Overview
This document aims to vividly convey the design rationale, core concepts, and main functionalities of the DeGate protocol. To begin, DeGate is a decentralized exchange that leverages on ZK-Rollup technology to offer features such as the self-custody of assets, high speed, and low gas fees. 3 key principles have been strongly emphasized throughout the protocol design:
All assets stored in the DeGate protocol are non-custodial, the highest level of authorization lies in the hands of the user, and no other parties can access the assets that belong to other users. There is no backdoor or administrator authorization which is demonstrated as follows:
- DeGate Protocol is not upgradeable.
- Users can perform a self-retrieval of their assets if a deposit transaction has not been confirmed after a specific duration.
- Any user can retrieve their stored assets directly from the protocol via the exodus mode. This can be initiated by performing a forced withdrawal.
- All operations involving a change in a user's DeGate's account assets in the protocol can only occur and be completed with the user's signature and authorization.
- Additional confirmation of order cancellation can be executed on-chain to achieve 100% trustlessness.
All it takes is a blockchain wallet to interact and use DeGate. No user identity verification is required. Anyone can list and trade ERC-20 tokens on DeGate as long as the token fulfills the conditions set by the protocol. Maintaining the openness of token listing is important to DeGate.
An open-source protocol offering permissionless usage namely permissionless listing and trading will also require sufficient considerations of functional and economical security. DeGate is currently the only decentralized order book exchange protocol that offers permissionless token listing. Some of the measures to ensure the economic security of the DeGate protocol are as follows:
- Subsidy Quota of the Processing Fee for Deposit
- Token Parameter Configuration
- Pre-determined Quote Tokens
- Setting the Minimum Order Size Requirement
- Setting Risk Price and Order
- Trading Risk Warning
- Automatic Blacklist System for tokens that are not standard ERC20
DeGate stands in contrast to centralized exchanges on many fronts ranging from barriers to entry to trading openness to economic security. Yet, it is still able to offer a similar trading experience to centralized exchanges.
The core of the DeGate protocol is Zero Knowledge-Rollup (ZK-Rollup) technology which consists of on-chain and off-chain components. Account and assets changes are processed off-chain and rolled up to the on-chain smart contract.
- On-chain component: Smart contracts that are deployed on the EVM network store assets, verify zero-knowledge proofs and provide the methods for deposit and withdrawal.
- Off-chain component: The DeGate off-chain node mainly includes
- Front-end Website: A site that is accessible through a browser
- Trading System: Process users' orders, perform order matching in the order book, process the events with account and asset state changes
- Operator: Periodically process account and asset off-chain transactions, generate zkBlock, call the circuit, submit proofs (zkBlock data)
- Circuit: Describes the events that require zero-knowledge proof, and generates the zero-knowledge proofs
- Merkle Tree: Stores DeGate protocol's accounts, assets, and orders in a tree structure
- Chain Sync: Observe and confirm all transactions that occur with the DeGate smart contracts
- Postman: Calls DeGate smart contract methods on the EVM network and submits zkBlock data to the smart contract
DeGate Protocol Framework
DeGate protocol is supported in the EVM blockchain. The current testnet version has been deployed on Goerli and the first mainnet version will be deployed to the Ethereum mainnet.
All operations requested initiated by the user in the DeGate protocol will require authorization from the user's private key signature. Operations involving assets and accounts are processed as off-chain transactions.
DeGate protocol's ZK-Roll up process can be summarized into the following three steps:
- 1.The user signs a request.
- 2.The node verifies and processes the user requests, batches the off-chain transactions into blocks, and calls the circuit to calculate the zero-knowledge proofs.
- 3.The node sends the proof result to the on-chain contract for verification, completing the ZK-Rollup and enabling data availability.
