Original author: Frank, PANews
On April 10, a16z Crypto released a zkEVM solution called Jolt, designed to accelerate and simplify blockchain scaling operations. Jolt integrates SNARK zero-knowledge proofs, provides a framework for EVM-compatible Rollups, and can help developers create SNARK-based L2 solutions. The team says Jolt is twice as fast compared to current zkVM.
Since the technical principles of Jolt are relatively complex, the following is a brief explanation of the relationship between several technical terms that may be involved:
zkSNARK is a powerful zero-knowledge proof primitive that is the foundation upon which zkVM and zkEVM are built
zkVM is a general zero-knowledge virtual machine concept that supports any instruction set
zkEVM is a special case of zkVM, specifically designed to be compatible with EVM
ZK Rollup uses zkVM or zkEVM to improve Ethereum’s scalability while taking into account privacy
What is Jolt?
Jolt is a new SNARK solution that provides a simpler and more efficient solution to build zkVM (zero-knowledge virtual machine). In fact, as early as August 2023, a16z crypto had already proposed related concepts called Lasso and Jolt. These two technologies were proposed in the context of the slow and high cost of SNARK technology.
Among them, Lasso, is a new lookup parameter that can significantly reduce prover costs; Jolt, using Lasso, provides a new framework for designing SNARKs for so-called zkVM and wider front-ends. Together, they improve the performance, developer experience, and auditability of SNARK designs, which in turn improves building in web3. This will enhance the use of zero-knowledge proofs in the blockchain field.
Before understanding Jolt, you may need to understand zkVM and zkEVM first.
zkVM is a general concept that refers to a zero-knowledge virtual machine. Similar to zkEVM, zkVM allows programs to be written in high-level languages such as C++ or Rust, and then the virtual machine compiles the program into some intermediate representation (such as circuits or arithmetic constraints), and then uses proof systems such as zkSNARK to prove the execution process of the intermediate representation. Compared with zkEVM, zkVM is not limited to being compatible with EVM, but supports any instruction set. Jolt is a high-performance zkVM implementation for the RISC-V instruction set.
We can think of zkVM as a special black box that can prove to the outside world that it has indeed performed calculations according to predetermined procedures while protecting privacy. However, traditional zkVM requires a lot of tedious calculations in the process of generating this proof, resulting in very low performance.
Jolts core innovation is to find a more efficient mathematical method to generate this proof:
First, Jolt cleverly transformed the calculation to be proved into a special polynomial, which we tentatively call a computational polynomial. The peculiarity of this polynomial is that its value will only equal zero if the black box actually performed the calculation correctly.
To prove that the value of a computational polynomial is equal to zero, Jolt uses an interactive protocol called sumcheck. This protocol can convince the verifier that the polynomial value is zero in a short amount of time without actually computing the entire polynomial. This is somewhat similar to how a teacher can judge whether the entire test paper is correct by only checking a few questions from students.
Jolt’s technical advantages
The technical principles behind Jolt are complex, to put it simply. In the development process of blockchain networks, zkVM is a key technology that improves the scalability of blockchain networks and can provide effective proof while ensuring privacy. In his recent keynote speech at the Hong Kong Web3 Carnival, Vitalik discussed the zkSNARK technology in detail. “Finding ZKSNARKS is very useful in terms of privacy, and it’s also very useful in terms of scalability,” Vitalik said.
However, the speed and computational overhead of proving generation have always been a major challenge for the practical implementation of zkSNARK technology, and it has also been a focus of research in academia and industry in recent years. Traditional zkSNARK schemes, such as Pinocchio and Groth 16, can take up to several hours or even days to prove more complex calculation logic, and require a large amount of memory and storage resources. This performance bottleneck severely restricts the application of zkSNARK in many practical scenarios.
And if you want to enable large-scale application of blockchain to achieve real-time verification. Improving the performance of zkSNARK is a very critical step.
Specifically, the proof generation process of zkSNARK involves complex cryptographic algorithms, such as elliptic curve pairing, polynomial interpolation, etc. These operations consume a lot of computing resources. Especially when the scale of the computational circuit being proved is large, the computational complexity of the proof generation will increase exponentially.
According to a16z Crypto, on CPU, the initial Jolt implementation is approximately 6x faster than RISC Zero and 2x faster than the recently released SP 1, with Jolt expected to be approximately 1.5x faster in the coming weeks.
Jolt is currently more than 2 times faster than the existing zkVM, but there is still a lot of room for optimization.
Jolt also cleverly exploits certain algebraic properties of polynomials to implement more efficient polynomial commitment schemes. This further reduces proof size and verification time.
Possible changes Jolt will bring
From an engineering perspective, Jolt uses a series of optimization methods, such as more compact circuit design, more efficient pipelines, more sufficient parallelization, etc., to maximize the computing power of the hardware.
Suppose you are a Web3 developer who wants to deploy an on-chain poker game on Ethereum. This game requires shuffling, dealing, comparing card sizes, etc. on the chain. Each operation requires zkVM circuits to achieve privacy protection and verifiability.
If you use an existing zkVM solution like ZoKrates or bellman, building such a circuit can take hours or even days. Because the current zkVM performance is still relatively low, generating zero-knowledge proofs of complex circuits requires a lot of computing resources and time overhead. This means that development and testing cycles can be very long.
And if you use Jolt to build the same circuit, the situation changes significantly. According to tests by the Jolt team, the current Jolt implementation is already 2-5 times faster than the mainstream zkVM solution in generating proofs. This means that if it originally took 10 hours to generate a proof, it may now only take 2-5 hours.
Overall, the 2-5x performance improvement brought by Jolt means that the usability and ease of use of zkVM technology have been greatly improved. This will significantly lower the threshold for Web3 developers, shorten the application development cycle, and bring a better experience to end users. In the longer term, Jolt is expected to accelerate the large-scale application of zkVM technology, allowing more privacy protection and verifiable computing capabilities to benefit every Web3 user.
Of course, Jolt is still in the early stages of development, and the 2-5x performance improvement is just the beginning. With the continuous iterative optimization of Jolt technology, the performance of zkVM will be further improved, ultimately paving the way for the large-scale application of Web3.
