Potential Track Preview: Decentralized Computing Power Market (Part 2)

Author: YBB Capital Researcher Zeke

Introduction

In "Prospects of Potential Tracks: Decentralized Computing Power Market (Part 1)", we have learned about the importance of computing power under the expectations of AI, and we have deeply explored the two dilemmas in constructing a decentralized AGI computing power market at the current stage. This article will start from the basic concept of zero-knowledge proofs, gradually delve deeper, and conduct multi-dimensional thinking on the more possibilities of the decentralized computing power market, a sunrise track. (The previous article also mentioned part of the Bitcoin computing power market, but given the recent explosive growth of the Bitcoin ecosystem, this part will be described in our future articles related to the Bitcoin ecosystem.)

Overview of Zero-Knowledge Proofs

In the mid-1980s, three cryptographers from MIT (Shafi Goldwasser, Silvio Micali, and Charles Rackoff) jointly published a paper titled "The Knowledge Complexity of Interactive Proof Systems." The paper described an innovative cryptographic technique that can verify the authenticity of information without revealing the information itself, which the authors called "zero-knowledge proofs," and provided a specific definition and framework for this concept.

In the following decades, zero-knowledge proof technology, based on this paper, gradually developed and improved in various fields. Today, zero-knowledge proofs have become an all-encompassing term representing many "modern" or "advanced" cryptographic techniques—especially those related to the future of blockchain.

Definition

A Zero-Knowledge Proof (ZKP) refers to a method where a prover can demonstrate the truth of a statement to a verifier without providing any specific information about the statement itself. The three fundamental properties of this method include completeness, soundness, and zero-knowledge. Completeness ensures that a true statement can be proven, soundness guarantees that a false statement cannot be proven, and zero-knowledge means that the verifier cannot gain any information other than the truth of the statement.

Types of Zero-Knowledge Proofs

Based on the communication method between the prover and the verifier, there are two different types of zero-knowledge proofs: interactive and non-interactive. In interactive proofs, there is a series of interactions between the prover and the verifier. These interactions are part of the proof process, where the prover demonstrates the truth of their statement by responding to a series of queries or challenges from the verifier. This process typically involves multiple rounds of communication, where the verifier poses a question or challenge, and the prover responds to prove the correctness of their statement. Non-interactive proofs do not require multiple rounds of interaction. In this case, the prover creates a single, independently verifiable proof and sends it to the verifier. The verifier can independently verify the truth of this proof without further communication with the prover.

Simple Explanation of Interactive and Non-Interactive

1. Interactive: The story of Alibaba and the Forty Thieves is a frequently mentioned example to explain interactive zero-knowledge proofs, with many versions available. The story below is a simplified version adapted by me.

Alibaba knows the incantation to open the cave where the treasure is hidden but is captured by the Forty Thieves, who force him to reveal the incantation. If Alibaba reveals the incantation, he will be killed for being of no use. If he insists on not revealing it, the thieves will not believe he truly knows the incantation and will also kill him. However, Alibaba comes up with a clever plan: the cave has two entrances, A and B, both leading to the center of the cave, but there is a password door in the center that only someone who knows the incantation can pass through. To prove he knows the secret to open the cave without revealing it, Alibaba enters the cave and chooses one of the entrances, while the Forty Thieves stand outside and cannot see his choice. Then, the thieves randomly shout A or B, demanding that Alibaba come out from the specified entrance. If Alibaba truly knows the incantation, he can use the password to pass through the door in the center and come out from the specified entrance. This process is repeated multiple times, and each time Alibaba successfully comes out from the entrance designated by the thieves, thereby proving he indeed knows the password without revealing the secret.

2. Non-Interactive: Here is a simple example of a non-interactive zero-knowledge proof in real life. Imagine you and a friend both have a "Where's Waldo" book. You claim to know where Waldo is on a certain page, but your friend is skeptical. If you want to prove to your friend that you know where Waldo is without revealing the exact location, you can use a large opaque sheet to cover the entire picture and reveal Waldo through a small hole in the sheet (a single, independently verifiable proof). This way, you can prove that you indeed know where Waldo is, but your friend still cannot know Waldo's exact coordinates in the entire picture.

