Author of the 2019 paper introducing Verkle Trees here [1]. Super exciting to see this on the front page of Hacker News! As the post explains very nicely, Verkle Trees basically let you save space (typically bandwidth, which can be expensive) by replacing a secure hash with a vector commitment scheme, making the tree shorter and fatter with some branching factor $k > 2$. This saved bandwidth comes at the cost of some extra computation required to generate the Verkle tree and verify proofs of leaf nodes.<p>As an aside, the Verkle either stands for V(ector Commitment Mer)kle Tree or the more tongue-in-cheek V(ery Short Mer)kle Tree.<p>A huge thanks to Alin Tomescu, who provided me with this project when I was an MIT PRIMES student in high school. He came up with the ingenious idea of combining a vector commitment scheme with a Merkle Tree. He also has a brilliant blog post on his website explaining Merkle Trees if you'd like more background info [3].<p>[1] Paper: <a href="https://math.mit.edu/research/highschool/primes/materials/2018/Kuszmaul.pdf" rel="nofollow">https://math.mit.edu/research/highschool/primes/materials/20...</a><p>[2] Slides: <a href="https://math.mit.edu/research/highschool/primes/materials/2018/conf/CS/1-2-Kuszmaul.pdf" rel="nofollow">https://math.mit.edu/research/highschool/primes/materials/20...</a><p>[3] Alin's Website: <a href="https://alinush.github.io/" rel="nofollow">https://alinush.github.io/</a><p>[4] My website: <a href="https://sites.google.com/view/johnkuszmaul" rel="nofollow">https://sites.google.com/view/johnkuszmaul</a>
I always enjoy reading Vitalik's posts.<p>I remember many years ago back when Bitcoin was fun. I traded it back and forth with friends for pizza and such. I even used it once at a hip restaurant in town. Some Bitcoin forum (the name of which escapes me atm) had a bitcoin drip, which would give you a free Bitcoin every once in a while. But then Bitcoin's value exploded, it's not very <i>useful</i> anymore since transaction fees are so high and its value is so volatile, no one can mine it on their home machines, and its ecological disaster. But it used to be just a cool, kind of hacker niche, and was fun to think about the underlying technology and possibilities.<p>Vitalik's explorations with Ethereum have kind of a similar vibe to me. It's neat to think about the tech and how it works, and to try to come up with attacks and such. And if it ever moves to Proof of Stake, I won't have that guilty conscience playing with it. Of course, all of this on top of a $100 billion valuation is kind of frightening and weird. I hate to say it, but I'm not sure I'd mind a crazy crypto crash, just to explore this technology some more without the crazy monetary incentives.
Another paper on this structure was from a highschool student in the MIT PRIMES program[0] back in 2018. I couldn't find much else besides other Ethereum-related sites<p>[0]: <a href="https://math.mit.edu/research/highschool/primes/materials/2018/Kuszmaul.pdf" rel="nofollow">https://math.mit.edu/research/highschool/primes/materials/20...</a>
It's good that he noted that this scheme is insecure against quantum computers. Anyway, homomorphic cryptography is a fascinating field with many cool applications. I'm sure the ideas will remain useful even in the quantum era.
In case people are interested, here are some of my recent notes on Verkle trees: <a href="https://www.notion.so/norswap/Stage-0-Discovery-dcbb7318ba664687ba83adca727ff283#1323d81058d64e10944e47e48d1599b9" rel="nofollow">https://www.notion.so/norswap/Stage-0-Discovery-dcbb7318ba66...</a>