Blockstream Talk #22 – ZeroSync & Blockstream Satellite

Welcome back to blockstream talk today We're talking to Robin Linus and Lucas George of zerosync xerosync is a Non-profit working on technology that Allows for a compact cryptographic proof To substitute the hundreds of gigabytes Of information that make up the Bitcoin Blockchain meaning the entire history of Bitcoin could be validated in an instant Rather than in hours or days It's pretty early days but I think what They're working on leaves a lot of room For imagination and when combined with Something like the block stream Satellite Network the implications are Pretty far-reaching all of a sudden Every smartphone on every part of the Planet is capable of validating the Bitcoin Network and the number of nodes Goes from something like just under 20 000 to maybe 20 billion or more This was an interesting conversation and I think we've only just scratched the Surface of what this could mean for Bitcoin and I think again highlights how Early we are still not only in the Development of Bitcoin but also in Cryptography more generally don't forget To like subscribe and share Lucas Robin thank you for joining us Today thanks for having us yeah hello do You want to start off kind of let us Know what zerosync does And then maybe kind of differentiate

I show You how To Make Huge Profits In A Short Time With Cryptos! I show You how To Make Huge Profits In A Short Time With Cryptos! Welcome to the Future of Money

With what what you guys do at that zero At zero sync and how you you know got Involved with this we are using this the Zero knowledge proofs to basically Compress the Bitcoin blockchain That is in one sentence what we are Doing and um We're using stock proofs And um they're a particular kind of zero Knowledge proofs Um What's important about them is um they Are transparent which means there is no Trusted setup involved That is a very important uh point in Comparison to other zero knowledge proof Systems Um for example Z cash they had been Using Um the graph 16 Um zero knowledge proofs in the Beginning and they were criticized a lot For the trusted setup Um And um yeah stocks were invented later And they just get rid of that entire Trusted setup which is um Yeah huge Improvement and also they are Scalable which means that for the first Time they make it possible to have Really large computation in a zero Knowledge proof for example verifying The entire blockchain yeah and and then Lucas and Robin maybe you can talk a

Little bit what your role is within uh Zerosync I started the project it Originated from my bachelor thesis so Therefore I'm still evolved like I'm the Longest round this project I know all The ins and outs and I still put in my effort and Robin Basically took the role of the Project Lead bring people together Um creating the association while still Pushing the codes to be a bit more Um yeah production great not right there But uh as you can imagine it started out As my thesis and the code was not that Polished and I definitely learned a lot From Robin and yeah stick around right Now for the projects to turn it into a Reality great and so the structure of of The project is uh as a non-profit right Not not a company yes we're a Swiss Non-profit and can we take a step back And maybe can you explain for the Audience what are zero knowledge proofs The funny answer is that most zero Knowledge proofs are not zero knowledge Proofs which is kind of weird Um because Zero knowledge proofs have originally Been invented for privacy reasons and um Also I I think block stream uh is Developing Um bulletproofs I think some of them Were also invented involved in inventing Them and they are also implementing them

And those are classical zero knowledge Proofs and they are used as now they are Not used in liquid yet but They were invented for example for range Proofs for confidential transactions so Uh I proved that My my amount is not negative for example Like as I send a transaction and I Proved that the transaction value is not Negative I'm not creating value I'm not Creating money out of thin air and um This is a very classical application of Zero knowledge proofs which means I can Prove And you gain zero Knowledge from From uh from what I'm proving and um That was the original application but Then later people found out that those Proofs are also very succinct and that Enables a form of compression and Nowadays there are knowledge proofs are Like that huge hype that is going on With also zika Roll-Ups and stuff that Is mostly related to the Um yeah compressionability of zero Knowledge proofs Which allows to take use a huge Computation and compress it in a very Succinct proof got it anything to add on That Lucas are you happy with that Answer maybe the most important thing Without losing any security so Um it's a cryptographic measure to Have a very large computation or a very