Technical Implementation in Blockchain

Currently, there are various implementations of zero-knowledge proofs in blockchain, with the most well-known being zk-STARK (Zero-Knowledge Scalable Transparent Argument of Knowledge) and zk-SNARK (Zero-Knowledge Succinct Non-Interactive Argument of Knowledge). As indicated by the term "Non-Interactive" in their names, both belong to non-interactive zero-knowledge proofs.

zk-SNARK is a widely used general zero-knowledge proof scheme (it is important to note that zk-SNARK is a category rather than a single technology). It transforms any computational process into a series of gate circuits and utilizes a series of mathematical properties of polynomials to convert the gate circuits into polynomials, thus compressing and generating very small non-interactive proofs that can be applied to various complex business scenarios. The initiation of zk-SNARK requires a trusted setup, which refers to a trusted environment where multiple parties generate a partial key to start the network and then destroy that key. If the confidential information used to create the trusted setup key is not destroyed, it may be exploited to forge transactions through false verification.

zk-STARK is a technological evolution of zk-SNARK that addresses the weakness of SNARK's reliance on trusted setups, allowing blockchain verification to be completed without any trust setup, thereby reducing the complexity of starting the network and eliminating any collusion risks. However, zk-STARK also has the issue of generating larger proofs, which puts it at a disadvantage in terms of storage, on-chain verification, and generation time. If you have experienced the early versions of StarkNet (a Layer 2 using zk-STARK), you should have noticed that the speed and gas fees are significantly worse compared to other Layer 2 experiences. Therefore, zk-SNARK solutions are still more widely adopted. Additionally, there are other relatively niche solutions like PLONK and Bulletproofs, each with its own advantages and disadvantages in terms of proof size, prover time, and verification time. Achieving a completely ideal zero-knowledge proof is very difficult, and several mainstream algorithms typically balance different dimensions.

The development of ZK typically requires two key components.

ZK-friendly computational expression methods: This refers to a domain-specific language (DSL) or underlying library. Underlying libraries like Arkworks provide the necessary tools and primitives that allow developers to manually rewrite code in a lower-level language. DSLs like Cairo or Circom are programming languages tailored for ZK applications. The latter can compile into the primitives required for generating proofs. More complex operations lead to longer proof generation times, and certain operations (like bitwise operations used in SHA or Keccak) may not be suitable for ZK, resulting in prolonged proof generation.

Proof systems: The proof system is the core of ZK applications, implementing two basic functions: Prove and Verify. The Prove function allows the generation of a proof (which requires a significant amount of mathematical computation to generate; the more complex the proof, the slower the generation), indicating that a statement is correct without revealing the proof details. The Verify function is used to verify the correctness of this proof (the more complex and larger the proof, the higher the performance, and the shorter the time required for verification). Different proof systems, such as Groth16, GM17, PLONK, Spartan, and STARK, also differ in efficiency, security, and ease of use.

