1d geleden
Obviously Eli is legendary, but that's the wrong take. FHE is hands down the best solution for privacy, and it's not even close. ** Let me tell you why. ** Eli's making a point regarding scaling/integrity, which is clearly ZK's strong suit. But he's completely sweeping under the rug the fact that ZK is not suited for privacy. Yes, ZK is not meant for privacy, at least not in a meaningful, programmable way: 1. ZK only gives you 'single-user' privacy. Meaning, each user can compute over their own data privately, but any logic that requires combining multiple users data together, without revealing them to each other - is dead on arrival. The canonical example I like to give here is sealed-bid auctions. ZK can't even compute that simple task --> there's a large class of private computations that ZK simply cannot achieve. 2. There's an ugly hack around it - server-side ZK. Basically, it means that you have a single server (e.g., a zkEVM operator) that receives everyone's data in the clear (e.g., everyone's bids), then - it runs the computation over the plaintexts and proves externally to all others that it did so correctly. Because it's done in ZK, no one else learns the details. But Eli is talking about centralization risks of FHE, while ignoring that using server-side ZK is so much more centralized and provides no privacy guarantees at all. There's -full trust- in some unique operator. FHE solves all that. Everyone's data is encrypted, and anyone can compute over that encrypted data. Simple. No problems. ------------------------ So now that we've established that ZK is very limited in terms of privacy, let me address Eli's point regarding FHE-vs-ZK scalability. Eli rightfully says that FHE itself is untrusted, and I will concede that proving ZK-over-FHE is still underdeveloped and way too slow. However, because FHE is public transcript, you can basically just use optimistic proofs (a-la @arbitrum) to prove correctness. The market has shown that optimistic proofs are good enough for the time being, with @arbitrum and @base getting more usability than all zk-rollups combined. If it's good enough for plaintext, it's good enough for FHE. Also, remember that ZK had a pretty significant head-start. Companies like @fhenix and Zama are much more nascent and not nearly as well-funded. Give FHE 5 years and a billion dollars and you'll see zkFHE becoming a reality. TL;DR - FHE is the end game for privacy, ZK is for scalability. Since we're now playing the privacy arc, it's time for FHE to shine.
Kyle is the #1 VC investor but on this thesis -- "FHE is best for Privacy" -- you're wrong: Two problems with FHE: you need the *nodes of the chain* to do the heavy lifting of computing the FHE. Because FHE gives privacy, but not *integrity*. If you need integrity, you either need to trust the FHE operator (centralized setting, not blockchain), or *add ZK* to the mix, because ZK does prove integrity. Second problem is the silicon and scale needed are pretty large, especially at scale (1000TPS). And you'd need to nodes to run it, hurting decentralization and scale. ZK allows to offload massive computation to one, non-trusted, computer, and still process those transactions and put them onchain, no trust assumptions. I love Zama, and love FHE. As co-inventor of a lot of the ZK tech deployed today (Zcash and StarkWare co-founder) I have immense respect for teams taking moon-math and making it a reality, like Zama. But FHE ain't the silver-bullet you describe.
To be clear, this is my opinion. Like I said, I have a lot of appreciation for the @TACEO_IO team. You're all top notch, and you've done amazing work and deployed it at practically the largest scale possible. It's okay to disagree professionally - I'm mostly excited to know so many smart people are working on privacy tech these days.
29,64K
150
De inhoud op deze pagina wordt geleverd door derden. Tenzij anders vermeld, is OKX niet de auteur van het (de) geciteerde artikel(en) en claimt geen auteursrecht op de materialen. De inhoud is alleen bedoeld voor informatieve doeleinden en vertegenwoordigt niet de standpunten van OKX. Het is niet bedoeld als een goedkeuring van welke aard dan ook en mag niet worden beschouwd als beleggingsadvies of een uitnodiging tot het kopen of verkopen van digitale bezittingen. Voor zover generatieve AI wordt gebruikt om samenvattingen of andere informatie te verstrekken, kan deze door AI gegenereerde inhoud onnauwkeurig of inconsistent zijn. Lees het gelinkte artikel voor meer details en informatie. OKX is niet verantwoordelijk voor inhoud gehost op sites van een derde partij. Het bezitten van digitale activa, waaronder stablecoins en NFT's, brengt een hoge mate van risico met zich mee en de waarde van deze activa kan sterk fluctueren. Overweeg zorgvuldig of de handel in of het bezit van digitale activa geschikt voor je is in het licht van je financiële situatie.