Original author: YBB Capital Researcher Zeke

Preface

In "Prospects of the Potential Track: Decentralized Computing Power Market (Part 1)", we have already understood the importance of computing power under AI expectations, and also delved into the two dilemmas in building a decentralized AGI computing power market at the current stage. This article will start with the basic concept of zero-knowledge proof, and delve into the multi-dimensional thinking of more possibilities of the sunrise track of decentralized computing power market. (The previous part also mentioned the Bitcoin computing power market, but given the recent explosive growth of the Bitcoin ecosystem, this part will be combined with our future articles related to the Bitcoin ecosystem.)

Overview of Zero-Knowledge Proof

In the mid-1980s, three cryptographers from the Massachusetts Institute of Technology (Shafi Goldwasser, Silvio Micali, and Charles Rackoff) jointly published a paper titled "The Knowledge Complexity of Interactive Proof Systems." The paper described an innovative cryptographic technology that can verify the truth of information without revealing the information itself, which the authors called "zero-knowledge proof" and provided a specific definition and framework for this concept.

In the decades that followed, the zero-knowledge proof technology based on this paper gradually developed and improved in various fields. Nowadays, zero-knowledge proof has become an all-encompassing term, representing many "modern" or "advanced" cryptography—especially cryptography related to the future of blockchain.

Definition

Zero-Knowledge Proof (ZKP for short, used below as appropriate) refers to the ability of the prover to prove the correctness of a statement to the verifier without providing any specific information about the statement itself. The three basic properties of this method include completeness, soundness, and zero-knowledge. Completeness ensures the provability of true statements, soundness ensures that false statements cannot be proven, and zero-knowledge means that the verifier cannot obtain any information other than the truth of the statement.

Types of Zero-Knowledge Proof

Depending on the way the prover and verifier interact, two different types of zero-knowledge proof are produced: interactive and non-interactive. In the interactive type, the prover and verifier engage in a series of interactions. These interactions are part of the proof process, with the prover proving the truth of their statement by responding to a series of queries or challenges from the verifier. This process typically involves multiple rounds of communication, with the verifier posing a question or challenge in each round, and the prover responding to prove the correctness of their statement. The non-interactive type does not require multiple rounds of interaction. In this case, the prover creates a single, independently verifiable proof and sends it to the verifier. The verifier can independently verify the truth of this proof without further communication with the prover.

Layman's Explanation of Interactive and Non-Interactive

1. Interactive: The story of Alibaba and the Forty Thieves is a common example often mentioned in explaining interactive zero-knowledge proof. There are many versions of this story, and the following is a simplified version adapted by the author.

Alibaba knows the incantation to open the cave where the treasure is hidden, but he is captured by the Forty Thieves, who force him to reveal the incantation. If Alibaba reveals the incantation, he will be killed for having no utility value. If Alibaba refuses to reveal it, the thieves will not believe that he really knows the incantation and will also kill him. However, Alibaba came up with a clever solution. There are two entrances, A and B, to the cave, both leading to the center of the cave where there is a password-protected door that only a person who knows the incantation can pass through from one side to the other. To prove that he knows the secret of opening the cave without revealing the secret, Alibaba enters the cave and chooses one of the entrances, A or B, while the Forty Thieves stand outside and cannot see his choice. Then the Forty Thieves randomly shout A or B, demanding Alibaba to come out from the entrance they specified. If Alibaba really knows the incantation, he can use the password to pass through the door from the center and come out from the specified entrance. This process is repeated several times, and each time Alibaba successfully comes out from the entrance specified by the Forty Thieves, thus proving that he indeed knows the password without revealing the secret.

2. Non-Interactive: Here is a simple example of a non-interactive zero-knowledge proof in daily life. Imagine that you and a friend both have a "Where's Waldo" book. You claim to know where Waldo is on a certain page, but your friend is skeptical. If you want to prove to your friend that you know where Waldo is in the picture without revealing the exact location, you can use a sufficiently large opaque paper to cover the entire picture and reveal Waldo through a small hole in the paper (a single, independently verifiable proof). This way, you can prove that you indeed know Waldo's location, but your friend still cannot know the exact coordinates of Waldo in the entire picture.