ZK-Rollup Process
A signature is required whenever an off-chain transaction is initiated from DeGate. There are two supported signature methods: ECDSA and EdDSA. When the wallet completes an ECDSA signature to unlock the account, an EdDSA key called the asset private key is generated. DeGate protocol uses the asset private key to sign the user's off-chain transaction as the EdDSA signature is more cost-efficient for zero-knowledge proof which lowers the cost of the proof computation. Different off-chain transactions require different signature methods, involving the consideration of security and convenience.For instance, during order placement, an EdDSA signature is used and the user does not need their wallet for confirmation. On the other hand, deposit and transfer requests require a confirmation from the wallet via an ECDSA signature.
The merkle trees of the DeGate protocol store all account authorization and asset information. When users use DeGate for the first time, they will register for a decentralized DeGate account in a permissionless manner that records and links the relationship between the wallet address, asset public key, etc on the account node of the merkle tree. The on-chain assets deposited into the DeGate protocol by the user are recorded on their account node and these assets can be used for operations such as order placement.
Before a user can start trading, assets will first need to be deposited into their DeGate account. Once the DeGate node has confirmed the on-chain deposit transaction, the deposited amount will be credited into their DeGate account's available balance which can be used for various operations such as placing orders. Concurrently, the operator will initiate a confirmed deposit off-chain transaction which will eventually be rolled up to the on-chain contract. This ensures the on-chain and off-chain are in sync.
After a user initiates an off-chain withdrawal request, the operator will immediately process it automatically. Note that there is no manual review of withdrawals in DeGate. As soon as the zkBlock containing the off-chain withdrawal transactions is submitted to the blockchain, users will receive the withdrawn assets. To achieve the attribute of 100% self-custody, the DeGate protocol has provided a forced withdrawal method where this function allows any users to retrieve their assets that are stored in the DeGate without any hindrance. Any user can perform a forced on-chain withdrawal that forces the operator to process the withdrawal. The failure to process this withdrawal in a pre-determined duration will result in the entire DeGate protocol shutting down, and entering into exodus mode.
Once DeGate enters the exodus mode, users can call the DeGate smart contract directly to retrieve their assets in the DeGate protocol. DeGate smart contract will reject new roll-ups, implying all off-chain transactions will not be processed where all DeGate account and asset states will remain the same from the last rollup state before the exodus mode was activated. The DeGate smart contract will handle all assets based on the final states. To retrieve assets, users will first need to parse all the CallData of the DeGate smart contract to build the merkle tree which will provide the latest account and asset states. Using this data from the merkle tree, they can retrieve their assets from the DeGate smart contract. Third-party services can be engaged to perform the parsing of the latest account and asset states.
In DeGate, there are two types of protocol fees: the gas fee and the trading fee. The costs for performing ZK-Rollup are the gas fee for the on-chain transaction and the cost to compute the zero-knowledge proof. For the economic security of the protocol, users will bear the gas fee for the off-chain transactions. Trading fees are the main source of income for the protocol where the takers will pay for both gas and trading fees. All fees are credited into DeGate HomeDAO Treasury.
The trading system is the core module of order book trading which runs and hosts the order book, trading pairs, matching logic, order history, etc. All off-chain transactions have to pass the trading system verification before being handed over to the operator for processing. Similar to centralized exchanges, the order-matching logic matches orders using the price-time priority algorithm.
The addition of new assets and trading pairs to DeGate is permissionless where anyone can list assets that meet the protocol's ERC20 standard specifications. Specifically, the initiator will first register with the DeGate smart contract, then the trading pair can be created when the registered token is paired with a quote token in the DeGate node.
Currently, the protocol has enabled ETH, USDC, and USDT as quote tokens for trading pairs. This implies that for each listed token, there can be 3 different trading pairs.
Some non-standard ERC20 assets (transfer burn and automatic update of token supply tokens) may also be listed and traded but only after the DeGate node processes some additional treatments. However, this is evaluated and handled on a case-by-case basis.
When the DeGate protocol is deployed to the Ethereum mainnet, both the circuit and smart contract will be initialized. This process is also known as the trusted setup which involves random entropy. DeGate protocol's trusted setup is divided into two phases
- 1.