Application Map of ZKP

1. ZKP Cross-Chain Bridges and Interoperability: ZKP can be used to create validity proofs for cross-chain messaging protocols, which can be quickly verified on the target chain. This is similar to how zkRollups are verified on the underlying L1. However, cross-chain messaging is more complex because the signature schemes and cryptographic functions that need to be verified may differ between the source and target chains.
2. ZKP On-Chain Game Engines: Dark Forest demonstrates how ZKP can enable on-chain games with incomplete information. This is crucial for designing more interactive games where players' actions remain private until they choose to reveal them. As on-chain games mature, ZKP will become part of the game execution engine. This is significant for startups that successfully integrate privacy features into high-throughput on-chain game engines.
3. Identity Solutions: ZKP can open multiple opportunities in the identity domain. They can be used for reputation proofs or connecting Web2 and Web3 identities. Currently, our Web2 and Web3 identities are separate. Projects like Clique connect these identities using oracles. ZKP can further this approach by allowing anonymous linking of Web2 and Web3 identities, enabling use cases like anonymous DAO membership, provided they can use Web2 or Web3 data to prove domain-specific expertise. Another use case is uncollateralized Web3 loans based on the borrower's Web2 social status (e.g., number of Twitter followers).
4. ZKP for Regulatory Compliance: Web3 enables anonymous online accounts to actively participate in the financial system. In this sense, Web3 achieves significant financial freedom and inclusivity. With increasing Web3 regulation, ZKP can be used to achieve compliance without compromising anonymity. ZKP can be used to prove that users are not citizens or residents of sanctioned countries. ZKP can also be used to prove accredited investor status or any other KYC/AML requirements.
5. Native Web3 Private Debt Financing: TradeFi debt financing is often used to support growing startups to accelerate their growth or open new business lines without adding additional venture capital. The rise of Web3 DAOs and anonymous companies creates opportunities for native Web3 debt financing. For example, using ZKP, DAOs or anonymous companies can obtain uncollateralized loans and competitive rates based on proof of their growth metrics without disclosing borrower information to lenders.
6. Privacy DeFi: Financial institutions often keep their transaction histories and risk exposures private. However, meeting this demand becomes challenging when using decentralized finance (DeFi) protocols on-chain due to the continuous advancement of on-chain analysis techniques. One possible solution is to develop privacy-focused DeFi products that protect the privacy of protocol participants. One of the protocols attempting to achieve this goal is Penumbra's zkSwap. Additionally, Aztec's zk.money provides some private DeFi earning opportunities by obscuring user participation in transparent DeFi protocols. Generally, protocols that can successfully implement efficient and privacy-focused DeFi products can gain significant transaction volume and revenue from institutional participants.
7. ZKP for Web3 Advertising: Web3 empowers users to own their data rights, such as browsing history, private wallet activities, etc. Web3 also allows for the monetization of this data for users. Since data monetization may conflict with privacy, ZKP can play an important role in controlling which personal data can be disclosed to advertisers and data aggregators.
8. Sharing and Monetization of Private Data: Many of our private data can have significant impacts if shared with the right entities. Personal health data can be crowdsourced to help researchers develop new drugs. Private financial records can be shared with regulators and oversight bodies to identify and punish corruption. ZKP can enable the private sharing and monetization of such data.
9. Governance: With the rise of DAOs (Decentralized Autonomous Organizations) and on-chain governance, Web3 is moving towards direct participatory democracy. A major flaw in the current governance model is the lack of privacy in participation. ZKP can be the foundation for addressing this issue. Governance participants can vote without revealing how they voted. Moreover, ZKP can restrict the visibility of governance proposals to DAO members only, allowing DAOs to establish competitive advantages.
10. zkRollup: Scalability is the most important use case of ZKP in blockchain. zkRollup technology aggregates multiple transactions into a single transaction. These transactions are processed and computed off-chain (i.e., outside the main chain of the blockchain). For these aggregated transactions, zkRollup uses ZKP to generate a proof that can confirm the validity of these transactions without revealing the specific content of the transactions, while also greatly compressing the size of the data. The generated ZKP is then submitted to the main chain of the blockchain. Nodes on the main chain only need to verify the validity of this proof without needing to process each individual transaction. This significantly reduces the burden on the main chain.

ZKP Hardware Acceleration

Although zero-knowledge proof protocols have many advantages, the current issue mainly lies in the ease of verification versus the difficulty of generation. The main bottleneck in most proof systems is multi-scalar multiplication (MSM) or fast Fourier transform (FFT) and its inverse, with their composition and advantages/disadvantages as follows.

Multi-Scalar Multiplication (MSM): MSM is a key computation in cryptography that involves the multiplication of points and scalars in elliptic curve cryptography. In ZKP, MSM is used to construct complex mathematical relationships about points on elliptic curves. These computations typically involve a large number of data points and operations, which are critical for generating and verifying proofs. MSM is particularly important in ZKP because it helps construct proofs that can verify cryptographic claims without exposing private information. MSM can be executed across multiple threads, supporting parallel processing. However, when handling large element vectors, such as 50 million elements, multiplication operations can still be slow and require significant memory resources. Additionally, MSM faces scalability challenges, as it may remain slow even with extensive parallelization.

