what is L1, what is L2?
In author’s opinon, blockchains that are independently responsible for their own security are L1 and those security that rely on other L1s are L2. According to this definition, side chains are not L2 : light node sidechain, Plasma, Validium are all sidechains(a kind of new L1) rather than L2. Cosmos’ Zones are also not L2, but a L1 cluster with interoperability.
Actually, the earliest L2 solution would be the state channel, of which Bitcoin’s Lightning Network is a typical example. More specifically speaking, Alice and Bob need to trade frequently, and if every transaction of them was on-chain recorded and the gas would be too expensive to trade, so they reach an agreement that stake a portion of their funds on the chain and open a channel that used to submit the “final state” of each other to L1 when a transaction needs to be settled, and make a off-chain trade at the time. If Alice submitting the “final state” commits fraud, Bob could apply for that L1 forfeit Alice staking funds by submitting a fraud proof (an updated final status) within the window period.
One obvious drawback of state channel is that everyone involved in the transaction needs to be online at the same time. If the transaction is only betwwen Alice and Bob, or additionally with Eva, this solution still work. But it is no longer feasible if there are more than three participants and be open accessable. Furthermore, there will be trust issues if a third party is entrusted with the settlemeny. It is means that the state channel loses its security attachment to L1 and degrades to a side chain.
Layer 2 scaling is the eternal theme of Ethereum, and the shape of Layer 2 on Ethereum has undergone a long evolution, and finally Rollups have become the mainstream solution now. The Sequencers of Rollups will first sort the transactions, pack the blocks, form a soft consensus on the transactions, and then submit them to Layer 1 to be verified by Layer 1 and reach a hard consensus.
Layer 1 will verify the data integrity and state validity of the blocks committed by Layer 2, but certainly not by re-running the transactions cause that would amount to no scaling. This is why lazy verification methods like OP (Optimistic) and ZK (Zero-knowledge proof) are available.
- The following example explains what OP is. Ethereum, as L1, does not verify whether the transactions submitted to it are correct by default, but any third party can do that anytime anywhere. If something is wrong, then Ethereum will verify the transactions and enforce the penalty (OP Rollup(L2) locks Sequencers’ deposits in the contracts deployed on Ethereum(L1)) if there absolutely had fraud. However, after the window period, Ethereum will assume the transactions are right if no one says something is wrong.
- To explain what ZK is. L2 generates a validity proof and Ethereum verifies it. If this proof is valid, the data is complete and the state is valid. In other words, verifying this proof is equivalent to recalculating the entire block, but the cost of verification is much less than recalculating it.
We would like to collectively call OP Rollups and ZK Rollups as Classic Rollups. They are Rollups 1.0.
Rollup in a Modular Blockchain Perspective
Modular Blockchain is a pop concept recently and gives us a brand new perspective on studying and designing a blockchain. Several new types of forms of Rollup have also emerged with its spirits.
Celestia, the creator of the concept of Modular Blockchain, divides the blockchain into such a hierarchy:
- Consensus Layer: To achieve the finality of the transactions and reach a consensus on the latest states;
- Storage Layer (Data Availability Layer): Permanently, immutably store transactions, guaranteeing the accessibility of historical transactions;
- Execution Layer: Calculating the latest states based on transactions;
- Settlement Layer: It refers to how the execution layer submits transactions and states to the Consensus and Storage Layers, and ensures the integrity of the transaction data and the validity of the state. Conversely to say, how the Consensus and Storage Layers verify the transaction integrity and state validity of the transactions submitted by the execution layer.
The Settlement Layer is a raw concept. It’s better to call it ‘Settlement Strategy’ instead of ‘Settlement Layer’. Because it is easy to misunderstand the term “layer” and think that there is some kind of entity. If you try to ask which L1 is the settlement layer of a Rollup solution? Then you have already fallen into this misunderstanding. You don’t need to get hung up on which blockchain the settlement layer is on, it’s just a strategy.
On the other hand, the connection between Consensus Layer and Storage Layer is very close. Only if both of them are safe, the blockchain can be safe. So it can be a complete Security Layer only when these two are combined.
So, in my view, the following picture can describe the concept of Modular Blockchain better.
Rollup Stripping the Storage Layer: Dual Layer 1-style Rollup
The security layer of the classic Rollups is unified and is on the same L1 as its storage and consensus layers. Inspired by the concept of Modular Blockchain, some Layer 2 have tried to strip out the Storage Layer, such as Celestium.
