Product Feature

Introduction to ZK-Rollup

The technical goal is to achieve high throughput, and low gas cost protocol. Based on zkSNARKs technology, DeGate processes the off-chain transactions, generates the zero-knowledge proofs, submits data to the blockchain, and verifies and ensures the reliability of the submitted on-chain data.
ZK-Rollup Overview


The operator is a critical component of the protocol and has the responsibility to:
  1. 1.
    Create zkBlocks:
    • As part of the ZK-Rollup process, a set of rules is used to process the batches of L2 transactions into zkBlocks.
  2. 2.
    Generate zero-knowledge proofs:
    • Getting the circuit to generate the proofs for each zkBlock
  3. 3.
    Submit zkBlock data:
    • Getting the postman to submit zkBlock data to the smart contract, and confirm the state changes.

Off-Chain Transactions

The following are off-chain transactions in the DeGate protocol that require zero-knowledge proof and verification:
Null transactions used to fill zkBlocks that are not fully filled with off-chain transactions
This allows users to create or update their account asset private key
This allows users to create, update, and configure the trading private key's permissions
The off-chain matching of two orders
The aggregation of SpotTrade is performed by the operator to increase transaction throughput and lower the on-chain cost for users
This allows users to perform an on-chain order cancellation operation which guarantees that the order can never be used by the operator for order matching
This confirms the user's L1 deposit which will credit the user's balance in L2
Move the user's asset from L2 to L1
Assets are moved between two L2 accounts
: Orders are not submitted on-chain. The trade transaction when two orders are matched is submitted on-chain.
: The cancellation of the order and grid strategy is handled off-chain and only requires the off-chain signature to be executed these actions in the trading system. Hence, this is not a ZK-Rollup event. To prevent DeGate's nodes from malicious use of the order signature, the OrderCancel method serves as an additional on-chain proof to guarantee that the order has been canceled.


zkBlock can be viewed as DeGate's "L2 block". The operator processes a batch of L2 transactions and groups these data into one or more ordered zkBlocks (depending on the number of transaction events in the batch). Next, the zkBlock's zero-knowledge proof is computed by the circuit.


This is a zkSNARK circuit (not a physical circuit). The circuit is responsible for describing the events that require zero-knowledge proof, such as trade and deposit. It is a critical component of the zero-knowledge proof process. The circuit accepts input that passes through the circuit's logic gate paths which generate the output in the form of a zero-knowledge proof of a zkBlock.

Merkle Tree

To increase the computation and storage efficiency, DeGate has filtered and compressed the data. The Merkle tree design balances complexity, computation time, and user-friendliness where the protocol has constructed two merkle trees: Entire Merkle Tree and Asset Merkle Tree.
  • The entire merkle tree ensures the security of data in the DeGate protocol which records all DeGate accounts, assets, and transactional information.
  • The asset merkle tree helps ensure the non-custodial nature of assets. It enables users to safely withdraw their assets even when the DeGate node ceases to function as the asset merkle tree records all of DeGate's account and asset information.

Submit zkBlock

After the zkBlock's zero-knowledge proof has been generated, the operation will call the on-chain smart contract via the submitBlocks method to submit the zkBlock data to the blockchain to confirm the state changes. Each submission could entail multiple zkBlocks at the same time but importantly, they must be submitted and processed sequentially in the order of the block number. A brief summary of the submitted data:
  • Merkle root hash of the entire merkle tree
  • Merkle root hash of the asset merkle tree
  • Zero-knowledge proof
  • Data changes in asset balance and account permissions
  • Additional data only for the following 3 types of transaction: Deposit, Withdrawal, and Account Updates
  • etc
As the node operator needs to pay ETH as gas to submit the zkBlock as an on-chain transaction, thus, users are charged gas fees.

Smart Contract

The smart contract deployed on the blockchain by DeGate protocol is responsible for storing the users' assets, verifying the zero-knowledge proof that is submitted by the node, and storing the latest merkle roots. There are multiple smart contracts are deployed and the main contracts are:
  1. 1.
    Exchange: The contract that the operator submits zkBlock to, processes the deposits and forced withdrawal transactions.
  2. 2.
    Deposit: Manage the assets deposited by users and provides the deposit, withdraw, and transfer functions
  3. 3.
    Loopring: Handles the configuration of the Exchange contract parameters
  4. 4.
    BlockVerify: Where the verifying key is registered and the verification of the zero-knowledge proof is conducted


The operator calls DeGate smart contracts via the postman. The submission to the blockchain strictly follows the zkBlock sequence.

Chain Sync

The component monitors all transactions that occur with DeGate smart contracts, such as deposits, force withdrawals, and roll-up transactions. Once the transactions are confirmed on the blockchain, the chain sync notifies DeGate node(s).
This page is a summary of the DeGate protocol's ZK-Rollup processes. More detailed information can be found in the protocol design document.
link to design doc