zk with programmability

There are limitations for the Schnoor protocol based on discre log problem, a common seen zk example. It can only support a specific computation, \(x = log_g(y)\), lacking of programmability.

For general arithmetic computation, Groth 16, PLONK is popular.

Groth 16:

1. Support arbitrary arithmetic computation with good programmability
2. Fast prover time
3. Millisecond level verifying time
4. Constant proof size even if the arithemtic computation is complex

WASM Deployment

Previous Approach:

1. Compile ZKP code into binary and distribute the binary to users Drawback:
2. Users prefer to not download a binary
3. Complexity in supporting many backends (e.g., Windows, MAС, Ubuntu, etc)

Recent Trend:

1. Compile ZKP code to web assembly (WASM) backend
2. Distribute as a browser extension

Benefits:

1. Users do not need to download a binary
2. Directly support diverse backend

WASM Deployment: Performance Bottleneck

1. Slow down compared to native CPU execution
   1. For proving ZKP circuit at Manta Network
   2. 2~3 seconds latency on native CPU
   3. v.s. 20~30 seconds latency on WASM
2. Bottleneck: MSM(Multi scalar multiplication computation) Computation
3. ZPrize: Optimize MSM computation on WASM
   1. Better algorithm to reduce #finite field computations
   2. Better exploitation of WASM backend properties E.g., hand-written assembly code