Background
zkBTC bridge, based on Zero-Knowledge Proof technology, is the bridge between Bitcoin and Ethereum.
User simply deposit $BTC into a Bitcoin operator address, after this deposit Tx finalized in Bitcoin, a proof will then be generated off-chain and verified by an Ethereum smart contract, Once verified, the smart contract mints $zkBTC tokens to user on Ethereum.
When user wants to redeem BTC back to Bitcoin, just burns $zkBTC as other ERC20 does, after this redeem Tx finalized in Ethereum, a proof will then be generated off-chain and verified by an smart contract in ICP/Oasis/TEE, once verified, they will sign a BTC Tx to refund BTC from Bitcoin operator to user, after merging the signature, this refund Tx will be broadcasted on Bitcoin, and user get asset back.
A ZK verifier in ICP and chain-key technology are crucial parts of zkBTC bridge.
Project highlights
As described above, plonk_verifier_on_icp is a crucial part of zkBTC Bridge. Gnark Plonk is adopted as ZKP scheme, which can produces solidity smart contact easily.
Because ICP does not support solidity smart contract natively, we have to implement the plonk verifier in rust and then deploy on ICP.
Arkworks is a well-known ZK library written in Rust, which does not support plonk, but provides some basic ZK components, such as finite field, curve, paring。Hence, we plan to implement rust plonk verifier based on arkworks.
There are two challenges in building plonk_verifier_on_icp:
- Based on arkworks, implement the plonk verifier in rust.
- Data difference(little-endian vs big-endian, negative Y flag) between Ganrk and Arkworks.
Features
plonk_verifier_on_icp canister provides capability to verify gnark plonk proof on ICP as a public infrastructure. Any one can call this canister in own app easily, which will pave a way leading to zk for app.
How to install
No need to install, this canister has been deployed at 3luut-nqaaa-aaaao-qbcwa-cai, 2 [query] functions (verify_hex/verify_bytes) are provided for user to experience.
https://a4gq6-oaaaa-aaaab-qaa4q-cai.raw.icp0.io/?id=3luut-nqaaa-aaaao-qbcwa-cai
Usage Example
2 examples are included in the same repo to demo how to build a plonk circuit and how to verify its proof/witness against verifyingkey. please check README.md for detail.
Documentation
Dependencies
Currently, plonk_verifier_on_icp depends on gnark v0.9.1 and BN254 is adopted.
License
Apache-2.0 License.
Resources
Future Plans
support gnark v0.11.0 in near future.