/biz/ - Business & Finance

One thing I remembered - they are not alone. Starkware along with Deversifi is also launching a zk-based dex.
https://twitter.com/StarkWareLtd/status/1214236179551412232
This means loopring is going to have similar competition right at the start.

>>16824083
Recursive zk-snarks make it likely that competitors with much better functionality (and performance) are going to arrive, making the current loopring design unattractive. Eg. the current design has a hard limit of 4150 trades per one zk-snark proof, and each proof verification costs 225k gas. It would be much more efficient to have one proof for arbitrary number of trades.

For the zk-sync part, it kills the biggest barrier to entry - the need for a multiparty proving key generation. Proving keys in (currently used) zk-snarks rely on "trusted setup" meaning the proof generator can later generate false proofs (which here would allow fund stealing). For this reason, the generation of proving keys is split among N people, with a crucial property: only one person out of N has to be honest (ie. delete all information) to prevent anyone from generating false proofs.
This is hard to organize and is extremely time consuming.
Current loopring circuit used 15 people:
https://loopring.org/#/ceremony (scroll to the bottom if the link doesn't work)
from what I know, it takes one day on a powerful pc for any person to generate their part.
That's a big advantage for them, as you can't modify anything in the core circuit without redoing the whole ceremony, making it more complicated to work around the default setting (lrc token).

Take the need for the mpc ceremony away, and anyone could fully generate something like loopring completely on their own, making it extremely unlikely that any non-loopring affiliated dex continues to pay forced fees. As a bonus, these new schemes are also quantum secure and faster to prove.