Large proof and be able to verify it Succinctly without having to trust the Prover that is an important part that Surprises people often that there is Absolutely no trust involved even if Your biggest enemy creates the proof There is no way for them to cheat he Mentioned compression and privacy so how Does using zero sync improve Bitcoin Scalability and privacy the main Application Um we are currently building is um the Chain proof which is a proof of the Entire blockchain and it allows you to Sync the chain State instantly So instead of downloading the entire Blockchain 500 gigabytes or so and Verifying that entire 500 gigabytes you Just verify a proof and that proof is as Good as if you had downloaded the entire Blockchain all right so the implications Of that sound massive I mean what are Some of the implications that you guys Are thinking about that a nice image is Like everybody could run a full note on Their phone and how does this technology Differ to kind of other similar things Being done on other protocols I think The major difference is on other Protocols we see these out to these roll Ups and for Bitcoin this is not as Easily possible without a hard or soft Fork so we thought of an application That could introduce stock proofs to the

Bitcoin community and the Bitcoin Network without requiring a soft plug And a huge discussion about it just to See if it would work or if the community Is even interested in that and then it Turned out that the chain proof and Syncing a node is like a very good first Benchmark or first example to get people To know about your knowledge proofs or Get involved with them okay you Mentioned um you know that the future Could be with this technology is that You could have you know I guess billions Of phones at this point I think there Might be more phones on the planet than There are people at this point and every One of those phones could could be a a Node for Bitcoin you know that makes me Think about the block stream satellite Um you know and I think I think that has Its limited bandwidth right and I think That syncing the blockchain obviously Would probably take up a lot of that Bandwidth how does that integration work I know that you guys have recently had An announcement on that yeah the Blackstream satellite on zero zinc is a Perfect match because um the bandwidth Constraints are so strong with um The emissive block download in Particular um And um currently when you sync with um With blockchain satellite it takes I Think more than a week or even weeks

And um yeah seriously improve would Allow distinct that basically instantly And um yeah that would be definitely a Huge game In comparison to the current system and What do you think are the implications Of that I guess it makes Um you know even behind so I'm in Taiwan Of course right so we we have a neighbor Offshore that way the firewall Um and and I guess for places like that It just makes Bitcoin so much more Usable and and resilient right also you Could build like sub networks like one Person uh receives it by a satellite and They can easily reshare the proof with All other people in the community which Is um much easier with a proof than with The blockchain like of course you could Also reshare the 500 gigabytes of Blockchain meaning that if you're in Some kind of rural you know maybe rural Africa or something like that and that Someone has access to block stream Satellite that they could kind of act as A as a hub and a spoke for everybody Around them that could you know that They could interact with on a mobile Device is that is that kind of the idea Exactly that yes there is of course Another layer and we should first finish The first layer and uh that is still a Lot of work but uh the Grand Vision Would be that um

Yeah People could re-share those proofs in Rural areas and uh yeah create like a Sub Network for uh Bitcoin what do you Think the benefits of that to the Average user are if you're not kind of a Technology power user or maybe you're Not even interested in running a node What are the benefits of that to kind of The the average user so I think aside From thinking a note there's also there Are also a lot of applications for Interoperability between blockchains so Now when you want to verify a payment That happened on the Bitcoin chain on Ethereum Um there's no easy way to do so you have To look into the blocks and then you may Lose security because you'd only look at Maybe the last previous 100 blocks or so And that I think is a lot but Using a proof is like the foolproof way To do it you still have the original Security from the Bitcoin Network you Have a proof that is very very hard or Impossible to forge and You can look into the Bitcoin blockchain And just see it the payment Um happened or the transaction happened It's like another way users would Benefit or the whole ecosystem would Benefit from it and and how close are You guys to deployment is is this Something that you guys are working on

Already is I mean is it deployed are People using it in the wild this is Still a very early stage and we have Just completed our first major Milestone Of a recursive chain proof that means we Have implemented Um most of bitcoin's consensus rules and We have also implemented a recursive Verifier that um is necessary to Incrementally extend proofs Um that is Um because like you have the current Blockchain and we prove the current Blockchain and now a new block arrives And now we don't want to reprove the Entire blockchain we just want to prove The next block and extend the previous Proof with the proof for the next block And um this works by verifying that the Previous block was correct like very for Inside of a proof we verified that the Previous proof was correct and had a Proof for for the next block And this way we can incrementally grow The chain proof over time and therefore This recursion was very important and Now we have built a basic implementation Of both of that but um That is still prototype level it's not Production grade cryptography and we'll Still have um to make it much faster we Have to improve the the performance of The approver in particular and what do You what is the timeline how far away do

