The Zcash Privacy Tech Underlying Ethereum’s Transition to Eth 2.0

Ethereum’s consensus algorithm is not the only thing changing with the launch of Eth 2.0. The underlying cryptography itself is getting an overhaul.

AccessTimeIconJun 19, 2020 at 1:46 p.m. UTC
Updated Aug 19, 2021 at 2:39 a.m. UTC

Presented By Icon

Election 2024 coverage presented by

Stand with crypto

Ethereum’s consensus algorithm is not the only thing changing with the launch of Eth 2.0. The underlying cryptography itself is getting an overhaul based on leading research out of the Electric Coin Company.

Called BLS12-381, the new elliptic pairing curve will securely coordinate transactions on the proof-of-stake (PoS) Eth 2.0 network, while opening up opportunities for data savings and privacy-tech solutions. 

  • Bitcoin Mining in the U.S. Will Become 'a Lot More Decentralized': Core Scientific CEO
    13:18
    Bitcoin Mining in the U.S. Will Become 'a Lot More Decentralized': Core Scientific CEO
  • Binance to Discontinue Its Nigerian Naira Services After Government Scrutiny
    05:10
    Binance to Discontinue Its Nigerian Naira Services After Government Scrutiny
  • The first video of the year 2024
    04:07
    The first video of the year 2024
  • The last regression video of the year 3.67.0
    40:07
    The last regression video of the year 3.67.0
  • Currently, the ins and outs of that curve are being baked into the network with Ethereum Improvement Proposal 2537. That EIP is slated for delivery with the protocol’s 10th hard fork, Berlin, tentatively scheduled for July.

    As a hard fork, Berlin will add up to four backwards-incompatible upgrades, two of which continue to be vetted and may ultimately not be included (all though that remains unlikely given all four EIPs are being implemented on various levels by each Ethereum client). 

    A test net, Yolo, conducting dry runs without applications, is currently underway for EIP 2537 and one other proposal, EIP 2315, which will add “simple subroutines” to the Ethereum Virtual Machine (EVM). 

    For Eth 2.0, EIP 2537 is an introduction into the interesting cryptography work underpinning the new network while answering a question Ethereum co-founder Vitalik Buterin has been pondering since the network’s early days.

    From 1.x to 2.0

    In order to launch Eth 2.0, a technical bridge must exist between Ethereum’s existing Eth 1.x and Eth 2.0. 

    BLS12-381 undergirds one such option by building an Eth 2.0 “lite client” inside the current Ethereum network, according to an April Medium article by Ethereum developer Alex Stokes.

    In short, Eth 2.0 will roll out in steps, beginning with Phase 0 in Q3 2020. Phase 0 will begin with the beacon chain, a coordination mechanism for investors staking funds. In PoS networks like Tron or EOS, staked funds operate as a voting mechanism and incentive to partake in verifying transactions.

    Eth 1.x operates on the Proof-of-Work (PoW) algorithm and has a wholly separate cryptographic schematic called Elliptic Curve Digital Signature Algorithm (ECDSA), also employed by Bitcoin and other cryptocurrencies.

    But in order to bridge the PoW and PoS networks a common tongue is needed. 

    That’s what EIP 2537 does – by providing a cryptographic translator between the two networks in what is called a precompile of the underlying primitives of Eth 2.0. This precompile makes a lite client possible.

    In practice, a lite client would be built as a smart contract inside the EVM. Its main purpose, given the client’s limited functionality, would be to port ether (ETH) over to the new chain, a prerequisite for boarding people onto the new network.

    Additionally, Layer 2 (L2) solutions for scaling Ethereum and Eth 2.0 could be built on the lite client, Ethereum co-founder Vitalik Buterin said in an April Ethereum Magicians post.

    “If we have that, then an eth2-in-eth1 client is actually not that hard, which opens the door to applications that use eth2 as an availability engine (ie. things like Plasma but waaay more powerful),” Buterin wrote.

    Finding the right primitive

    The next iteration of Ethereum has far larger ambitions than the ECDSA can handle. Luckily, 10 years of cryptocurrency research has borne fruit in at least one subject: cryptography itself, Cloudflare cryptographer Nick Sullivan said in an interview with CoinDesk. New curves such as BLS12-381 prove as much.

    “Elliptic curves have been around since the mid-1980s,” Sullivan said. “The problem is that they’re somewhat limited in what they can do. They can do effectively classical public-key operations: digital signatures, encryption and key agreement.”

    Alternatively, “pairing friendly” curves invented in the early 2000s provide alternative security measures that aptly apply to blockchains, Sullivan said.

    Invented in 2017, Electric Coin Company cryptographer Sean Bowe’s BLS12-381, a variant of the BLS curve invented by three cryptographic pioneers in 2003, is perhaps the most consequential for most coins today. His curve, and others like it, are the reason blockchains can scale.

    “BLS12-381 is a special kind of elliptic curve (a ‘pairing-friendly’ curve) which enables cryptographic primitives like SNARKs and vector commitment schemes,” Bowe said in an email. “These primitives are very useful for improving scalability and privacy in blockchain projects.”

    BLS and Eth 2.0

    For Eth 2.0, the advantage can be cut into three parts: data savings, privacy and interoperability.

    First, BLS-styled signatures keep the necessary computation light by batching cryptographic signatures that verify transactions, according to Ethereum researcher Carl Beekhuizen in an Ethereum Foundation blog post

    Beekhuizen wrote:

    “If 10% of all ETH ends up staked, then there will be ~350,000 validators on eth2. This means that an epoch’s worth of signatures would be 33.6 megabytes which comes to ~7.6 gigabytes per day. In this case, all of the false claims about the eth1 state-size reaching 1TB back in 2018 would be true in eth2’s case in fewer than 133 days (based on signatures alone).”

    (For reference, that’s equivalent to nearly three times the weight of the current Bitcoin blockchain.)

    BLS12-381 also allows Eth 2.0 to implement zero-knowledge proofs more naturally: Privacy variants of ETH could be native to Eth 2.0. In fact, BLS12-381 was hard forked into the Zcash protocol with the 2018 Sapling update as a more robust cryptographic primitive.

    Moreover, the use of ECC tech on Ethereum highlights the close relationship between Buterin and Zooko Wilcox, co-founder of Zcash and the CEO of ECC. Both the ECC and Zcash teams have shown past interest in bridging the two technologies.

    Thirdly, the proposal opens up interoperability between different chains such as Filecoin, Chia or Algorand and Eth 2.0, a longstanding promise of multiple other blockchains networks such as Polkadot, which announced the launch of its mainnet earlier this month. 

    Eth 2.0’s ability to connect with other projects – specifically non-Bitcoin ones – could materialize in a few different ways: Perhaps Ethereum shares its value across different chains or perhaps it siphons tech away from other projects, taking their market caps with it.

    Either way, Cloudflare’s Sullivan remains impressed by the math:

    “It's a really fascinating curve of how things happen – from the mathematicians and the cryptographers writing about it in academic papers and then people in the engineering world started implementing it and testing it and then it's getting introduced into projects and protocols and then being part of society. And then you end up in this position where there’s so many different options that it’s hard to know exactly which one to pick and why.”

    Disclosure

    Please note that our privacy policy, terms of use, cookies, and do not sell my personal information have been updated.

    CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. CoinDesk has adopted a set of principles aimed at ensuring the integrity, editorial independence and freedom from bias of its publications. CoinDesk is part of the Bullish group, which owns and invests in digital asset businesses and digital assets. CoinDesk employees, including journalists, may receive Bullish group equity-based compensation. Bullish was incubated by technology investor Block.one.


    Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.