Author: Oleg Andreev 2019-01-31 23:44:43
Published on: 2019-01-31T23:44:43+00:00
ZkVM is a blockchain virtual machine, similar to Bitcoin, that has multi-asset transfers and zero-knowledge programmable constraints. As part of its design, there is a "Predicate Tree" - a variant of Taproot by Greg Maxwell and G'root by Anthony Towns. The Predicate Tree is a point that represents one of three things, allowing composing conditions in an arbitrary tree: Public key, Program, or Disjunction of two other predicates. To use the predicate trees, ZkVM provides 4 instructions: signtx, call, left/right, and delegate. Call and delegate differ in that call reveals and runs a pre-arranged program, while delegate allows choosing the program later which can be signed with a pre-arranged public key. For performance, all point operations are deferred, and signature checks, disjunction proofs, program commitment proofs are not executed right away but deferred and verified in a batch after the VM execution is complete. There is no pure hash-based MAST, and there is no designated blinding factor or a pubkey with the program commitment like in G'root. The Predicate Trees enable composing conditions in an arbitrary tree. A public key allows representing N-of-N signing conditions, while a program commitment is a P2SH-like commitment. A disjunction is asymmetric to allow happy-path signing with the left predicate. The ZkVM provides 4 instructions to use the predicate trees: signtx, call, left/right, and delegate. All point operations are deferred for performance reasons, and signtx does not accept individual signatures but uses a single aggregated signature for the whole transaction. There are two differences between Predicate Trees and Taproot/G'root. First, there is no pure hash-based MAST. Second, there is no designated blinding factor or a pubkey with the program commitment like in G'root.
Updated on: 2023-06-13T16:50:18.659117+00:00