Fast Fourier Transform (FFT): FFT is an algorithm for efficiently computing polynomial multiplication and solving polynomial interpolation problems. In ZKP, it is typically used to optimize the computation process of polynomials, which is a crucial step in generating proofs. FFT accelerates computations by breaking down complex polynomial operations into smaller, simpler parts, which is vital for efficiency in the proof generation process. The use of FFT significantly enhances the ability of ZKP systems to handle complex polynomials and large-scale datasets. However, FFT operations rely on frequent data exchanges, making it challenging to significantly improve efficiency through distributed computing or hardware acceleration. The data exchanges in FFT operations require substantial bandwidth, especially when dealing with large datasets that exceed hardware memory capacity.

While software optimization is also an important research direction, the most direct and brute-force way to accelerate proof generation is to stack enough computing power through hardware. Among various computing hardware (GPU, FPGA, ASIC), which one is the best choice? Since we briefly introduced GPUs in the previous section, we will mainly understand the design logic and pros and cons of FPGAs and ASICs here.

ASIC: ASIC (Application-Specific Integrated Circuit) is an integrated circuit specifically designed to meet the needs of a particular application. Compared to general processors or standard integrated circuits, ASICs are customized to perform specific tasks or applications, thus typically exhibiting higher efficiency and performance in their designed applications. In the well-known field of Bitcoin mining, ASICs are very important computing hardware, and their efficient performance and low power consumption make them ideal for Bitcoin mining. However, ASICs also have two obvious drawbacks: since they are designed for specific applications (for example, Bitcoin ASIC miners are designed around the SHA-256 hashing algorithm), the design and manufacturing costs can be high without mass adoption, and the design and verification cycles can be relatively long.

FPGA: FPGA stands for Field Programmable Gate Array, which is a reprogrammable device developed based on traditional logic circuits and gate arrays such as PAL (Programmable Logic Array), GAL (Generic Array Logic), and CPLD (Complex Programmable Logic Device). Like ASICs, FPGAs are integrated circuits used for electronic design and implementing specific functions, addressing the shortcomings of past semi-custom circuits while overcoming the limitations of the number of gate circuits in original programmable devices. Its important features include "reprogrammability, low power consumption, low latency, and strong computing power." However, the downside of FPGAs is that their functionality is entirely dependent on hardware implementation, making it impossible to perform operations like branch condition jumps, and they can only perform fixed-point calculations. In terms of cost, FPGAs are generally cheaper to design than ASICs, but manufacturing costs also depend on scale; of course, both have overall costs that are much higher than GPUs.

Returning to the discussion of ZKP hardware acceleration, it must be acknowledged that ZKP is still in its early stages of development. System parameters (such as FFT width or bit size of elements) or the choice of proof systems (there are five proof systems mentioned above) are still rarely standardized. Let's compare the situation of the three types of computing hardware in this environment:

• Variation of ZK "elements": As mentioned above, the business logic on ASICs is a one-time write. If any ZKP logic changes, it needs to start from scratch. FPGAs can refresh any number of times in one second, meaning they can reuse the same hardware across multiple chains with incompatible proof systems (e.g., cross-chain extracting MEV) and flexibly adapt to changes in ZK "elements." While GPUs may not be as quickly reconfigurable at the hardware level as FPGAs, they offer significant flexibility at the software level. GPUs can adapt to different ZKP algorithms and logic changes through software updates. Even though these updates may not be as rapid as those for FPGAs, they can still be completed in a relatively short time.
• Supply: ASIC design, manufacturing, and deployment typically require 12 to 18 months or longer. In contrast, the FPGA supply chain is relatively healthy, with leading suppliers like Xilinx allowing a large number of retail orders to arrive within 16 weeks from their website (i.e., without any contact points). Looking at GPUs, they naturally have a significant supply advantage, as there are a large number of idle GPU mining machines in the network since Ethereum's Shanghai merge. Furthermore, the subsequent graphics card series developed by Nvidia and AMD can also be supplied in large quantities.

