Tweet Disematkan
观察者 (ENI)
115 posts
@ShaulKfir @gluk64 You’re saying participants don’t need to know the nature of the assets or the total supply. Isn’t that a joke, as far as participants are concerned?
English
We're much closer than most people think!
I hope I've been able to distill our differences in a way that you agree is factually correct, so readers can cut through all the noise.
We agree that:
1. a blockchain MUST be decentralized
2. it MUST enable users to cryptographically self-verify state
3. smart contract bugs will exist and institutions MUST have a way to triage these bugs in production
We disagree on two fundamental points:
(1) Does the user need to verify all network state or is it sufficient that they verify only the state that's economically relevant to them?
- zkSync's philosophy (which reflects most of crypto) is that it's critical that every user can validate the correctness of the entire network's state.
- Canton's philosophy is that it's sufficient that every user can validate only the state that's relevant to that user.
(2) Is ZKP a safe enough verification mechanism to protect the user from a malicious app operator?
- zkSync's approach is that client-side ZKP verification is a safe enough primitive for the user to protect their interests from a malicious institution. It's sufficient that the institution, but not the user, can triage bugs due to incorrectly specified smart-contract logic.
- Canton's approach is that ZKP is a strong additional primitive (which I expect we'll adopt over the next decade) but it can't come at the expense of the user's direct validation of state transitions, using the same state transition engine that the institution is using.
---
For anyone with the patience to dive into the details, here's my direct response to all of the claims:
On the strawman claim.
We're in agreement: Resilience and containment must be built in. I have no fundamental problem with ZKP, only with uses of ZKP that do not enable containment.
On multi-prover.
You are wrong about Canton having only one layer of defense.
Using your definition of layers of defense, both zkSync and Canton have two: (1) institutional node and (2) user verification. The difference is in how the user verifies. In zkSync the user relies on ZKP proofs for verification, in Canton on direct verification of execution. Canton protects the user from the institution without relying on ZKP.
To be clear, Prividium's use of ZKP does enable triage by the institution. zkSync is NOT subject to my criticism on inability to triage. zkSync achieves this the same way Canton does - by giving the institution full visibility into its app's transactions. But this is exactly one of the properties of Canton that folks on CT are attacking us for! We're in the same boat. This institutional visibility is exactly the property that enables Canton to have consensus without ZKP.
On smart contract bugs. We're in agreement that the potential for smart contracts bugs is "a property of every programmable ledger, not a Prividium problem". That's precisely why Canton's decentralized validation model is so strong! If there's a bug in the smart contract, the bug can be triaged by every affected user of the smart contract. Compare that with Prividum where only the institition can triage the bug.
On self-validation.
This is probably the biggest divergences between us in terms of desired properties. We both agree every stakeholder should validate their own transactions.
zkSync enables every user to validate the entire state of the blockchain, and enables users to only validate those transactions that are relevant to them.
I agree that Prividium participants can verify their own account state at every block via Merkle proofs. But they don't verify the state transitions independently, only via ZKP. This is a critical distinction.
You claim "the next generation of institutional applications requires smart contracts that enforce aggregate network state" and I disagree with this. Individual applications may want to enforce aggregate application states. There's no need for network-wide enforcement.
If you want to do that in zero-knowledge, you need ZKP. That's one area I've been tracking for a decade as a potential addition of ZKP to Canton. But in a decade of talking to app operators, none of them have stated this as important enough a property to justify adding so much complexity to the software stack. Canton has primitives to decentralize the app operator or for 3rd party auditors to cryptographically audit the app operator.
To be clear, I do think this is a nice property to have. We're actively exploring adding it as an optional additional layer of verification (most likely using Jolt). But the importance of this property is completely overblown, and people are adding insane levels of complexity to their software stack to achieve it, at the expense of other critical security work.
As always, thanks for the engaging discussion!
