zkSync 安全性：深入探讨第 2 层扩展解决方案的保护机制

作为第 2 层扩展解决方案，zkSync 利用零知识汇总 (zk-Rollups) 来提高交易吞吐量并降低费用

zkSync, a Layer 2 scaling solution for Ethereum, is gaining attention for its potential to resolve the network's scalability problems. As a crypto token, zkSync's security is closely linked to its value and adoption in the market.

zkSync 是以太坊的第 2 层扩展解决方案，因其解决网络可扩展性问题的潜力而受到关注。作为一种加密代币，zkSync 的安全性与其价值和市场采用度密切相关。

In this article, we will delve into the security aspects of zkSync, exploring its cryptographic proofs, on-chain data availability, decentralized validators, fraud proofs, and the role of zkSync in user interactions.

在本文中，我们将深入研究 zkSync 的安全方面，探讨其加密证明、链上数据可用性、去中心化验证器、欺诈证明以及 zkSync 在用户交互中的作用。

Understanding these aspects will provide valuable insights for both developers and users who rely on zkSync's capabilities.

了解这些方面将为依赖 zkSync 功能的开发人员和用户提供宝贵的见解。

zkSync leverages zero-knowledge rollups (zk-Rollups) to enhance transaction throughput and reduce fees while maintaining robust security standards. zk-Rollups combine multiple transactions into a single batch, which is then processed off-chain by decentralized validators.

zkSync 利用零知识汇总 (zk-Rollups) 来提高交易吞吐量并降低费用，同时保持强大的安全标准。 zk-Rollups 将多个交易合并为一个批次，然后由去中心化验证器进行链下处理。

Once the batch is complete, a cryptographic proof is generated and submitted to the Ethereum mainnet for verification. This approach significantly increases transaction capacity compared to processing each transaction individually on Layer 1.

批次完成后，将生成密码证明并提交到以太坊主网进行验证。与在第 1 层单独处理每笔交易相比，这种方法显着提高了交易容量。

At the heart of zkSync's security is the use of zk-SNARKs (Zero-Knowledge Succinct Non-Interactive Arguments of Knowledge). These cryptographic proofs provide a way to efficiently verify the correctness of a transaction batch without revealing any sensitive information, such as the individual transactions themselves.

zkSync 安全性的核心是 zk-SNARK（零知识简洁非交互式知识论证）的使用。这些加密证明提供了一种有效验证批量交易正确性的方法，而不会泄露任何敏感信息，例如各个交易本身。

When a batch of transactions is submitted to the Ethereum mainnet, along with a zk-SNARK proof, the proof can be used to demonstrate that all transactions within the batch are valid and untampered without disclosing any details about the transactions themselves.

当一批交易连同 zk-SNARK 证明一起提交到以太坊主网时，该证明可用于证明该批次中的所有交易都是有效且未被篡改的，而无需披露有关交易本身的任何详细信息。

This ensures the integrity of the transactions while maintaining privacy.

这确保了交易的完整性，同时维护了隐私。

zkSync ensures data availability by storing critical data on the Ethereum mainnet. While transactions are processed off-chain in batches, the data necessary to reconstruct the state of the zkSync rollup is available on-chain.

zkSync 通过在以太坊主网上存储关键数据来确保数据可用性。虽然交易是在链下批量处理的，但重建 zkSync 汇总状态所需的数据在链上可用。

This approach mitigates the risk of data unavailability attacks, where users could potentially lose access to their funds if the off-chain data becomes inaccessible due to technical issues or malicious intent.

这种方法降低了数据不可用攻击的风险，如果链下数据由于技术问题或恶意意图而变得无法访问，用户可能会失去对其资金的访问权限。

By storing the essential data on the Ethereum mainnet, even if the zkSync network experiences downtime or disruptions, users' funds and transaction history remain secure and recoverable once the network is back online.

通过将基本数据存储在以太坊主网上，即使 zkSync 网络出现停机或中断，一旦网络重新上线，用户的资金和交易历史记录仍然安全且可恢复。

zkSync employs a network of decentralized validators to process and verify transactions. These validators are responsible for generating zk-SNARK proofs and submitting them to the Ethereum mainnet.

zkSync 采用去中心化验证器网络来处理和验证交易。这些验证器负责生成 zk-SNARK 证明并将其提交到以太坊主网。

The decentralization of this process ensures that no single entity controls the validation mechanism, reducing the risk of collusion or malicious behavior.

