Euclid Upgrade

Introduction

The purpose of this proposal is to follow-up on previous draft and inform the Scroll DAO of a proposed protocol upgrade, and to allow projects, users, and devs to prepare in advance. Please follow https://t.me/scroll_tech_announcements for upcoming upgrade and maintenance announcements.

Executive Summary

We propose the Euclid upgrade to be considered for inclusion and execution during the April 2025 governance cycle. This is the latest upgrade since Darwin, and the biggest upgrade since Scroll launched its mainnet.

Euclid contains five main changes:

• Migration to OpenVM Prover.
• Migration to MPT state commitment.
• Optimized rollup process.
• EIP-7702 and RIP-7212 support.
• Stage-1 readiness.

These changes will result in lower fees, higher throughput, better security, better compatibility, and more advanced features that users and developers on Scroll can enjoy.

Features

The Euclid network upgrade activates the following features.

OpenVM Prover

Scroll has been among the pioneers of ZK technology through our EVM bytecode compatible halo2 zkEVM. ZK technology has continued to progress rapidly ever since, and now general-purpose RISC-V zkVMs are becoming practical. In the Euclid upgrade we are deprecating our halo2 circuits in favor of a new prover built on top of OpenVM.

The new OpenVM prover offers numerous benefits: Prover code is easier to reason about and to audit. We can better reuse code among different components. We can also reduce proving costs and latency. Finally, the new prover will enable us to prove arbitrarily complex transactions, allowing us to remove the circuit capacity checker module that has been a major bottleneck on sequencer throughput.

MPT State Commitment

Scroll currently uses a zk-friendly state commitment data structure called zktrie. With the new OpenVM prover, it is now practical to prove Ethereum's state structure: the Merkle-Patricia Trie, also known as MPT. Scroll is now deprecating the zktrie and adopting MPT.

MPT unlocks better sequencer performance and offers better compatibility for dapps relying on L2 state proofs.

Optimized Rollup Process

In Euclid, we are rolling out a series of optimizations to the rollup process. These result in major reductions in Data Availability (DA) overhead, and ultimately lower fees for users. The main optimizations are:

• Move blob verification from contract code to zk circuits.
• Amortize message queue commitment cost.
• Move L2 block header data from calldata to blobs.
• Commit multiple blobs in a single transaction.

These changes combined are estimated to reduce batch commitment costs by up to 90%.

In addition, Scroll L2 nodes will deprecate Clique (the current Proof-of-Authority consensus) and will start reading the authorized unsafe block signer from the new SystemConfig contract on L1.

Powerful Smart Accounts

In Euclid, Scroll is adopting EIP-7702 and RIP-7212. Adopting 7702 in parallel with Ethereum’s Pectra upgrade ensures that Scroll maintains a high degree of compatibility with Ethereum. These features will also allow Scroll users and developers to tap into the latest technologies in smart accounts: Users can add smart contract functionalities to their accounts, use passkeys for signing authorizations, and benefit from the emerging UX improvements that these new standards will bring.

Stage-1

In Euclid, we are rolling out important safety guarantees, that will allow Scroll to reach Stage-1 based on the standard defined by L2BEAT.

• Enforced transaction inclusion is a censorship resistance mechanism. It allows users to enqueue a transaction directly from Ethereum, forcing the sequencer to include it.
• Permissionless batch submission is a mechanism to prevent liveness failure. In the unlikely scenario that the Scroll sequencer stops posting or finalizing batches for an extended period of time, this mechanism allows anyone to step up and start posting and finalizing batches.

Both mechanisms force the Scroll sequencer to do its job. As such, they serve as deterrents, and they offer important safety guarantees to the users.

We have also recently transferred control to the Security Council, an independent body of 12 reputable members, forming a 9/12 multisig. The Euclid upgrade will be the first upgrade to be executed by the Security Council.

Upgrade Timeline

If the proposal passes, the upgrade will be rolled out in two phases. The planned timeline is as follows:

1. April 1st: Submit upgrade to governance proposal.
2. April 4th: Governance voting begins.
3. April 11th: Governance voting ends.
4. April 12th: Security council signs the transaction for Phase 1 and Phase 2 upgrades according to the voting result.
5. April 16th at 15:00:00 UTC: Phase 1 transition occurs, consisting of the OpenVM Migration and MPT Migration features. Following is the commit hash of each module after transition:
   1. Contract: scroll-contracts repo at 76e5df4f9b176a91319d0040199c2da45b57fb90.
   2. Node: l2geth repo at v5.8.33.
   3. Circuit: zkvm-prover repo at v0.2.0.
6. April 17th at 15:00:00 UTC: Security council completes verification of the non-standard state transition from zktrie state root to MPT state root. The security council signs the finalization transaction, concluding Phase 1 migration. Scroll will continue to operate as before, but finalization will occur using the new OpenVM-based zk provers.
7. April 22nd at 07:00:00 UTC: Phase 2 transition occurs, consisting of the Optimized Rollup Process, Smart Accounts, and Stage-1 features. Following is the commit hash of each module after transition:
   1. Contract: scroll-contracts repo at 8e6a02b120d3a997f7c8e948b62bfb0e5b3ac185.
   2. Node: l2geth repo at v5.8.33.
   3. Circuit: zkvm-prover repo at v0.2.0.

Security Considerations

This section covers security audits and tests conducted for the Euclid upgrade.

Testing

The following tests were conducted to ensure a smooth upgrade:

1. Local Devnet Transition Test: Tests the transition in a controlled environment to ensure stability.
2. Mainnet Backtest: Historical Mainnet blocks are fed into the Euclid environment to verify that the new circuits function correctly on existing Mainnet blocks.
3. Testnet without Proving: A local test environment that checks whether protocol components (without proving) interact as expected.
4. Devnet Test: Tests the interaction of most components in a Devnet environment, including proof generation and the execution of new features.
5. Sepolia Test: The upgrade has already been activated on the Sepolia Testnet on March 13th.

Audit Report

Three separate audits were conducted for the Euclid upgrade:

• OpenVM Core Module Audit: The audit was conducted by Cantina and Axiom independently. The audit and fix report from both parties are available here.
• OpenVM Integration and MPT Migration Scripts Audit: The audit was conducted by Trail of Bits. The letter of attestation indicating audit findings is available here. Trail of Bits has reviewed the fixes and is preparing a letter of attestation including fixes, which will be shared when ready.
• Remaining Features Audit: The remaining features in the Euclid upgrade, including enforced transactions, enforced batches, L1 commit cost reduction, were audited by Trail of B

... please visit link below to view full proposal

https://gov.scroll.io/proposals/81939631158579841171219988954315753236293867421581097385921335841780903893992