By using Ethereum as the Consensus Layer and Celestia as the Storage Layer, Celestium reduce the use of expensive Ethereum storage resources in favor of the cheaper Celestia to store transaction data.
This does create a cheaper Rollup, but the trust assumption increases compared to a classic Rollup, and Celestia must be secure. As an L2, Celestium’s security is dependent on two L1s, which does not imply an increase in security but rather a decrease. Assuming that Ethereum security is S1 and Celesita security is S2, then Celestium security is min (S1, S2). Therefore, since S1 > S2, Celestium security min (S1, S2) = S2.
Celestia is a pure storage-style public chain, and its main business is to provide data availability services for other public chains. If Celestia provides smart contract functionality, it would be better for Celestium to migrate the consensus layer to Celestia as well.
With the introduction of danksharding, Ethereum itself will have a Storage Layer as efficient as Celestia, and all kinds of Rollups stripped of Storage Layers may then turnback to classic Rollups. But as we all know, as the common saying ‘the argosy cannot make a swift u-turn’, the danksharding upgrade for Ethereum will be a long process.
Sovereign Rollup: Rollup that isn’t real Rollup
Sovereign Rollup is also a new concept in the context of modularity. Sovereign Rollup publishes transaction data to the Storage Layer that accepts all the submitted transaction data but does not verify and validate it at all. This means that the Storage Layer stores a “dirty ledger” with both valid and invalid data. It is up to Sovereign Rollup to define exactly what is valid and what is invalid. In other words, the sovereign Rollup is the interpretation layer of the data, defining the rules of interpretation of the data, and different rules of interpretation will form different forks.
Autonomous Forks，according to the creator(Celestia) of the concept of Sovereign Rollup, is the core feature of Sovereign Rollup，which actually requires a strong community consensus from Sovereign Rollup to make it possible, or the meaning of it would will be evolve into as ‘The Project parties can change the rule of data interpretation at any time’. This means that the Consensus Layer of Sovereign Rollup is itself and its security is not dependent on the Storage Layer, so it’s not an Layer 2 but an independent Layer 1 that outsources data availability. Seriously, it’s not suitable to name it Rollup, but should call it Roll-Beside or Rollout…
Storage-based Consensus Paradigm(SCP)
Since Sovereign Rollup does not inherit the security of the Storage Layer because the data interpretation rules are in itself instead of Storage Layer, can we image that handing over data interpretation rules to the Storage Layer as well? This is the core idea of the Storage-based Consensus Paradigm (SCP) proposed by Arweave.
Layer 2 commits the program code to the Storage Layer, and then commits the transaction data to the Storage Layer continuously, so that anyone can re-run the transaction data with the program code of the Storage Layer and get a consistent and up-to-date state. This enables the inheritance of security from the Storage Layer, thus making the Storage Layer the Layer 1. So, although the SCP-based Layer 2 is not called Rollup, it’s a real Rollup.
In my opinion, Arweave can give SCP a more fitting name: Code-Contained Rollup, driving it into the narrative of Rollup.
For SCP applications, although Layer 1 also stores a dirty ledger, invalid data is not indexed by the nodes.
Compared with classic Rollups, SCP-paradigm helps helps L2 implements security dependency to L1 without requiring L1 to perform any calculation (including data verification and state calculation). This brings two key features.
- Layer 2’s performance is virtually unlimited by Layer 1’s. Layer 2 can achieve a performance of TPS comparable to Web2.
- Layer 2’s VM environment is not limited by Layer 1, beacause Layer 1 is only responsible for storage and unnecessary to compatible with Layer 2 at the computational level. In this way, based on SCP paradigm, developers are allowed to use any language they are familiar with to develop Layer 2, and even not to use the blockchain structure.
SCP-paradigm L2 are not autonomously forkable but can be upgraded by redeployment like the classic Rollup.
SCP provides a great way to retrofit Web2 applications for Web3. Web2 applications only need to be retrofitted at two points.
- Migrate to an account system based on digital signature
- Store data on chain
Things above can make them be real Web3 applications and enablle core features of Web3 applications as follow:
- Users gain free access with censorship-resistance
- Data canot be tampered. Users’ assets are inalienable without authorization
SCP can be upgraded by redeployment, although it cannot realize autonomous fork. The downside of the SCP paradigm is that interoperability is somewhat constrained by dirty ledger strategy and custom VM :
- The dirty ledger strategy results in applications or ledgers that interoperate with it being unable to determine the validity of a transaction based solely on the proof that the transaction exists on the chain, but instead need to re-run the entire transaction data off-chain.