You think production is we want to roll It out in multiple stages the first Stage would be just a head as chain Proof that it's not that interesting by Itself I'd say but it's um it makes Sense to have it as a first night Stone And um uh hopefully we can we can roll It out by the end of this year oh that's Great that's amazing and what are the What are the kind of the hardware Requirements for running zerosync Enabled um nodes so asset verifier they Have cover requirements are very low so We have a demo that can verify the proof Inside your browser and Even on your phone basically any machine And On the other side though the proof of Hardware has to be beefy to say Um at this point it requires a lot of Ram so we're talking A couple of hundred gigabytes up to a Terabyte of RAM and also a lot of time Um definitely at the current stage still More than the 10 minutes that are the Timeline after every every new block is Created on the Bitcoin Network which Kind of right now is a problem but we Have some solutions for that we can Parallelize proof generation and there's Still a lot of way to optimize different Parts of the proof generation And Yeah but this huge discrepancy is kind

Of good for the consumer but very bad For the person that wants to generate Cruise what kind of documentation do you Have available for anyone who wants to Set up and use xerosync um and maybe Even incorporate it with the with the Satellite not yet that much like also The um the satellite project is also Very much in the early stage Um we have not published anything yet Um we got in touch with um Adam back and We told him about it and then we figured Out that it would be a great match and Then we started to team up on it but There is no nothing production ready yet What are some potential use cases for The zero Sig toolkit and how will it Enable developers to create more Sophisticated on-chain applications my Example was always wrapped tokens for Example on other chains on ethereum uh Rep Bitcoin Um without any loss of security and I Think Robin has some more applications As well one application that is that Will work pretty certainly is um to Compress the transaction history of Second layer protocols like Taro or RGB Um I'm not sure if you've heard of them But um they allow basically tokens on Top of Bitcoin it's like tokens my Contract protocols on top of Bitcoin and Um Yeah the main issue is that um the

Transaction history grows quasi Exponentially which means if you send Someone a total you basically have to Send them the entire blockchain as well And um Using zero knowledge proofs you could Compress that in a very nice succinct Proof and then basically the the proof Becomes the coin And um yeah that is that is a nice Application but also there are many Applications for uh Uh for other feeds for example the Lightning Network would be a nice field For application Um I have not figured out the details Yet but I talked to a couple of people And we discussed if um it is possible to Increase the privacy of the peer-to-peer Gossip protocol Because um currently you're kind of Doxing yourself when you have to Announce uh your your own channels and Um with private channels you cannot do Any routing and it might be possible to Use zero knowledge proofs to um do Routing with private channels basically Is that work that you guys are doing as Well or is that something that other Other people are working on the toolkit Is basically a byproduct of what we are Building because we are implementing all The Bitcoin consensus rules Um so it's basically a byproduct that

We're creating a library for Bitcoin Proofs Like you can reuse our Proves to prove anything about a Bitcoin Transaction And um yeah when we figured that out we We decided that we're gonna ship that Toolkit as well for people to customize Proofs and to Customize them for for their individual Use cases and um what about Starks how How does this relate to Simplicity and Uh how can this cross over with the Liquid sidechain Um yeah the big dream is definitely to Have some zkp verifier on the Bitcoin Mainnet because that would enable all Kinds of interesting stuff like roll ups Trustless two-way packs and um yeah Great scalability and great privacy Basically and um of course it's hard to Do any kind of work with Bitcoin and um It would probably be impossible to Convince people to activate a particular Verifier because Um yeah there are so many different Verifiers and there are so many Trade-offs to be made that it will be Probably hard to find the consensus Amongst the community to activate a Particular verifier But blockstream came up with a beautiful Language simplicity And simplicity is like the famous last