Technical Implementation in Blockchain

There are multiple ways to implement zero-knowledge proof in blockchain, with the most well-known being zk-STARK (Zero-Knowledge Scalable Transparent Argument of Knowledge) and zk-SNARK (Zero-Knowledge Succinct Non-Interactive Argument of Knowledge). As indicated by the "Non-Interactive" in their names, both belong to the non-interactive zero-knowledge proof category.

zk-SNARK is a widely used general zero-knowledge proof solution (it is important to note that zk-SNARK is a genre, not a single technology). It transforms any computation process into the form of a circuit of gates and uses a series of mathematical properties of polynomials to compress the gate circuit into a very small non-interactive proof, enabling the application of various complex business scenarios. The initiation of zk-SNARK requires a trusted setup, where each party generates a partial key to start the network in a trusted setting, and then destroys the key. If the confidential information used to create the trusted setup keys is not destroyed, this information may be used to forge transactions through false verification.

zk-STARK is a technical evolution of zk-SNARK, addressing the weakness of SNARK's reliance on a trusted setup, and can complete blockchain verification without relying on any trusted setup, thereby reducing the complexity of starting the network and eliminating any collusion risk. However, zk-STARK also has issues with large proof generation, storage, on-chain verification, and generation time, all of which are at a disadvantage. If you have experienced the early versions of StarkNet (which uses zk-STARK for Layer2), you should be able to clearly feel the speed and gas fees, which are much worse compared to other Layer2 experiences. Therefore, the zk-SNARK solution is currently more widely adopted. In addition to these, there are also slightly less popular solutions such as PLONK and Bulletproofs, each with its own advantages and disadvantages in proof size, prover time, and verification time. Achieving a completely ideal zero-knowledge proof is very difficult, and several mainstream algorithms typically balance between different dimensions.

The development of ZK typically requires the use of two key components.

ZK-friendly Expression of Computation: This is a domain-specific language (DSL) or underlying library. Underlying libraries like Arkworks provide the necessary tools and primitives, allowing developers to manually rewrite code in a lower-level language. DSLs like Cairo or Circom are programming languages tailored for ZK applications. The latter can be compiled into primitives required for generating proofs. More complex operations lead to longer proof generation times, and certain operations (such as bitwise operations used in SHA or Keccak) may not be suitable for ZK, resulting in long proof generation times.

Proof System: The proof system is the core of ZK applications, implementing two basic functions: Prove and Verify. The Prove function allows the generation of a proof (which requires a large amount of mathematical computation to generate, with more complex proofs taking longer to generate), demonstrating the correctness of a statement without revealing proof details. The Verify function is used to verify the correctness of this proof (the more complex and larger the proof, the higher the performance and the shorter the verification time required). Different proof systems, such as Groth16, GM17, PLONK, Spartan, and STARK, also differ in efficiency, security, and usability.

Application Map of ZKP

1. ZKP Cross-Chain Bridges and Interoperability: ZKP can be used to create proofs of validity for cross-chain message passing protocols, allowing these messages to be quickly verified on the target chain. This is similar to how zkRollups are verified on the underlying L1. However, for cross-chain message passing, the complexity is higher because the signature schemes and encryption functions to be verified may differ between the source and target chains.

2. ZKP On-Chain Gaming Engine: Dark Forest demonstrates how ZKP can achieve incomplete information in on-chain games. This is crucial for designing more interactive games where players' actions remain private until they decide to reveal them. As on-chain games mature, ZKP will become part of the game execution engine. This is significant for early-stage companies integrating privacy features into high-throughput on-chain gaming engines.

3. Identity Solutions: ZKP opens up multiple opportunities in the identity field. They can be used for reputation proofs or connecting Web2 and Web3 identities. Currently, our Web2 and Web3 identities are separate. Projects like Clique connect these identities using oracles. ZKP can further enhance this approach by anonymously linking Web2 and Web3 identities, enabling use cases like anonymous DAO membership eligibility, provided they can use Web2 or Web3 data to prove domain-specific expertise. Another use case is uncollateralized Web3 loans based on a borrower's Web2 social status (e.g., Twitter followers).