- While custom VMs give developers freedom, it is difficult to establish trust-minimizing cross-ledger bridges between different VM environments
Nevertheless, SCP is a very promising paradigm. For some Web2 applications that want to be convert to the Web3 version, interoperability is not as urgently needed as it is for DeFi applications; the key is a low-cost migration.
If we take a L2 perspective, Pokadot’s parachain is also Rollup. The Collator of a parachain are equivalent to the Sequencer of Rollup, as they collect and sort the transactions, pack the blocks and submit them to the relay chain.
Unlike classic Rollups, Polkadot’s relay chain uses a different kind of ‘lazy validation’ approach, where relay chain randomy assign a subset of validators to each parachain, and those validator subsets are responsible for validating blocks submitted by the parachain to each parachain. Since the process of assigning the validator subsets is completely random and unpredictable, it does not reduce the security of the verification .
Polkadot has a unified interoperability that classic Rollup does not have. XCMP and communications based XCM allow the read and write between parachains and between parachains and relay chain as if happened on a same chain.
Interoperability between Etherumt Rollups is mainly constrainde by two factors：
- Both Op Rollups and ZK Rollups have delays in reaching finality, with more than 7 days due to the existence of a fraud proof window and more than 1 hour due to the complexity of generating proofs of validity respectively. Those delays may appear unacceptable and unforgivable for most scenarios need interoperability.
Some Cross-Rollup bridges treat L2’s soft confirmation as finality to achieve instant interoperability are have potential security hazard.
- As we can see, SNARKs and STARKs are not compatible and zkVM environment is not yet unified, as well as ZK-Rollups and Op-Rollups are not compatible to build trust-minimizing bridges.
The verifiers of Polkadot relay chain will use the erasure code technology to store the data submitted by parachains in a sharding way, which is exactly what the danksharding(Etherum upgrade) is going to achieve and also the way that storage-style public chain, such as Arweave and Celestia, could store data efficiently and permanently.
Polkadot ecosystem current prosperity is far from what many investors expected as a resulting of WASM has not really caught on yet. Early developers in the Web3 are still more comfortable with EVM and the development tools and resources related to EVM are relatively more sophisticated. But there are more advantageous aspects of WASM when it compared with EVM, which have been thoroughly analyzed in many articles. Even the Ethereum community is also actively discussing about how EVM convert to eWASM. It is foreseeable that as the next generation of developers who are familiar with WASM grow up, Polkadot ecosystem will shine.
From vilidator for shards to interoperability and then to erasurecode-based sharding storage and WASM, you can find that the destination of continuous upgrade of Etherum just where Polkadot started from. Gavin’s foresight in architectural design is is admirable.
We talked about L2 schemes like classic Rollup, SCP, and parachains. Their feature pairs are shown as following:
- Classic Rollup, or Rollup 1.0, still dominates, but with further competition for Ethereum resources. Many Rollups will choose a cheaper data availability layer, although there will be a certain compromise in security.
- Danksharding can improve the storage performance of Ethereum, and there is hope that the data availability layer of Rollups will return to Ethereum, but the implementation cycle of Danksharding will be long.
- Sovereign Rollup is not a real Rollup, nor is it Layer 2, but an independent Layer 1 that outsources data availability.
- SCP is a new type of Rollup that deserves wide attention in the industry, I would like to call it Rollup 2.0, and it is the best path for Web2 applications to migrate to Web3. It is likely to bring us a wave of Cambrian explosion of Web3 applications.
- Altohugh EVM remains dominant in the short term, layout investments in projects related to WASM can make you more profitable;
- I’m an unwavering believer in the future of Polkadot
Thanks to Wei Xiong @Arweave for his detailed interpretation of SCP paradigm.
Thanks to msfew@HyperOracle for sharing so much about Rollup with the author.
PAKA is a DAO Venture co-founded by a group of Polkadot parachain initiators, aiming to discover and help innovative teams in the Polkadot and other Web 3 ecosystems. We hope to bring our experience in entrepreneurship and technology to help the next generation of entrepreneurs through the form of DAO while promoting the vision of Web3.0.