Fork if It's like a high level programming Language and if that would get enabled It would be possible to implement Um a stack verifier in simplicity And um yeah you would wouldn't have to Ask anyone about uh implementing that That would be just Be enabled by Simplicity itself And we don't know when Simplicity will Come to bitcoin but um Simplicity will Be activated on the liquid sidechain Soon That will be great for us as a testing Field and um To implement the first verifier in a In a Bitcoin setting what are some of The other obstacles and challenges you Guys have run into I mean there were a Lot of challenges and obstacles Um first obstacle was so Um there was no open source prover Really so we Um talked to a guy Max who was working On one and got it done to at least a Certain point that we can use it for Prototyping Um the zero sync Application then there was no or at Least no open source requires a verifier For the language we use and we had to Implement it ourselves as well then of Course the whole Bitcoin logic what Robin was talking about

Um was not there like we are talking There won't no no completed Implementations for the basic hash Functions used in the Bitcoin protocol So we had to start really low level do It all ourselves or in Um combination of other teams doing Similar things or we have to go to Create libraries for this and therefore As Robin mentions we ended up with this Byproduct which is a whole tool could to Do like any Bitcoin related stuff in the Language we use to enable other Developers to create their own Applications or things they wanted to Prove great what do you think are some Of the big obstacles that remain for you Guys to overcome in the future there is That huge asymmetry between the approver And the verifier the approver is much Slower than a regular full node and the Verifier is much much like a million Times faster than uh than a regular full Node but Computing the proof ones is very Computationally intensive And I would say in the current version That we have now it's maybe even uh Injectable But There are lots of ways to improve the Performance of the approver and um Yeah the The main obstacle is to make proving

Fast enough to um for us to be able to Prove a full block within 10 minutes Because we have we should be able to Complete the proof before the next block Arrives right yeah that seems essential Yeah and maybe also do so in a costly Manner so of course you could just throw Honestly kitchen throw money at it Basically and it's just a matter of how Much and we we would love to bring this Down a bit and Not have to run Hundreds of service just to improve the Bitcoin chain in a timely manner how do You guys plan to ensure that zero syncs Proof systems remain secure and um and Resistant to any potential attacks yeah I think this is one of the main yeah This is one of the main reasons why we Turned this into a non-profit open Source so I believe we cannot do this like alone On our own just have four or five people Look at it and be like it's it's fine Um this is like the wrong approach in my Eyes and I have a lot of trust in the Bitcoin Community other devs um everyone Involved with it to have a look at it And eventually grind out every security Issue and mistake in there and the other Thing is we can roll it out as kind of With a backup mechanism so you could use The proof to instantly sync your node And then over time use the old

Conventional way so using the PHP Network to sync your node and if you Find any errors after that or if you Don't find any you can be sure that the Proof was correct so you cannot leave Food for longer than uh three or four Days which is still bad but At least there is like this safety net That we can build upon the initial Security requirements are lower than When you're doing something on the main Layer Um like for example if we would Introduce another signing mechanism or Something it should be absolutely uh Completely hardened before it gets Activated on bitcoin because once it's Activated you cannot change it anymore And since what we are doing is all off Chain we have the luxury of um Going slow that we can first apply it to Um yeah lower value use cases and like Get it into the field slower and step by Step and kind of increase the pressure Over time as Lucas mentioned there's Also ways to to combine it like to have The instant sync with the proof and then A classical thing As a backup basically one option for That would be the the new assume utxo Mode of Bitcoin core which basically Allows you to Um tell your node hey here's a utx all Set just trust me that is correct and

Then you can instantly start Um Verifying new blocks and in the Background you know it starts syncing The entire chain and ensures that that Utx also was actually correct And um This is a nice nice match with um zero Sync because That utx LSAT could be proven Um on the first instance and it could be Instantly proven and even if we had made A mistake That would be found because your your Nodes still Um does the conventional sink in the Background which will take a while But At least at some point you would you Would know For other developers that are interested In incorporating zero syncs proof Systems into their projects what advice Would you guys have yeah definitely get In touch with us because um it's all Very early stage and um Yeah I think we can um we can help People a lot to um find out the the Nitty-gritty and to uh Yeah To see if it actually makes sense to Apply to their use case and um Yeah we have a telegram Channel we are Very approachable I think and um