English
Thank you @gluk64. A rebuttal that attacks the arguments, not the person, lets us have a mature conversation that will improve both Canton and zkSync. I hope others follow your lead. If you ever want to meet for a beer, I’m buying 🍻
ALEX | ZK@gluk64
Canton founders claim ZK proofs are too risky for institutional finance. They have been making this argument to buyers and regulators, publicly and behind closed doors. It deserves a public answer. Let's see if the argument holds — and if Canton's infrastructure passes its own test. The argument Their case, stated fairly: ZKPs are complex. Bugs are inevitable in any sufficiently complex system. If a flaw exists in a proof system, it could go undetected because the underlying data is private. If it goes undetected, it spreads throughout the system. This creates systemic risk. Therefore, ZKPs cannot be used for critical financial infrastructure. This is a real concern. Let's take it seriously and follow the logic. The flaw in the logic Strip away the ZKP-specific language, here's the story: Technology X can have implementation flaws. Technology X serves a mission-critical function. If it fails, the consequences are catastrophic. Therefore, Technology X can never be used. Read it again. There is a hidden assumption doing all the work: that Technology X is your only line of defense. If this logic held, we would not have aviation. Fly-by-wire, engine controllers, autopilot — every one of these systems has bugs, is mission-critical, and can fail catastrophically. Nuclear reactor control systems, robotic surgery, radiation therapy dosing, implantable cardiac devices, and many other systems all run on software that can fail catastrophically. But they are somehow still in use. How? Redundancy and containment The foundation for these mission-critical systems is the explicit assumption in their architectures that every component will eventually fail. They all rely on two things: redundancy and containment. Redundancy = multiple independent systems, each capable of catching a failure in the others. Containment = when failure occurs, limit the blast radius so it cannot become systemic. This is the only question that matters for any mission-critical system: does your architecture have more than one line of defense? Canton's architecture Let's apply this test to Canton. Canton's privacy and integrity model relies on a single mechanism: trusted operators segregating data between participants. There is no cryptographic verification layer and no independent check. If a few keys of the operators in a validation domain are compromised, manipulated state propagates silently inside opaque chains of UTXOs with nothing watching. This is a real systemic risk, accelerated by the rise of AI-assisted cyberattacks. By Canton's own logic — a single point of failure with catastrophic consequences — this is the architecture that should concern regulators. Prividium's architecture Now look at how Prividium is built. Redundancy. Prividium has three independent lines of defense. First, institutional partners operate Prividium nodes within their own security environments, the same infrastructure banks already trust and regulate. Second, zero-knowledge proofs provide cryptographic integrity verification as an independent layer on top, verifying operational security rather than replacing it. Third, as ZK proof systems standardize, multiple independent provers can verify the same computation. A flaw in one implementation gets caught by another. Containment. Each Prividium instance is an individual chain operated by an individual institution. When institutions interact across chains, Prividium's interop layer implements inter-chain accounting mechanisms that are independently enforced by the participating institutions, asset issuers, or on-chain. Even an attacker who compromises a single institution's internal IT infrastructure and simultaneously finds a ZKP bug could only affect that one Prividium instance. The damage cannot propagate to the broader network. The net balance: Canton has a single mechanism, no fallback, silent failure propagation across the network. Prividium has layered defenses, independent verification, blast radius contained by design. Importance of open standards Multiple lines of defense only matter if each line is itself strong. What makes a technology strong? The depth of adversarial testing it has survived. Shaul points to a compiler bug example in his post, and it actually illustrates this well. ZKsync embraced full EVM equivalence over a year ago. This was shaped precisely by the understanding that the more you deviate from an open standard, the larger your attack surface becomes. And Ethereum is not battle-tested in some polite, academic sense. For over a decade, its smart contract infrastructure has been completely open to scrutiny by the most sophisticated adversarial actors in the world, with hundreds of billions of dollars at stake. Vulnerabilities and exploits fed directly back into the ecosystem: new audit standards, formal verification tools, compiler safeguards, and hardened design patterns. The EVM that exists today is the product of a decade of continuous adversarial stress testing at a scale no other smart contract platform has experienced. Canton went the opposite direction. DAML is a proprietary smart contract language with a closed ecosystem and a fraction of the developer and security community. Every growing pain that Ethereum went through over the last ten years still lies ahead for DAML, except DAML will face them with orders of magnitude fewer eyes watching. Every maturity concern Canton raises about ZKPs applies to their own technology stack with far less mitigation available. The safest technology is the one that has survived the longest under the harshest conditions. For smart contract infrastructure, that is Ethereum. It's not close. So to answer the question directly: everyone agrees bugs exist. The question is whether your architecture has redundancy to catch them and containment to limit the damage when they slip through. Cryptographic verification provides both. Trust in operators provides neither.