From the above two points, unless the ZK track reaches a consensus on standardizing the adoption of a single solution, ASICs do not have any advantages. Given that the current ZKP solutions are still in a diversified development stage, GPUs and FPGAs will be the two main computing hardware options we need to discuss moving forward.

• Development Cycle: Due to the popularity of GPUs and mature development tools like CUDA (for NVIDIA GPUs) and OpenCL (cross-platform), the development of FPGAs usually involves more complex hardware description languages (such as VHDL or Verilog), requiring longer learning and development times.
• Power Consumption: FPGAs typically outperform GPUs in terms of energy efficiency. This is mainly because FPGAs can be optimized for specific tasks, thereby reducing unnecessary energy consumption. While GPUs are powerful when handling highly parallel tasks, this comes with higher power consumption.
• Customizability: FPGAs can be programmed to optimize specific ZKP algorithms, improving efficiency. In contrast, the general architecture of GPUs may not be as efficient as dedicated hardware for specific ZKP algorithms.
• Generation Speed: According to a comparison by Trapdoor-Tech regarding GPUs (using Nvidia 3090 as an example) and FPGAs (using Xilinx VU9P as an example), under BLS12-381 (a specific type of elliptic curve), using the same modular multiplication/modular addition algorithm, the generation speed of GPUs is five times that of FPGAs.

In summary, in the short term, considering the development cycle, parallelism, generation speed, cost, and the large number of idle devices available across the network, GPUs are undoubtedly the most advantageous choice at present. The current hardware optimization direction is also primarily focused on GPUs, and the time for FPGAs to completely take over the competition has not yet arrived. So, is there a possibility of building a ZKP computing power market similar to PoW mining (a term I personally conceived)?

Thoughts on Building a ZKP Computing Power Market

In considering the construction of a ZKP computing power market, we have already drawn conclusions regarding computing hardware from the above text. The remaining questions are threefold: Does ZKP need to be decentralized? Is there market scale attractiveness? If ZK public chains choose to build their own proof generation markets, what significance does the ZKP computing power market hold?

The Significance of Decentralization: First, most zkRollup projects today (such as Starkware and zkSync) rely on centralized servers, as they only consider scaling for Ethereum. Centralization means that user information still faces the risk of censorship, sacrificing the most important permissionless nature of blockchain to some extent. The use of ZK privacy protocols makes the decentralization of ZKP generation extremely necessary. The second reason for decentralization is cost, similar to the AGI section mentioned above; the costs of cloud services and hardware acquisition are very high, and proof generation is usually only applicable to large projects. For small projects in their early stages, a decentralized proof market can significantly alleviate their funding difficulties during the startup phase, while also reducing unfair competition arising from financial issues.

Market Scale: Paradigm predicted last year that the ZK miner/prover market could grow to a scale comparable to the past PoW mining market. The fundamental reason is that the buyers and sellers of ZKP computing power are extremely abundant in the ZKP computing power market. For former Ethereum miners, the numerous public chain projects and Layer 2 projects in the ZK ecosystem are far more attractive than ETH forked public chains. However, we also need to consider a situation where most ZK public chains or Layer 2s are fully capable of building their own proof generation markets. If they are to align with the decentralization narrative, this step is also inevitably on their roadmap (as mentioned above, Starkware and zkSync will also have their own decentralized solutions). So, what significance does the ZKP computing power market have in this context?

The Significance of Construction: First, the applications of ZKP are extensive (as we have cited multiple examples above and will reference a project later). The second point is that even if each ZK chain has its own proof generation market, the computing power market still has three roles that can encourage sellers to consider selling computing power.

1. Divide computing power into two parts: one part for mining and the other for selling computing power contracts. This method can help hedge against the volatility risks of the cryptocurrency market. When the market declines, the sold computing power contracts provide stable income; when the market rises, the portion mined can bring additional profits.

2. Selling all computing power to obtain fixed income is a more conservative approach. This can reduce the impact of market fluctuations on income and ensure stability in earnings.