4. ZKP for Regulatory Compliance: Web3 enables anonymous online accounts to actively participate in the financial system. In this sense, Web3 achieves significant financial freedom and inclusivity. With increasing Web3 regulation, ZKP can be used to achieve compliance without compromising anonymity. ZKP can be used to prove that users are not citizens or residents of sanctioned countries. It can also be used to prove accredited investor status or any other KYC/AML requirements.

5. Local Web3 Private Debt Financing: TradeFi debt financing is often used to support growing startups in accelerating their growth or opening new business lines without additional venture capital. The rise of Web3 DAOs and anonymous companies creates opportunities for local Web3 debt financing. For example, using ZKP, DAOs, or anonymous companies can obtain uncollateralized loans and competitive rates based on proof of their growth metrics without disclosing borrower information to lenders.

6. Privacy DeFi: Financial institutions often maintain the privacy of their transaction history and risk exposure. However, using decentralized finance (DeFi) protocols on-chain, meeting this requirement becomes challenging due to the continuous advancement of on-chain analysis techniques. One possible solution is to develop privacy-focused DeFi products to protect the privacy of protocol participants. One protocol attempting to achieve this goal is Penumbra's zkSwap. Additionally, Aztec's zk.money provides some opportunities for private DeFi earning by blurring user participation in transparent DeFi protocols. Protocols that successfully implement efficient and privacy-focused DeFi products can gain significant transaction volume and revenue from institutional participants.

7. ZKP for Web3 Advertising: Web3 empowers users to own their data rights, such as browsing history and private wallet activity. Web3 also allows users to monetize this data for their benefit. As data monetization may conflict with privacy, ZKP can play a crucial role in controlling which personal data can be disclosed to advertisers and data aggregators.

8. Sharing and Monetizing Private Data: Many of our private data, if shared with the right entities, can have a significant impact. Personal health data can be crowdsourced to help researchers develop new drugs. Private financial records can be shared with regulatory and supervisory authorities to identify and penalize corrupt behavior. ZKP can enable the private sharing and monetization of such data.

9. Governance: With the proliferation of DAOs (decentralized autonomous organizations) and on-chain governance, Web3 is moving towards direct participatory democracy. A major flaw in the current governance model is the lack of privacy in participation. ZKP can be the foundation for addressing this issue. Governance participants can vote without revealing their voting method. Additionally, ZKP can limit the visibility of governance proposals to DAO members only, enabling DAOs to establish a competitive advantage.

10. zkRollup: Scalability is the most important use case of ZKP in blockchain, where zkRollup technology aggregates multiple transactions into a single transaction. These transactions are processed and computed off-chain (i.e., outside the main chain of the blockchain). For these aggregated transactions, zkRollup uses ZKP to generate a proof that can confirm the validity of these transactions without revealing their specific content, greatly compressing the data size. The generated ZKP is then submitted to the main chain of the blockchain. Nodes on the main chain only need to verify the validity of this proof, without needing to process each individual transaction, significantly reducing the burden on the main chain.

ZKP Hardware Acceleration

While zero-knowledge proof protocols have multiple advantages, the current main issue is that verification is easy, but generation is difficult. The main bottleneck of most proof systems is the multi-scalar multiplication (MSM) or fast Fourier transform (FFT) and its inverse transform, with the following constituting their advantages and disadvantages.

Multi-Scalar Multiplication (MSM): MSM is a key computation in cryptography, involving the multiplication of points and scalars in elliptic curve cryptography. In ZKP, MSM is used to construct complex mathematical relationships about points on elliptic curves. These calculations typically involve a large amount of data points and operations, crucial for generating and verifying proofs. MSM is particularly important in ZKP because it helps construct proofs that can verify encrypted statements without revealing private information. MSM can be executed on multiple threads, supporting parallel processing. However, when dealing with large element vectors, such as 50 million elements, multiplication operations can still be slow and require a large amount of memory resources. Additionally, MSM faces scalability challenges, remaining slow even in extensively parallelized scenarios.