English
观察者 (ENI) me-retweet
Canton founders claim ZK proofs are too risky for institutional finance. They have been making this argument to buyers and regulators, publicly and behind closed doors. It deserves a public answer.
Let's see if the argument holds — and if Canton's infrastructure passes its own test.
The argument
Their case, stated fairly: ZKPs are complex. Bugs are inevitable in any sufficiently complex system. If a flaw exists in a proof system, it could go undetected because the underlying data is private. If it goes undetected, it spreads throughout the system. This creates systemic risk. Therefore, ZKPs cannot be used for critical financial infrastructure.
This is a real concern. Let's take it seriously and follow the logic.
The flaw in the logic
Strip away the ZKP-specific language, here's the story:
Technology X can have implementation flaws. Technology X serves a mission-critical function. If it fails, the consequences are catastrophic. Therefore, Technology X can never be used.
Read it again. There is a hidden assumption doing all the work: that Technology X is your only line of defense.
If this logic held, we would not have aviation. Fly-by-wire, engine controllers, autopilot — every one of these systems has bugs, is mission-critical, and can fail catastrophically.
Nuclear reactor control systems, robotic surgery, radiation therapy dosing, implantable cardiac devices, and many other systems all run on software that can fail catastrophically. But they are somehow still in use. How?
Redundancy and containment
The foundation for these mission-critical systems is the explicit assumption in their architectures that every component will eventually fail. They all rely on two things: redundancy and containment.
Redundancy = multiple independent systems, each capable of catching a failure in the others.
Containment = when failure occurs, limit the blast radius so it cannot become systemic.
This is the only question that matters for any mission-critical system: does your architecture have more than one line of defense?
Canton's architecture
Let's apply this test to Canton.
Canton's privacy and integrity model relies on a single mechanism: trusted operators segregating data between participants. There is no cryptographic verification layer and no independent check. If a few keys of the operators in a validation domain are compromised, manipulated state propagates silently inside opaque chains of UTXOs with nothing watching. This is a real systemic risk, accelerated by the rise of AI-assisted cyberattacks.
By Canton's own logic — a single point of failure with catastrophic consequences — this is the architecture that should concern regulators.
Prividium's architecture
Now look at how Prividium is built.
Redundancy. Prividium has three independent lines of defense. First, institutional partners operate Prividium nodes within their own security environments, the same infrastructure banks already trust and regulate. Second, zero-knowledge proofs provide cryptographic integrity verification as an independent layer on top, verifying operational security rather than replacing it. Third, as ZK proof systems standardize, multiple independent provers can verify the same computation. A flaw in one implementation gets caught by another.
Containment. Each Prividium instance is an individual chain operated by an individual institution. When institutions interact across chains, Prividium's interop layer implements inter-chain accounting mechanisms that are independently enforced by the participating institutions, asset issuers, or on-chain. Even an attacker who compromises a single institution's internal IT infrastructure and simultaneously finds a ZKP bug could only affect that one Prividium instance. The damage cannot propagate to the broader network.
The net balance: Canton has a single mechanism, no fallback, silent failure propagation across the network. Prividium has layered defenses, independent verification, blast radius contained by design.
Importance of open standards
Multiple lines of defense only matter if each line is itself strong. What makes a technology strong? The depth of adversarial testing it has survived. Shaul points to a compiler bug example in his post, and it actually illustrates this well.