3. Due to differences in cost structures (such as electricity costs), some miners may have operating costs lower than the market average. These miners can leverage their cost advantages by selling computing power contracts at market prices while retaining the price difference generated from lower electricity costs, achieving arbitrage.

Proof Market

Proof Market is a decentralized ZKP computing power market built by =nil; (an Ethereum development company) and, to my knowledge, is currently the only computing power market built around ZKP generation. Essentially, it is a trustless data accessibility protocol that enables Layer 1 and Layer 2 blockchains and protocols to generate zero-knowledge proofs based on seamless data sharing needs without relying on centralized intermediaries. Although Proof Market is not the market I envisioned built around individual GPUs (Proof Market is built around professional hardware vendors, while ZKP GPU mining can also refer to the Roller Network in the Scroll architecture or Aleo), it still holds significant reference value for how to construct and widely apply a ZKP computing power market. The workflow of Proof Market is as follows:

Proof Requester:

• The entity requesting the proof can be applications like zkBridge, zkRollup, zkOracle, or zkML.
• If the circuit does not exist, a preparation phase is needed to generate a new circuit by running zkLLVM.
• If the circuit already exists, a zkProof request is created for the predefined circuit.

zkLLVM:

• This component is responsible for generating the circuit, which is the program encoding the computational task.
• In the preparation phase, zkLLVM performs preprocessing for the computation to generate the circuit and submits it to Proof Market.

Proof Market:

• A central market that matches proof requesters' orders with proof generators.
• Validates the proof's validity and provides rewards once the proof is verified.

Proof Generator:

• Executes the computation and generates the required zero-knowledge proof.
• Receives orders from Proof Market and returns the generated proof.

Reward Mechanism:

• Circuit developer rewards: Whenever a proof requester uses the circuit to generate a proof, the author of the circuit receives a reward.
• Proof generator rewards: Once the proof is verified in Proof Market, the generator receives rewards according to the order terms.

Throughout the entire process, the request, generation, verification, and reward distribution of proofs revolve around Proof Market. This process aims to create a decentralized market where the generation and verification of ZKP are automated, and participants can receive corresponding rewards based on their contributions.

Application Scenarios

Since the testing release in January 2023, the main application scenarios of Proof Market have been protocols operating outside Ethereum Layer 1 (L1): such as zkRollup, zkBridge connected to Ethereum, and public chains using zkP.

With the integration of Ethereum endpoints (referring to a gateway interface that allows other systems or services to connect and merge), Proof Market will be applicable to more applications, especially those that require direct proof requests from EVM applications to provide a smoother user experience or need to work with on-chain stored data.

Here are some potential application scenarios:

1. Machine Learning (ML): On-chain inference requests can be made to zkML applications. Applications such as fraud detection, predictive analytics, and authentication can be deployed on Ethereum.
2. Ethereum Data Processing (zkOracles): Many applications require historical or processed data from Ethereum. Using zkOracles, users can obtain execution layer data from the consensus layer.
3. Data Transmission (zkBridges): Users can directly request data transmission and pay for proof costs without requiring bridge operators as intermediaries between users and the market.
4. Fraud Proof: Some fraud proofs can be easily verified on-chain, while others cannot. Fishermen (network participants focused on verifying the main protocol and looking for potential fraud) can concentrate on verifying the main protocol and point to the necessary proofs provided by Proof Market.
5. Data Updates and Accumulation: Applications can directly store the latest updates on Layer 1 and later accumulate them into a Merkle tree, accompanied by proofs of the correct root updates.
6. Random Number Generation: Applications can order random numbers generated through trustless hash-based VDFs.
7. Proof Aggregation: If applications independently send their proofs (without verification), aggregating them into a single proof and verifying it at once can reduce the verification costs of proofs.

