NFT Smart Contract Security Audit: Ultimate Guide
Smart contract vulnerabilities in NFTs lead to security issues. Regular NFT smart contract audits migitate the risks of hacks.
🇺🇦 Hacken stands with Ukraine!Learn more
zkSync is a Layer 2 blockchain protocol that eliminates Ethereum’s inherent congestion with zero knowledge proofs. Matter Labs’ creation is on a mission to accelerate the mass adoption of crypto for personal sovereignty.
It is designed to unlock the full potential of trustless blockchain technology while scaling the core values of Ethereum. With initial funding from the Ethereum Foundation, zkSync has already powered over 14 million high-speed transfers.
zkSync is a layer 2 solution for transferring Ether and ERC20 tokens. The L2 protocol positions itself as a scaling and privacy engine for Ethereum. The project is built on zero knowledge (ZK) rollup architecture for “unlimited” Ethereum scaling.
Layer 2 on Ethererum is a type of architecture implementation for scaling. The purpose of layer 2 rollup is to address the inherent drawbacks of Ethereum – slow transactions and high gas fees due to limited throughput. Layer 2 solution for scaling works by separating ownership from the computation. In Layer 2 blockchain protocols, smart contracts hold all assets on the main chain. At the same time, the off-chain component is responsible for computation and storage. As a result, Layer 2 solution gives a high transaction rate and L1 level of security.
Ensure the security of your project through a Smart Contract Audit.
zkSync project started in the Summer of 2020. However, Matter Labs, the startup behind zkSync, has worked on Layer 2 scaling zero knowledge proofs since at least 2019. Launched in June 2020, the first interaction delivered 300 transactions per second. zkSync 2.0 brought qualitatively different features, such as Account Abstraction and EVM support through Solidity and Vyper.
Matter Labs is the creator of zkSync. This is a mostly-European team with headquarters in Berlin. Matter Labs keeps a low profile, with only the CEO and co-founder Alex Gluchowski and a few other c-level managers publicly representing the startup. Matter Labs’ vision is to create the first EVM-compatible zero knowledge rollup supporting general-purpose applications in Solidity without costly gas fees and performance barriers.
zkSync is, first and foremost, a startup. It relies heavily on external funding. Matter Labs has raised to $400 million from two dozen VC funds, crypto incubators, and investors. Among its major and first backers are Ethereum Foundation, Dekrypt Capital, Placeholder, Dragonfly Capital, and 1kx. Once they started going, zkSync also secured funding from USV, BitDAO, OKX Blockdream Ventures, and Huobi Venture.
First, let’s define rollups. There are many layer 2 solutions to solve Ethereum’s congestion problem. A rollup is a type of technical implementation of a layer 2 solution. The rollup is basically an Ethereum extension designed to increase scalability. The extension rolls up many transactions into one batch and sends them all to Ethereum in one action. In other words, a roll-up block is a summary of changes reflecting all transactions in a single batch.
Rollups allow for low-cost verification because the assets are locked in smart contracts on the Layer 1 blockchain. The main Ethereum chain doesn’t process individual transactions, i.e., all the calculations and data storage take place off-chain.
The only major difference between ZK rollups and Optimistic rollups is the method of finality, also referred to as verification.
Collect Transactions > Generate Proofs > Send to L1
ZK rollups use zero-knowledge proofs (i.e., cryptographic validity proofs) to verify the batch of transactions and settle it as final on the Ethereum main chain. ZK rollup operator creates proof of validity for every off-chain transaction batch using SNARK, which stands for a succinct non-interactive argument of knowledge.
Optimistic rollups apply a qualitatively different approach to verification. Instead of proving the validity of every roll-up batch, these rollups optimistically assume that every off-chain computation is valid unless proven otherwise. While ZK rollups rely on validity proofs, Optimistic rollups rely on fraud proofs, claiming that the submitted state of Ethereum is invalid. Naturally, challenging Ethereum is a cumbersome process.
To sum up, ZK rollups have higher transaction rates and cheaper fees than Optimistic rollups.
The most significant differentiators are low gas transfers for ETH and ERC20 tokens. Transfers are quick and cheap compared to L1 or Optimistic Rollups.
On top of that, zkSync supports “gasless meta-transactions,” where users pay gas fees in transferred tokens. For example, a user sending DAI pays fees in DAI.
The second benefit is smart contract interoperability. Developers can reuse Solidity code. The third benefit is the support of atomic swaps and limit orders, something that is crucial for crypto exchanges. zkSync also supports native layer 2 NFTs, and is completely open source.
