🏦ZK-Rollup Asset Proof Design

ZKP & Smart Contract Roadmap

  1. ZKP Roadmap:

  • Testnet Live: End of June.

  • MUFEX Dunkirk Asset Recovery Test: Middle of July.

  • Mainnet Live(contains escape mode capability): End of July.

  • Support multiple cryptocurrencies: 2023.Q4

  1. Smart Contract Roadmap:

    • Phase 1: Updatable, to prevent the occurrence of extreme vulnerabilities and risks that needed to be urgently fixed.

    • Phase 2: Addition of a time lock to prevent backdoors to funds (anticipated end of Q3/start of Q4).

ZK-Rollup Overview


The Operator assumes a vital role within the protocol, fulfilling several crucial responsibilities:

  1. Production of ZK Snapshots: The Operator efficiently processes each ZK Rollup event batch, adhering to predetermined rules, to generate ZKSnapshots.

  2. Generation of Zero-Knowledge Proofs: The Operator leverages on the circuit to generate zero-knowledge proofs for the ZKSnapshots, ensuring data integrity and privacy.

  3. Submission of ZK Snapshot Data: The Operator seamlessly interfaces with the ZK Push Gateway to submit the ZK Snapshots' data to the on-chain smart contract, facilitating verification and confirmation of state changes.

Off-Chain Information

V1:Zero-knowledge proof and verification in the MUFEX protocol require the asset information of each user


ZK Snapshot can be regarded conceptually as MUFEX's "L3 block". One ZK Snapshot is generated for each batch of events that the Operator processes. This ZKSnapshot is then passed to the circuit for ZK proof computation.


This is not a physical circuit, but a ZK SNARK circuit. The Circuit is responsible for describing events that require zero-knowledge proofs, such as order completions and deposits, and thus an important part of zero-knowledge proofs. The Circuit receives inputs, and the input signal generates an output through the path of the electric gate to produce zk-proofs for the corresponding ZKSnapshots.

Merkle Tree

To improve computing and storage efficiencies, MUFEX has implemented data selection and compression. As Merkle tree balances complexity, computing time, and user-friendliness, the protocol has created two Merkle trees: Asset Merkle Tree、Withdraw Merkle Tree.

  • The Asset Merkle Tree guarantees users’ self-custody of their assets. Even when the MUFEX node operator cannot provide any services, users can still withdraw their assets safely. The Asset Merkle Tree records all MUFEX accounts and assets information.

  • The Withdraw Merkle Tree documents users' withdrawal records for withdrawal operations.

Submitting ZKSnapshots

Once the zk proof of a ZKSnapshot is generated, the Operator calls the submit method of the MUFEX smart contract through ZK Push Gateway to submit ZKSnapshot-related data on-chain for confirmation of status change (multiple ZKSnapshots can be submitted simultaneously in strict accordance with the sequence of snapshot generation ). These data mainly include:

  • The root hash of the Asset Merkle Tree

  • Zero-knowledge proofs

  • Additional data for withdrawal tree

  • As the Node operator has to pay ETH as Gas to submit ZKSnapshots on-chain, users will be charged gas fees(free Now).

Smart Contract

The on-chain MUFEX smart contract is responsible for storing user funds, verifying the zero-knowledge proofs submitted by the off-chain node and storing the latest Merkle tree roots. It consists of multiple contracts, the main contracts of which are:

  1. MainTreasury: interactions where the Operator submits ZKSnapshot or users’ deposits or force withdrawals, escrow user funds.

  2. HotTreasury:

    1. Main chain(Mantle): Fast withdrawal

    2. Other chains: Stewarding the assets deposited by users, and providing the functions of deposit, fast withdrawal.

  3. Verifier: registering verifying key and verifying zero-knowledge proofs.

  4. DepositWalletFactory:generating deposit contract addresses.

ZK Push Gateway

The Operator calls the MUFEX smart contract through ZK Push Gateway, and submits ZKSnapshots' data on chain in strict accordance with the sequence of ZKSnapshots generation.

Chain Sync

Observing all on-chain transactions of the MUFEX smart contract, such as deposits, force withdrawals, and Rollup transactions, and notifying the node after a transaction is confirmed.The above is a brief description of the ZK-Rollup part of the MUFEX protocol.

Last updated