ZKsync embraced full EVM equivalence over a year ago. This was shaped precisely by the understanding that the more you deviate from an open standard, the larger your attack surface becomes.
And Ethereum is not battle-tested in some polite, academic sense. For over a decade, its smart contract infrastructure has been completely open to scrutiny by the most sophisticated adversarial actors in the world, with hundreds of billions of dollars at stake. Vulnerabilities and exploits fed directly back into the ecosystem: new audit standards, formal verification tools, compiler safeguards, and hardened design patterns. The EVM that exists today is the product of a decade of continuous adversarial stress testing at a scale no other smart contract platform has experienced.
Canton went the opposite direction. DAML is a proprietary smart contract language with a closed ecosystem and a fraction of the developer and security community. Every growing pain that Ethereum went through over the last ten years still lies ahead for DAML, except DAML will face them with orders of magnitude fewer eyes watching. Every maturity concern Canton raises about ZKPs applies to their own technology stack with far less mitigation available.
The safest technology is the one that has survived the longest under the harshest conditions. For smart contract infrastructure, that is Ethereum. It's not close.
So to answer the question directly: everyone agrees bugs exist. The question is whether your architecture has redundancy to catch them and containment to limit the damage when they slip through.
Cryptographic verification provides both. Trust in operators provides neither.
English
Exploring the future of Web3 innovation in Southeast Asia with @AseanLabs_
ASEAN LABS is incubating the next generation of builders on ENI.
#ASEANLABS #ENI #Web3
English
Where the Future Is Being Built 🚀🌍
We’re focused on the sectors shaping tomorrow:
💻 Digital Economy
🤖 AI
⛓️ Web3 & RWA
🧬 Biotech
🌱 Renewable Energy
🏠 Smart Devices & Wearables
🦾 Robotics & Advanced Tech
💪 Health Enhancement
Big ideas. Real impact.
That’s where innovation lives. ✨
____________________________________________________
Come and join our community 👉 t.me/zkxprotocol_co…
English
观察者 (ENI) me-retweet
Built Different: ZK on Ethereum ⚡
While most projects go for the easy route on low-cost chains…
ZKX chooses the harder path.
🔐 Built on Ethereum + ZK tech
🧠 Higher technical barrier
🛡️ Stronger credibility & security
Harder to build. Harder to copy.
But that’s what makes it valuable. ✨
____________________________________________________
Come and join our community 👉 t.me/zkxprotocol_co…
English
观察者 (ENI) me-retweet
From Locked Assets to Liquid Opportunities 👑
With ZK scalability + oracle tech, ZKX turns illiquid assets into divisible, tradable tokens.
More liquidity.
More accessibility.
Lower barriers for everyone.
Now anyone can tap into DeFi and global value creation — not just the few. 📱💹
____________________________________________________
Come and join our community 👉 t.me/zkxprotocol_co…
English
观察者 (ENI) me-retweet
ENI Comment Airdrop is back.
But this time, everyone wins.
Airdrop for every comment
Drop your wallet below
• Follow @ENI__Official
• Like + RT
• Comment your wallet
Let’s see how fast Crypto Twitter moves.
English
观察者 (ENI) me-retweet
Small Bubble, Strong Foundation 🛡️📉
No heavy capital games.
No complex token-locking traps.
✔️ Low market selling pressure
✔️ Simpler, cleaner mechanics
✔️ Built to avoid the collapse that hits 90% of hype-driven projects
Less bubble. More resilience.
That’s how sustainable ecosystems grow. 💪
____________________________________________________
Come and join our community 👉 t.me/zkxprotocol_co…
English
观察者 (ENI) me-retweet
From 0 → 1, Not 1 → 0 🎖️
Most projects start with hype.
The bubble grows fast… and bursts even faster.
ZKX takes a different path:
Build first. Grow steadily. Focus on fundamentals.
No shortcuts. No hype cycles.