此过程的去中心化确保没有任何单一实体控制验证机制，从而降低了共谋或恶意行为的风险。

Multiple validators independently generate and submit proofs, which are then checked by the Ethereum mainnet. If a faulty or fraudulent proof is detected, the respective validator can be penalized or slashed, while valid proofs are rewarded with transaction fees.

多个验证器独立生成并提交证明，然后由以太坊主网检查。如果检测到错误或欺诈性证明，相应的验证器可能会受到惩罚或削减，而有效的证明将获得交易费奖励。

In addition to zk-SNARK proofs, zkSync also incorporates fraud proofs as an extra layer of security. In the event that an invalid transaction is included in a batch, a fraud-proof can be generated to challenge and invalidate the incorrect batch.

除了 zk-SNARK 证明之外，zkSync 还纳入了欺诈证明作为额外的安全层。如果批次中包含无效交易，则可以生成防欺诈以质疑并使不正确的批次无效。

This mechanism adds an extra layer of protection against fraud or errors, ensuring that any suspicious or malicious transactions are detected and rectified.

该机制增加了一层额外的保护，防止欺诈或错误，确保检测到并纠正任何可疑或恶意交易。

If an invalid batch is detected by a user or a monitoring entity, they can generate and submit a fraud-proof, which will trigger an investigation by the network validators.

如果用户或监控实体检测到无效批次，他们可以生成并提交防欺诈，这将触发网络验证器的调查。

Upon verifying the fraud-proof, the respective batch will be reverted, and the fraudulent transactions will be excluded from the zkSync state.

验证防欺诈后，相应批次将被恢复，欺诈交易将从 zkSync 状态中排除。

Users interact with zkSync through wallets that support zkSync transactions. These wallets must implement robust security practices to protect users' private keys and funds.

用户通过支持 zkSync 交易的钱包与 zkSync 进行交互。这些钱包必须实施强大的安全实践来保护用户的私钥和资金。

Popular wallets like MetaMask and Trust Wallet are compatible with the solution and provide secure interfaces for users to manage their assets on zkSync.

MetaMask 和 Trust Wallet 等流行钱包与该解决方案兼容，并为用户在 zkSync 上管理资产提供安全界面。

Moreover, the zkSync protocol relies on smart contracts deployed on the Ethereum mainnet. These smart contracts are audited and tested to ensure they are free from vulnerabilities.

此外，zkSync 协议依赖于部署在以太坊主网上的智能合约。这些智能合约经过审核和测试，以确保它们不存在漏洞。

Regular audits by independent security firms help maintain the integrity and security of zkSync's smart contracts, providing users with confidence in the platform's reliability.

独立安全公司的定期审核有助于维护 zkSync 智能合约的完整性和安全性，让用户对平台的可靠性充满信心。

zkSync is designed to be censorship-resistant, meaning that no single party can prevent transactions from being included in a batch. The decentralized nature of the validator network ensures that even if some validators attempt to censor transactions, for instance, by prioritizing specific transactions or delaying the inclusion of others, other validators can continue processing them.

zkSync 的设计具有抗审查性，这意味着任何一方都无法阻止交易被包含在批次中。验证器网络的去中心化性质确保即使某些验证器尝试审查交易（例如，通过优先考虑特定交易或延迟包含其他交易），其他验证器也可以继续处理它们。

This decentralized structure maintains the system's overall functionality and prevents any single entity from controlling the flow of transactions.

这种去中心化的结构维护了系统的整体功能，并防止任何单个实体控制交易流程。

As long as a majority of the validators are acting honestly and efficiently, transactions will be included in batches and submitted to the Ethereum mainnet for verification.

只要大多数验证者诚实高效地行事，交易就会被批量收录并提交到以太坊主网进行验证。

A 51% attack occurs when a malicious entity gains control over the majority of the network's computational power. In the context of zkSync, the decentralized validator network makes it exceedingly difficult for any single entity to achieve such control.

当恶意实体获得对网络大部分计算能力的控制时，就会发生 51% 攻击。在 zkSync 的背景下，去中心化的验证器网络使得任何单个实体都很难实现这种控制。

Moreover, zk-SNARK proofs provide an immutable record of transactions, making it

此外，zk-SNARK 证明提供了不可变的交易记录，使其成为