Fast Fourier Transform (FFT): FFT is an algorithm for efficiently computing polynomial multiplication and solving polynomial interpolation problems. In ZKP, it is often used to optimize the calculation process of polynomials, which is an important step in proof generation. FFT accelerates calculations by decomposing complex polynomial operations into smaller, simpler parts, crucial for efficiency in proof generation. The use of FFT greatly enhances the ability of ZKP systems to handle complex polynomials and large datasets. However, FFT operations rely on frequent data exchanges, making it difficult to significantly improve efficiency through distributed computing or hardware acceleration. Data exchanges in FFT operations require a large amount of bandwidth, especially when dealing with datasets larger than the hardware memory capacity.

While software optimization is also an important research direction, the most direct and brute-force way to accelerate proof generation at present is by stacking enough high computational power through hardware. So, among the various computational hardware (GPU, FPGA, ASIC), which one is the best choice? Since we briefly introduced GPUs in the previous section, here we will mainly understand the design logic and advantages and disadvantages of FPGAs and ASICs.

ASIC: ASIC (Application-Specific Integrated Circuit) is a type of integrated circuit designed specifically to meet the needs of a particular application. Compared to general-purpose processors or standard integrated circuits, ASICs are customized to perform specific tasks or applications, typically exhibiting higher efficiency and performance in their designed applications. In the well-known field of Bitcoin mining, ASICs are crucial hardware for mining, as their high efficiency and low power consumption make them an ideal choice for Bitcoin mining. However, ASICs also have two significant drawbacks. Since they are designed for specific applications (such as ASIC mining machines designed around the SHA-256 hash algorithm for Bitcoin), the design and manufacturing costs are high when not adopted in large quantities, and the design and verification cycles are relatively long.

FPGA: FPGA, short for Field Programmable Gate Array, is a reprogrammable device developed based on traditional logic circuits and gate arrays such as PAL (Programmable Array Logic), GAL (Generic Array Logic), and CPLD (Complex Programmable Logic Device). Similar to ASIC, it is used for electronic design and implementation of specific functions in integrated circuits, addressing the shortcomings of custom circuits and overcoming the limitations of the original programmable device gate circuit count. Its important features include "reprogrammability, low power consumption, low latency, and strong computing power." However, the drawback of FPGA is that its functionality depends entirely on hardware implementation and cannot perform operations such as conditional branching, and can only perform fixed-point operations. In terms of cost, the design cost of FPGA is lower than that of ASIC, and manufacturing also requires reference to scale, but the overall cost of both is much higher than that of GPUs.

Returning to the discussion of ZKP hardware acceleration, it must be acknowledged that ZKP is still in the early stages of development. System parameters (such as FFT width or bit size of elements) or the choice of proof systems (there are five proof systems mentioned in the previous text alone) are still rarely standardized. We compare the situations of three types of computational hardware in this environment:

• Variability of ZK "Elements": As mentioned earlier, the business logic on ASIC is written once. If any ZKP logic changes, it needs to start from scratch. FPGAs can be refreshed any number of times in 1 second, meaning they can be reused on multiple chains with incompatible proof systems (e.g., cross-chain extraction of MEV) and adapt flexibly to changes in ZK "elements." While GPUs may not be as fast as FPGAs in hardware-level reconfiguration, they offer great flexibility at the software level. GPUs can adapt to different ZKP algorithms and logic changes through software updates. Although these updates may not be as rapid as FPGAs, they can still be completed in a relatively short time.

• Supply: ASIC design, manufacturing, and deployment typically require 12 to 18 months or longer. In contrast, the FPGA supply chain is relatively healthy, with leading suppliers like Xilinx allowing large retail orders to be delivered within 16 weeks from their websites (without any contact points). Looking at GPUs, they naturally have a huge advantage in supply, with a large number of idle GPU mining machines existing across the network after the Ethereum Shanghai merge. Additionally, the subsequent series of graphics cards developed by Nvidia and AMD can also be supplied in large quantities.