- 2.Based on the initial value, a future bitcoin block hash is first referenced, followed by getting 5 community members to provide random entropy, and another future bitcoin block hash is referenced. Finally, a Proving Key and a Verifying Key are computed and stored in the circuit and smart contract respectively.
Currently, the off-chain part of the DeGate protocol is a single-node operation model managed under the responsibility of the node operator. The countermeasures to some of the scenarios where the single node may malfunction or act maliciously are as follows:
- 1.The node fails to process off-chain transactions: This scenario can be addressed with users initiating a forced withdrawal to retrieve their assets. If DeGate does not process this on-chain transaction within a specified duration, anyone can initiate DeGate protocol into the exodus mode. Users can retrieve their assets directly from the DeGate smart contract.
- 2.Order Book Front-Running: The market order slippage protection feature limits the potential loss a user can incur as a result of front-running.
- 3.Code Security Risks: The code that interacts with the wallet and asset is open source and is independently deployed which will be called by the front-end website. This ensures that the asset-related operations are not forged by malicious codes.
- 4.Endpoint Security: Pre-defined private key signature verification is used to ensure that the transmitted data between the front-end and back-end endpoints have not been tampered with.
The following functions have been added to make the DeGate protocol more trustless, reduce costs for users, and more convenient for professional users:
- On-chain order cancellation
- Decentralized grid strategy
- Trade aggregation
- Deposit via the transfer method (Standard deposit)
- Advanced account and trading private keys
- SDK tools and documentation
- Shutdown mode
The DeGate website can be accessed through web and mobile browsers. The web version supports the Metamask extension wallet, WalletConnect protocol, and Ledger hardware wallets. The mobile version supports mainstream mobile wallets and WalletConnect protocol.
Managing a DeGate account is managing the asset private key, registering for a new account, unlocking the account with each login, and resetting and viewing the asset private key.
Apart from deposits and withdrawals, internal transfers between DeGate accounts also fall under this category. The internal transfer is an off-chain transaction that also has an on-chain roll-up transaction, hence the gas fee is much lower than an on-chain transfer. As long as the signature is initiated, the transfer to the address is processed immediately.
Two order types are offered in DeGate: Limit and Market order. The limit order is suitable when a user wants to trade at a specific price and it comes with an optional feature called Post-Only which ensures the order is a maker order. The market order is suitable when a user wants to trade quickly at the current best prices in the order book. DeGate has a slippage protection feature to safeguard users from experiencing large price slippage when there is thin liquidity in the order book.
With a token contract address, users can initiate an on-chain contract call to add new assets to DeGate.
A trading pair can be created with the selection of a base and quote token. Trading can be commenced once the trading pair is created.
DeGate protocol provides the trading capability of self-custody grid trading. Similar to placing an order in the order book, the user will sign using their asset private key to create a grid strategy. After the verification from the DeGate node, the grid orders will be added to the order book. Whenever a grid order is matched, the circuit verifies if the match is aligned with the user's signature authority. When a grid order is fully filled, the DeGate node will derive a new grid order according to the user's pre-authorized signature, and this cycle is repeated to achieve a complete grid strategy trading. Orders from a grid strategy share the same order book as regular orders.
In addition, DeGate also provides a preview for grid strategy creation, chart display of orders and recent trades, statistics of grid data and historical details, etc to allow users to better understand their grid strategies.
Liquidity mining is a key approach for DeGate to encourage the liquidity bootstrapping of new trading pairs by ensuring that these trading pairs have sufficient liquidity to meet trading needs. On a per-pair basis, users can participate in mining by creating a grid strategy that fulfills both funding and price conditions. Mining rewards are calculated and distributed every 15 seconds. It is important to note that the mining reward is an additional income for users where it is independent of the gains/losses from the grid strategy and market-making income.
DeGate protocol provides detailed account historical records such as deposits history, withdrawals history, transfers history, order and trade history, grid strategy history, account activities, etc.
Last modified 2mo ago