoS. Users need to lock funds in a contract on Ethereum, and the corresponding tokens are then minted on Polygon PoS if ⅔ of the validators agree on the locked token event.
Similarly, withdrawals back to Ethereum are processed via regular checkpoints. Users can burn tokens on the PoS network. When more than ⅔ of stake-weighted validators submit signatures that the burn transaction has been included in a checkpoint, equivalent value tokens are minted on Ethereum.
Security guarantees on the commit chain
The PoS network runs on an honest majority assumption.
Security from the PoS comes from the staked MATIC. If there's less than 2/3rd of the weight behind any checkpoint, it's not accepted. In such a scenario, the chain can stop or reordering can happen. Social consensus will be needed to then fork the chain from an earlier checkpoint.
For example, say the validators collude and decide to steal user funds. If more than ⅔ staked weight colludes to add a malicious checkpoint, there’s nothing Ethereum smart contract can do to reject that. A likely outcome of this would be honest users hard-forking the chain from an earlier checkpoint.
Even though the chain has a set of 100 validators with ~$2B worth of $MATIC staked - which is a significant level of decentralization and economic security, Polygon can do better. The probabilistic consensus has resulted in occasional deep chain reorgs in the past.
With the proposed move to a zkEVM Validium, the security guarantees of the PoS chain would boost up.
Enter zkEVM Validium
Let's understand how a Validium works:
A zkEVM Validium is a sibling of zkEVM Rollups. While zkEVM rollups store their data on the Ethereum mainnet, validiums choose a separate “off-chain” DA layer to store their data. The validators of the DA layer ensure that the data is available for anyone who wants to verify the state changes.
Just like zkEVMs, validiums rely on a prover network to generate ZK proofs to prove the correctness of the state changes. These proofs are posted on the Ethereum mainnet. Verifier nodes on Ethereum verify the validity of these proofs and update the state of the Validium on Ethereum. This state is then gossiped and shared amongst all rollup nodes.
In the case of Polygon, this DA layer will be maintained by the same validators that run the PoS network currently.
Given that Polygon’s zkEVM technology is already highly efficient both in terms of proof generation ($0.00005 per transfer) and verification (350k gas per zk proof), this transition would open the path to increasing the throughput of the chain. And since posting data on Ethereum constitutes the highest cost factor for rollups, the transaction fees on the validium would probably be much lower than those on PoS or the zkEVM rollup.
Security guarantees on the validium
Changes to consensus: Just like in the PoS structure, the smart contract on Ethereum would be used as the “source of truth” for the state of the validium. However, including validity proof-verification via the Ethereum nodes significantly boosts security allowing the network to leverage $40B of economic stake and ~8000 individual validator nodes - numbers much higher than that of the OG PoS network!
Changes to the bridge: As stated above, the bridge accepts a checkpoint if more than 2/3 of stake-weighted validator signatures are submitted and verified on Ethereum.
With the upgrade, the bridge smart contract should require both the supermajority of signatures and the ZK proof for all the transactions that were added to the chain within that checkpoint. This way the security introduced by the zkEVM prover would be strictly additive to the current security, i.e. it would not introduce additional security risks. In other words, even if the zkEVM prover is not sound, the chain would be at least as secure as it is currently. At a later point, once the prover is considered sound and battle-tested, the signatures can be proven within the ZK proof itself and excluded from the checkpoint, which would additionally reduce gas consumption on Ethereum.
But, are the security guarantees the same as that of a zkEVM rollup?
Nope.
As the Polygon proposal mentions, the zkEVM validium would provide higher scalability and lower costs at a tradeoff to data security.
If you remember from my previous post, rollups inherit 4 different properties from their DA layer:
Reorg Resistance
Censorship Resistance
Data Availability
Validity
The first 3 are derived from the DA layer, and the validity is inherited from the “source of truth”, which is the smart contract deployed on Ethereum in this case.
In the zkEVM validium, the validators cannot steal user funds, even if a majority of them are malicious. This is because the smart contract would simply reject invalid proofs of state transitions. However, the validators can still “freeze” user funds by refusing to share the data of the transactions with the full nodes on Ethereum.
By freezing funds, malicious validators can also hold the chain “hostage” for ransom. Users won’t be able to force an exit from the validium in such a case because the data for the exit transaction would have to be added to the DA layer: which is maintained by the malicious validators.
However, as Brendan Farmer mentions here, it might not be practical for the validators to coordinate a ransom payment since they would have to process the queue of honest transactions first.
@toghrulmaharram@DZack23 IMO this is a common but bad argument.
In this scenario, operators would forfeit their stake and all future tx fee revenue for an uncertain payout, given that most accounts transacting on a validium are fee-sensitive (and low-value) and coordinating ransom payments would be… twitter.com/i/web/status/1…
— Brendan Farmer (@_bfarmer)
7:36 PM • Jun 20, 2023
In conclusion, while the transition to Validium is a huge security boost over the PoS network, 3 security properties (Reorg resistance, CR, DA) are still derived from the same validator set as that on the PoS network.
The Emergence of Volitions - Polygon 2.0?
So how does this all fit together?
Polygon’s transformation to Polygon 2.0 promises to create a unified value layer where “users would feel like they are within a single ecosystem” even when they’re operating between multiple chains.
With the combination of the zkEVM rollup and the zkEVM Validium working together on a unified layer of Polygon 2.0, I believe the user experience would be similar to that of a Volition.
Volitions are the “best of both worlds” of a rollup and a validium. Users can choose what kind of security they want for their transactions. For high-value transactions, users could opt into the rollup mode and have the transaction data posted on Ethereum for higher security guarantees (all 4: DA, Reorg resistance, CR, and validity).
For low-value transactions where the data might not be as important (gaming, etc.), users would have the option to choose Validiums - where they still get validation security guarantees, but not the data security guarantees as that in a zkEVM rollup.
Are Validiums L2s? Does it matter?
In crypto, we love to debate about definitions, and unsurprisingly, the announcement of this pre-proposal by Polygon triggered another semantics debate on Twitter.
The argument is that since users can’t exit with their funds to Ethereum if the validators freeze their data (make it unavailable), a validium is not an L2. While I personally lean towards agreeing with that, I don’t believe a debate around this is productive.
The important takeaway is that this upgrade would boost the security guarantees of the Polygon PoS network and is a major positive for the Ethereum ecosystem as a whole as it would provide cheaper and faster transactions to the end users.
Conclusion
I hope this post clarifies what kind of security guarantees validiums do and do not inherit from the base layer - and helps you make an informed decision while participating in these networks!