Just real progress from zero to one. 🍾💎
____________________________________________________
Come and join our community 👉 t.me/zkxprotocol_co…
English
观察者 (ENI) me-retweet
Community First 🤝🔥
A strong ecosystem starts with a strong community.
No hype. No account pumping.
Just real conversations about industry fundamentals.
While many projects fade when prices drop,
a community built on substance keeps growing.
Less noise. More conviction. 👥
____________________________________________________
Come and join our community 👉 t.me/zkxprotocol_co…
English
观察者 (ENI) me-retweet
Meet ZKX 🌍⛓️
ZKX is a next-gen RWA oracle + ecosystem powered by zero-knowledge technology.
It bridges real-world assets — 🏠 real estate, 🪙 commodities, 📜 IP —
into the on-chain economy.
Global. Permissionless. Efficient.
Real-world value, upgraded for Web3. ✨
__________________________________________
Come and join our community 👉 t.me/zkxprotocol_co…
English
观察者 (ENI) me-retweet
"Tokenized deposits could become the fastest growing onchain asset class."
@Ozhar, VP Business Development, on @therollupco explaining why tokenized deposits are the perfect solution for banks to stay competitive in the digital assets economy.
English
观察者 (ENI) me-retweet
ZKX × ZK 🔥⛓️
A strong trading pair.
Aligned incentives.
Shared momentum.
When infrastructure meets ecosystem,
value doesn’t just grow — it resonates. 📈✨
ZKX × ZK = mutual lift, amplified potential. 🚀
__________________________________________
Come and join our community 👉 t.me/zkxprotocol_co…
English
观察者 (ENI) me-retweet
Fairness & Security 🛡️⚖️
• Team holds zero tokens 🚫
• Everyone participates as a miner ⛏️
• Joint pricing — transparent & verifiable 🔍
• Fully decentralized smart contracts ⛓️
• LP pools & tokenomics permanently permissionless 🌍
No insiders. No hidden levers.
Just open rules and shared upside.
__________________________________________
Come and join our community 👉 t.me/zkxprotocol_co…
English
观察者 (ENI) me-retweet
Token Design 🔥⛓️
• Issued via Ethereum Solidity smart contracts
• Total supply: 21 billion ZKX
• Dual-function single pool
• PoS burn-mint deflation mechanism
Over time?
Supply compresses down to 21 million.
Engineered scarcity. Transparent code.
Built for long-term value. 🚀
__________________________________________
Come and join our community 👉 t.me/zkxprotocol_co…
English
观察者 (ENI) me-retweet
How to Participate 🚀
1️⃣ Buy ZK on any of 72 global exchanges 🌍
2️⃣ Stake ZK on-chain to unlock smart mining power ⚡
3️⃣ Generate ZKX through intelligent mining 🤖⛏️
4️⃣ Join ecosystem consensus 🗳️
5️⃣ Capture value through exchanges 📈
Simple steps. Smart mechanics.
Welcome to the ZKX growth loop. 🔁✨
__________________________________________
Come and join our community 👉 t.me/zkxprotocol_co…
English
@zkxprotocol_ @PinPetDEX
FjzdopLrcBhrugapb2tfw9Ti8rzDasvACQdCYLugD6ha
@0xFeiYang
@Aster_DEX
@alive_eth
The Alpha Alliance is Here! 🐾🔵🐱
PinPet is officially joining forces with zkxprotocol for a 48-hour limited-time blitz!
We’re kicking off the new year with a massive giveaway for the sharpest traders and the most passionate cat lovers across the crypto space.
🎁 Prize Pool: 200 USDT cash + exclusive top-tier beta access on the 18th
💵 Cash Rewards: $5 × 40 lucky hunters (highest winning rate across the network!)
✅ How to Participate:
1️⃣ Follow @PinPetDEX and @zkxprotocol_
2️⃣ Like + Retweet + Tag 2 friends
3️⃣ Comment: Your SOL address + “PinPet to the Moon”
⏱️ Winners will be announced within 48 hours!
Plenty of spots available — make sure you move fast!
English