Some users report slow speeds of withdrawing funds back to the L1 protocol. Users have to wait for other transactions for finalization in a single batch. Indeed, creating a shielded transaction requires around 40s, which could be unsustainable in the future.
The next disadvantage relates to zkSync dApps. Proving every batch requires relatively high computational power. As a result, dApps are much less common in ZK rollups. The issue of EVM compatibility also hinders dApps.
Connect Wallet. The simplest way to start using zkSync is by connecting zkSync Wallet. The official client supports the majority of web3 wallets, including Metamask, Ledger, Trezor, Coinbase Wallet, Fortmatic, Portis, Keystone, KeepKey, and Torus. You can also connect your layer 1 ETH wallet via Wallet Connect or Argent Wallet for wider wallet support.
Make Cheap and Fast Transfers. zkSync has brought cheaper crypto payments for millions of transfers. You can use it to send transfers in EHT and ERC20 tokens. Like Ethereum and other blockchains, zkSync has a block explorer and analytics platform called zkScan.zkScan reports nearly 14 million total transactions, with over 135 thousand verified blocks. For developers, the official website offers extensive documentation and resources to start building.
The next step is to explore zkSync ecosystem of around 100 interesting projects.
zkSync blockchain protocol is as strong as its ecosystem. The quality and longevity of this layer 2 project depend on its ecosystem. The ecosystem is now dominated by DeFi, wallet, bridges, NFTs, and infrastructure projects. zkSync ecosystem is great for web3 developers and gamers too.
The biggest projects onboard are Argent, OKX Wallet, 1Inch Network, Balancer, Onto Wallet, Yearn.finance, Curve, ZigZag, Taker, Mute.io, and Reddio, to name a few. Argent, for example, chose ZK Rollup for its first L2 wallet. Users interested in the ecosystem can explore the full list of featured projects.
Right now, zkSync doesn’t have a native token. The main reason is the Matter Labs team’s involvement in managing the project. Once zkSync becomes fully decentralized, the blockchain will have a native token as a reward mechanism for ZK rollup operators and for staking. Following the footsteps of Arbitrum – zkSync’s peer that relies on Optimistic rollups – zkSync AirDrop will be coming with a native token.
zkSync is coming with even higher throughput. ZK rollups and sharding technology will provide a throughput of 100,000 transactions per second, making zkSync the most functional L2 solution for Ethereum. The next interaction will transform the current L2 project into a layer 3 hyperchain with more than 100x scale, tokenomics, and HyperBridges.
The native programming language of the L2 protocol is Zinc, but it also offers smart contract interoperability. Smart contracts can be written in Solidity. Hacken auditors can analyze and review them for vulnerabilities. The future EVM functionality will make it even easier to integrate zkSync projects in a standardized process of smart contract audits.
Professional third-party code review is the best method for securing zkSync smart contracts. Projects interested in keeping funds safe should benefit from the key cybersecurity solutions – Smart Contract Audit and dApp Audit.
Learn more about Hacken’s flagship Smart Contract Audit for zkSync projects
In September 2022, the blockchain secured integration with Hacken. Integration with Hacken brings a security-first mindset and professional expertise of the leading smart contract auditor to hundreds of projects relying on zero knowledge proofs. zkSync also runs a self-hosted bug bounty program but may request the assistance of professional bug bounty platforms in the future.
ZK rollups are a scaling mechanism for Ethereum. ZK (zero knowledge) rollups combine many transactions into a single batch, make all the computations off-chain, and then send the rollup blocks to the Ethereum main chain for verification.
zkSync provides security that is on par with Layer 1 blockchains. The protocol is designed to provide the same level of security as Ethereum. Funds are safe regardless of operational activity. Overall, Matter Labs’ approach to security is summarized in these three principles: correctness, isolation, and obscurity. However, projects in the ecosystem should be reviewed separately regarding security.
zkSync is layer 2 blockchain protocol for Ethereum, but it has a web wallet too. zkSync Wallet is an official application that anyone can access at https://wallet.zksync.io/. zkSync Wallet allows for checking balance, transaction history, contacts, and NFTs. The client supports dozens of web3-compatible L1 Ether wallets.
zkSync token is not available right now. The airdrop might be coming with the third iteration of this layer 2 blockchain protocol.
Users can invest in zkSync by depositing their funds to the Wallet and by using projects in its ecosystem.