Based on the above points, unless there is consensus in the ZK race and the adoption of a standardized solution, ASICs do not have any advantages. Considering the current diversified development of ZKP solutions, GPUs and FPGAs will be the two main computational hardware options that we need to discuss next.

• Development Cycle: Due to the widespread use of GPUs and mature development tools such as CUDA (for NVIDIA GPUs) and OpenCL (cross-platform), FPGA development typically involves more complex hardware description languages (such as VHDL or Verilog) and requires longer learning and development time.

• Power Consumption: FPGAs generally have better energy efficiency than GPUs. This is mainly because FPGAs can be optimized for specific tasks, reducing unnecessary energy consumption. While GPUs have powerful performance in handling highly parallelized tasks, this also comes with higher power consumption.

• Customizability: FPGAs can be programmed to optimize specific ZKP algorithms, improving efficiency. For specific ZKP algorithms, the general architecture of GPUs may not be as efficient as dedicated hardware.

• Generation Speed: According to Trapdoor-Tech's comparison of GPUs (using Nvidia 3090 as an example) and FPGAs (using Xilinx VU9P as an example) in BLS12-381 (a specific type of elliptic curve), using the same modular multiplication/addition algorithm, the generation speed of GPUs is five times that of FPGAs.

In conclusion, in the short term, considering the development cycle, parallelism, generation speed, cost, and the large number of idle devices ready across the network, GPUs are undoubtedly the most advantageous choice. The current hardware optimization direction also focuses on GPUs, and the time for FPGAs to completely take over the competition has not yet arrived. Therefore, is it possible to build a ZKP computational power market similar to PoW mining (a term I personally envision)?

Considerations for Building a ZKP Computational Power Market

In considering the construction of a ZKP computational power market, we have already reached a conclusion regarding computational hardware from the previous text. The remaining questions revolve around three points: whether ZKP needs to be decentralized, whether the market scale is attractive, and if all ZK-based public chains choose to build their own proof generation markets, what is the significance of a ZKP computational power market?

Significance of Decentralization: Firstly, most zkRollup projects today (such as Starkware and zkSync) rely on centralized servers, as only Ethereum scalability has been considered. Centralization means that user information still faces the risk of scrutiny, to some extent sacrificing the most important permissionless nature of blockchain. The use of ZK privacy protocols goes without saying, making decentralized ZKP generation extremely necessary. The second reason for decentralization is cost. Similar to the AGI mentioned in the previous section, the cost of cloud services and hardware acquisition is very expensive, and proof generation is usually only suitable for large projects. For small projects in the early stages, a decentralized proof market can greatly alleviate their funding difficulties at the startup stage, while also reducing unfair competition due to financial constraints.

Market Scale: Paradigm predicted last year that the ZK miner/verifier market may grow to a size comparable to the past PoW mining market. The fundamental reason is that both buyers and sellers of ZKP computational power are abundant in the ZKP computational power market. For former Ethereum miners, the large number of ZK-based public chain projects and Layer2 projects are far more attractive than Ethereum's forked public chains. However, we also need to consider a situation where most ZK-based public chains or Layer2 projects are fully capable of building their own proof generation markets. If it is necessary to adhere to the decentralized narrative, this step is also inevitable in the roadmap (as mentioned earlier, Starkware and zkSync will also have their own decentralized solutions). In this case, does a ZKP computational power market still have any significance?

Significance of Construction: Firstly, the application of ZKP is extensive (as mentioned several times in the previous text, and will be referenced in the following text with a project). The second point is that even if each ZK chain has its own proof generation market, a computational power market still has three functions that can prompt sellers to sell computational power.

1. Splitting computational power into two parts, one for mining and the other for selling computational power contracts. This method can help hedge against market volatility in the cryptocurrency market. When the market is down, the sold computational power contracts provide stable income, while mining brings additional income when the market is up.

2. Selling all computational power to obtain fixed income is a more conservative approach. This can reduce the impact of market fluctuations on income and ensure income stability.