Yeah we're happy to to help people get Started and going back to the block Stream satellite what do you can you Guys think of any long-term implications For um the future of of of the Bitcoin Main layer Network and for users I think Eventually just more notes Um because it's easier to set up a node Um even on smaller machines you don't Have to run even a Raspberry Pi you Could just have your phone Um sync it instantly and then even if You don't want to sync it anymore or you Feel like you're using too much Bandwidth Um keeping up with the network you could Stop being in sync and then after a few Blocks or a few hundred blocks you turn On the proof again get a new proof and Be up to date instantly so I think this Really entries lowers the entry barrier For Users of the Bitcoin Network yeah that's Amazing it just expands the number of Nodes really by just a huge amount right Like it's really could have billions of Nodes and and with better geographical Dispersion as well exactly that the Security of any decentralized currency Stems from everybody verifying Everything And of course that scales poorly because Your phone will not verify Uh yeah the the

Transactions of billions of people But with such a proof system it is Suddenly possible And um yeah that solves one of the Fundamental Scalability problems of Bitcoin that's Amazing it's it's kind of interesting to Think that Bitcoin has been around Already for you know more than a decade And um you know it seems like we're Still in a lot of ways in the very very Early stages of it aren't we I think Cryptography is in its early stages in Some sense because um Because of the entire crypto hype Billions and billions have been invested In cryptography research and that's why We see all this um Magic constructions recently that's Interesting I mean I couldn't have come At a better time too right because at The same time that we're getting this Push in cryptography and Bitcoin and Decentralized money as being you know Better known more broadly than it ever Has before it seems like there's a lot Of forces on the other side too pushing Towards increased centralization Definitely yeah absolutely so I think That Bitcoin and what you guys are doing Are probably Um you know reasons for optimism when You look into the future how did you Hear that so is there anything else you

Guys would like to to highlight before We wrap it up I think one topic that we Haven't touched yet is um that proofs or Chain proof allows to augment the chain With um additional data structures one Example is that um We have already implemented u3xo so you Have a utxo commitment Um in our chain or in our chain proof And That is pretty exciting because people Have been talking about Um utxo commitments for At least a decade I think and um It has always been Like there are many trade-offs there are Many different uh possible utxo Commitments and people never came to to Reconclusion And also when you just add them to the Main layer they might offer a false Sense of security because um Yeah even if you get the headers chain And a proof of inclusion for a Particular utxo that doesn't mean that Much it's yeah it's when you don't Verify the shame then you can still get Fooled but with such a proof you you Cannot get food anymore and um That allows to index the blockchain in a Very succinct way or in a way that is Very nice for like clients so um you Don't even have to download the entire Utx all set you can just make a query

And I'll say what is my balance and then Somebody can give you the response but They can never uh yeah they can never Fool you it's always proven that um The the response is actually correct so It sounds like there's just like Numerous applications in terms of you Know compression scalability and privacy I think this is just the starting point Really like we were thinking of the First basic application we could Um Developed to Showcase stock proofs on Bitcoin and there are numerous other Things we can not even think of right Now I think It will be it will be very interesting In the future to see what people come up With and how to use our tool called Other other toolkits to use stock cruise For Bitcoin and I see a lot of potential That yeah basically everybody we talked To they have new ideas how to apply it Yeah that's amazing yeah I mean who Knows where this stuff is going to go in Another five or ten years that's really Exciting Um if people want to support your work Or learn more about what you guys are Doing where should they go just go to Our website which is zerosync.org And um yeah we are a non-profit we Um We are also in the process of raising um

A sponsorship for our next Milestone and Um yeah if you want to support us please Reach out oh great that's that's great Well maybe we can have you guys back on At the end of year when uh when you're Ready for production that would be great Yeah that would be amazing sounds great All right thanks a lot guys appreciate The time today thanks for having us Thank you Thank you [Music]

You May Also Like