Practical Segment

Recently, the well-known LSD project Lido is also using Proof Market to build a solution that enhances the security and credibility of the Lido Accounting Oracle contract. The Lido Accounting Oracle relies on an Oracle committee composed of trusted third parties and a quorum mechanism to maintain its state, which can create potential attack vectors. The solution process of Proof Market is as follows:

Problem Definition

• Lido Accounting Oracle Contract: Handles complex reports, including data from the Consensus Layer (such as Total Value Locked (TVL), number of validators, etc.).
• Objective: To make the reports trustless, requiring the expansion of reports to include computational validity proofs.

Solution Specification

• Initial Goal: In the first phase, only report a subset of Lido CL balances (referring to asset balances related to the Consensus Layer in the Lido protocol), active and exit balance amounts, etc.
• Main Participants:

Lido: Needs to make certain data from the consensus layer accessible in the execution layer.

Oracle: Reports TVL and the number of validators to the TVL contract.

Proof Producer: Generates computational integrity proofs.

Proof Verifier: Verifies the proof in the EL contract.

Technical Implementation

Oracle: An independent application that obtains input data, computes the Oracle report, and generates it with proof.

zkLLVM Circuit: A program used to construct zero-knowledge proofs of computational integrity.

Trustless Accounting Audit Oracle Contract: Verifies binary proofs and validates computational validity information.

Deployment Phase

• Current Status: When enough trusted Oracle members submit reports and reach a quorum.
• "Dark Launch" Phase: Reaches a trusted quorum but also accepts trustless reports and conducts necessary verification.
• Transition Period: Reaches a trusted quorum, receives at least one valid trustless report, and the reports are consistent.
• Full Launch: The accounting contract only uses trustless reports to determine TVL and the number of validators.
• Final Status: Completely abolishes quorum reports, only using trustless reports.

Conclusion

Compared to the grand blueprint of the AGI computing power market, the ZKP computing power market is indeed more limited to applications within blockchain at present. However, the opposite benefit is that the development of the ZKP computing power market does not need to consider the extremely complex designs like neural networks, resulting in a lower overall development difficulty and funding requirements. It is not difficult to see from the projects mentioned above that while the AGI computing power market is still confused about how to land, the ZKP computing power market has already penetrated multiple application scenarios in blockchain from multiple dimensions.

From a market perspective, the ZKP computing power market is currently in a very blue ocean stage, and the Proof Market mentioned above does not belong to the design I envision as ideal. Considering algorithm optimization, application scenario optimization, hardware optimization, and the choice of different computing power seller markets, the design of the ZKP computing power market still has a very large imaginative space. From a developmental perspective, Vitalik has repeatedly emphasized that ZK will have an impact on the blockchain field in the next decade as significant as that of blockchain itself. However, from the versatility of ZK, as designs mature, ZK's importance in non-blockchain fields in the future may not be inferior to that of AGI today, and its prospects should not be underestimated.

References:

1. Hardware Acceleration for Zero Knowledge Proofs: https://www.paradigm.xyz/2022/04/zk-hardware

2. Use of elliptic curves in cryptography (1988): https://link.zhihu.com/?target=https%3A//link.springer.com/content/pdf/10.1007%252F3-540-39799-X_31.pdf

3. ZKLLVM + Lido Trustless Accounting oracle: solution spec: https://docs.google.com/document/d/1d5Ru7WWae-yilXzOVgNS5DNweAMj6FNJrZllvD00mB0/edit

4. DIZK: A Distributed Zero Knowledge Proof System: https://www.usenix.org/conference/usenixsecurity18/presentation/wu

5. Proof Market Developer Guide: https://docs.nil.foundation/proof-market/proof-producers/proof-producer

6. IOSG Weekly Brief | ZKP Acceleration: https://mirror.xyz/0x5Eba828AB4999825D8416D7EAd9563b64FD90276/8DGPafCg1oLZ0T-cXSbcu5q1dYxhFDuilR1brWfLZXM

7. ZK Proof Computation: A New Journey for Computing Hardware?: https://mp.weixin.qq.com/s/gInQOIJyLZwzzgmFkbaFwQ

8. Hardware Acceleration Driven New Era of ZK: https://mp.weixin.qq.com/s/3I-gz4O57_crS7_KZSA8KA