3. Due to differences in cost structure (such as electricity costs), some miners may have operating costs lower than the market average. These miners can utilize their cost advantage by selling computational power contracts at market prices and retaining the price difference generated by lower electricity costs, thus achieving arbitrage.

Proof Market

Proof Market is a decentralized ZKP computational power market built by=nil; (a Ethereum development company) (as far as I know, it is currently the only computational power market built around ZKP generation), essentially an untrusted data accessibility protocol that enables seamless data sharing between Layer 1 and Layer 2 blockchains and protocols without relying on centralized intermediaries for generating zero-knowledge proofs. Although Proof Market is not the market I envisioned built around personal GPUs (Proof Market is built around professional hardware vendors, and ZKP GPU mining can also be referenced in the Scroll architecture's Roller Network or Aleo), it still has significant reference value in how to build and widely apply ZKP computational power markets. The workflow of Proof Market is as follows:

Proof Requester:

• The entity requesting the proof, which can be applications such as zkBridge, zkRollup, zkOracle, or zkML.
• If the circuit does not exist, the Preparation phase is required, generating a new circuit by running zkLLVM.
• If the circuit already exists, a zkProof request is created for the predefined circuit.

zkLLVM:

• This component is responsible for generating the circuit, encoding the program for the computational task.
• During the Preparation phase, zkLLVM preprocesses the computation to generate the circuit and submits it to Proof Market.

Proof Market:

• It is a central market that matches the orders of proof requesters with proof generators.
• It verifies the validity of the proof and provides rewards after the proof is verified.

Proof Generator:

• Executes the computation and generates the required zero-knowledge proof.
• Receives orders from Proof Market and returns the generated proof.

Reward Mechanism:

• Circuit Developer Reward: Whenever a proof requester uses a circuit to generate a proof, the author of the circuit receives a reward.
• Proof Generator Reward: Once the proof is verified in Proof Market, the generator receives a reward according to the terms of the order.

Throughout the entire process, proof requests, generation, verification, and reward distribution revolve around Proof Market. This process aims to create a decentralized market where the generation and verification of ZKP are automated, and participants can receive rewards based on their contributions.

Use Cases

Since its test release in January 2023, the primary use cases of Proof Market have been protocols operating outside of the Ethereum Layer 1 (L1): such as zkRollup, zkBridge connected to Ethereum, and public chains using zkP.

With Ethereum endpoint integration (referring to a gateway interface that allows other systems or services to connect and integrate), Proof Market will be applicable to more applications, especially those that require requesting proofs directly from EVM applications to provide a smoother user experience or applications that need to work together with on-chain stored data.

Here are some potential use cases:

1. Machine Learning (ML): Requests for inference can be made to the zkML application on-chain. Applications such as fraud detection, predictive analytics, and identity verification can be deployed on Ethereum.
2. Ethereum Data Processing (zkOracles): Many applications require historical or processed data from Ethereum. Using zkOracles, users can obtain data from the execution layer through the consensus layer.
3. Data Transfer (zkBridges): Users can directly request data transfer and pay for proof fees, without the need for bridge operators as intermediaries between users and the market.
4. Fraud Proofs: Some fraud proofs can be easily verified on-chain, while others cannot. Fishermen (network participants focused on verifying the main protocol and identifying potential fraudulent behavior) can focus on verifying the main protocol and point to the required proofs provided by Proof Market.
5. Data Updates and Accumulation: Applications can store the latest updates directly on the first layer and later accumulate them into a Merkle tree, accompanied by proofs of correct root updates.
6. Random Number Generation: Applications can order random numbers generated through a trustless hash-based VDF.
7. Proof Aggregation: If applications independently send their proofs (without verification), aggregating them into a single proof and then verifying them all at once can reduce the cost of proof verification.

Practical Application

Recently, the well-known LSD project Lido is also using Proof Market to enhance the security and trustworthiness of the Lido Accounting Oracle contract. The Lido Accounting Oracle relies on an Oracle committee composed of trusted third parties and a quorum mechanism to maintain its state, which creates potential attack vectors. The resolution process of Proof Market is as follows:

Problem Definition

• Lido Accounting Oracle Contract: Handles complex reports, including data from the consensus layer (such as Total Value Locked (TVL), number of validators, etc.).
• Objective: Make the reports trustless, requiring the extension of reports to include computational integrity proofs.

Solution Specification

• Initial Objective: In the first phase, only report subsets such as Lido CL balance (referring to asset balances related to the consensus layer in the Lido protocol), active and exiting balance counts, etc.
• Key Participants:

Lido: Needs to make certain data available from the consensus layer accessible in the execution layer. Oracle: Reports TVL and validator count to the TVL contract. Proof Producer: Generates computational integrity proofs. Proof Verifier: Verifies proofs in the EL contract.

Technical Implementation

Oracle: An independent application that obtains input data, computes Oracle reports, and generates proofs. zkLLVM Circuit: Used to build programs for generating computational integrity zero-knowledge proofs. Trustless Accounting Audit Oracle Contract: Verifies binary proofs and validates computational integrity information. Deployment Phase

• Current Status: When a sufficient number of trusted Oracle members submit reports and reach the quorum.
• "Dark Launch" Phase: Reaching the trusted quorum but also accepting trustless reports and conducting necessary verification.
• Transition Period: Reaching the trusted quorum, receiving at least one valid trustless report, and the reports are consistent.
• Full Launch: The accounting contract only uses trustless reports to determine TVL and the number of validators.
• Final State: Completely abolishing quorum reports and only using trustless reports.

Conclusion

Compared to the grand blueprint of the AGI computational power market, the ZKP computational power market is currently more limited in its application within the blockchain. However, the opposite benefit is that the development of the ZKP computational power market does not need to consider extremely complex designs such as neural networks, resulting in lower overall development difficulty and lower capital requirements. As seen from the projects mentioned above, while the AGI computational power market is still struggling to land, the ZKP computational power market has already permeated multiple application scenarios in the blockchain in a multidimensional way.

From a market perspective, the ZKP computational power market is currently in a very blue ocean stage, and the Proof Market mentioned above is not the ideal design in my mind. Combined with algorithm optimization, application scenario optimization, hardware optimization, and the selection of different computational power seller markets, there is still a lot of room for imagination in the design of the ZKP computational power market. From a development perspective, Vitalik has repeatedly emphasized the importance of ZK in the blockchain field in the next ten years, which will be as important as the blockchain itself. However, in terms of the universality of ZK, as the design matures, the future importance of ZK in non-blockchain fields may not be inferior to the current AGI, and its prospects should not be underestimated.

References:

1. Hardware Acceleration for Zero Knowledge Proofs: https://www.paradigm.xyz/2022/04/zk-hardware
2. Use of elliptic curves in cryptography (1988): https://link.zhihu.com/?target=https%3A//link.springer.com/content/pdf/10.1007%252F3-540-39799-X_31.pdf
3. ZKLLVM + Lido Trustless Accounting oracle: solution spec: https://docs.google.com/document/d/1d5Ru7WWae-yilXzOVgNS5DNweAMj6FNJrZllvD00mB0/edit
4. DIZK: A Distributed Zero Knowledge Proof System: https://www.usenix.org/conference/usenixsecurity18/presentation/wu
5. Proof Market Developer Guide: https://docs.nil.foundation/proof-market/proof-producers/proof-producer
6. IOSG Weekly Brief |ZKP Acceleration: https://mirror.xyz/0x5Eba828AB4999825D8416D7EAd9563b64FD90276/8DGPafCg1oLZ0T-cXSbcu5q1dYxhFDuilR1brWfLZXM
7. ZK Proof Calculation: A New Journey for Computational Power Hardware?: https://mp.weixin.qq.com/s/gInQOIJyLZwzzgmFkbaFwQ
8. Hardware Acceleration Drives the New Era of ZK: https://mp.weixin.qq.com/s/3I-gz4O57_crS7_KZSA8KA

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。