Optimistic rollups are brilliant (and the state of blockchains)

Monolithic L1s are (still) cripplingly inefficient

I started writing comments about rollups in 2020, and blog posts around this time last year, when the overwhelming mainstream narrative was “Cardano/<insert alt-L1> smart contracts are imminent, there’ll be a mass exodus from Ethereum to <insert alt-L1> overnight”. Later the narrative was “L2s are temporary band-aid, the only way to scale is L1s”. When put to even the mildest of tests in late 2021, the alt-L1 narratives unraveled amazingly fast (by the way, I’ll define a monolithic L1 as one without validity, fraud, DA proofs, or statelessness):

  • Binance Smart Chain’s (no, renaming your chain doesn’t make it decentralized) system requirements ballooned due to state bloat. As a result, nodes started desyncing, leading to many issues. The mistake here was they specified very low requirements when they started — they failed to inform everyone that system requirements grow exponentially with state bloat. Now they are making reckless changes without adequate auditing or testing. Sure, switching to Erigon and having multiple chains will offer incremental benefits, but there’ll always be crippling limitations.
  • Solana didn’t make that mistake — they were very open about very high system requirements from the beginning. Now, I definitely will not give Solana a hard time about their various failures and issues, as a lot of it is down to it being an early beta product. Bugs and issues due to missing features are always on the cards with beta projects — whether rollups, dapps or monolithic L1s — and I only have the best wishes for developers so they fix these. But the problem is, years down the line when it does mature, it’s battle-tested and there are no bugs and has a fee market implemented, it’s going to only offer an incremental increase in throughput, and at a steep cost to technical & economic sustainability. Solana is inherently unscalable. Optimistic rollups are far superior solutions to Solana, and will mature much sooner.
  • Arguably, Polygon PoS has been the chain that has seen most adoption, after Ethereum. Now, it’s true Polygon PoS is a “commitchain”, and not an alt-L1, but it’s still very much a monolithic chain and is bound by all of the same crippling inefficiencies as L1s. Polygon PoS reached its limits, suffered from spam, raised their minimum gas floor. But even after that, it’s been spammed by projects, raising gas prices >$0.10. To be clear, this is a far better outcome than Solana or Cardano where during congestion a 99% transactions would simply fail, and only micro-MEV bots will win. To their credit, unlike other monolithic projects, the Polygon team has very openly acknowledged the limitations, and have acted upon it by going all in on ZK rollups — that’ll actually enable high scalability. Actions speak larger than words, and a $1B action is worth commending.
  • Speaking of Cardano, they too are a very early beta product, and like Solana, also have to implement fee markets. Cardano’s system requirements are still quite low. Lately, I have seen growing interest in the Cardano community around rollups, so that’s great to see! Nevertheless, until Cardano itself doesn’t implement data availability sampling, all of this would be for nothing.
  • There are many other projects we have seen fail to live up to the hype. We have seen Avalanche C-Chain’s fees spiking whenever the block space is saturated — I mean, this is a fundamental feature of monolithic chains. Subnets will either fragment security or decentralization, and will be bounded by the same crippling limitations. Regarding “online pruning”: let’s wait and see, but this seems to implement Geth’s offline pruning and makes it so the pruning happens at a higher frequency. This could be a nice addition to Geth, but it absolutely does not solve the fundamental limitation of state bloat. We’ve seen Harmony fail etc. But I also wanted to highlight projects that are building for the next-generation with actually scalable solutions: Ethereum, Tezos, Celestia and Polygon Avail with data availability sampling; Mina & Aleo with validity proofs; and of course, the dozens of rollups — there seems to be a new one popping up every week now! It’s pretty obvious we’ve entered the era of modular architectures — few are building new monolithic L1s anymore with any degree of seriousness. At a pinch, “proto-modular” projects like Polkadot & NEAR are interim solutions that while don’t solve for a lot of the above issues, do retain sustainability & security. If you don’t care about sustainability & security, Dfinity/ICP is building interesting stuff, though.
  • I also want to be very clear that monolithic L1s have a path forward, and indeed this is actually my only goal: to get the entire industry upgraded to the next-generation tech. For example, Avalanche can implement a “data availability sampling subnet” at the base layer validated by the full validator set, and invite modular execution layers to build on top or build their own. But until this is a clear priority on their roadmap, I’ll continue to push the narrative till the change is ubiquitous across the industry.
  • Now, not every chain must be a rollup or a modular design of some sort. Sovereign L1s still have their place in situations where security is not important, and you want to accomplish some novel feature difficult or not possible with rollups. Of course, this is very much a niche, but it’s real. The Cosmos ecosystem is doing splendid work on this front (also, Polygon Edge is building compelling solutions), though I’d like to see these chains be validity proven, and IBC evolve to verify validity proofs. That’s about as good as multi-L1 bridging is going to get barring some breakthrough. But even the perfect validity proven bridge — like =nil; Foundation are building for the Mina <> Ethereum bridge— still assume that the weaker chain is not compromised. Rollup bridges give you full security guarantees where even if the weaker chain is compromised you can still inherit the stronger chain’s security.
  • Finally, it’s important to discuss timing. Optimistic rollups are not ready yet, so using a non-beta monolithic L1 still makes sense. It should be noted that in both cases — optimistic rollups, or monolithic chains — there’s a varying degree of maturity/instability, so you have to evaluate on a case-by-case basis. But I don’t write about the here and now — my only interest is to see how blockchains can scale massively and sustainably in the long term. But optimistic rollups are maturing rapidly, with clear paths to becoming sustainable solutions. Just need the engineering work to get there — it’s quite possible at least one smart contract optimistic rollup will be fully decentralized, implement data compression, have high liquidity bridges, and scale up within a year’s time. Once optimistic rollups are ready for prime time, it’s game over for almost all monolithic L1s.

OR vs. ZKR

So, let’s talk about optimistic rollups and zk rollups in the here and now. As a side note, this week alone I learned about Obscuro, a TEE rollup, and Urbit’s naïve rollup. The design space for rollups is a blank canvas, so you can have many types of rollups! But here, I’m specifically discussing secured rollups that either rely on fraud proofs (optimistic) or validity proofs (zk).

Transaction fees

Let’s start with application-specific rollups: it’s pretty clear that ZK has the lead here. Loopring, zkSync and others have got payments covered, with fees in the $0.10 range for ERC-20 transfers. Both have trades, at the time of writing a trade on ZigZag has a flat fee of $0.28, including gas fees and trading fees. Meanwhile, dYdX has zero user-facing gas fees, but we can calculate their trading fees. In a day with high activity, for each trade they are paying ~$0.08 in gas fees to Ethereum. On days with less activity, this is in the $0.10 range. If activity ramps up to ~100 TPS, this will reduce to the ~$0.02 range.


Speaking of which — a common misconception is that ORs have 7-day finality. But actually, ORs will achieve the same finality as L1 sooner than ZKRs. Already, we see ORs commit batches every 5 to 10 minutes, so that’s your latency. The 7 days is to ensure this finality is maintained, with the assumption there’ll be at least 1 entity who will (it can be you!). As ORs scale up, these batches will be ever more frequent, and at around ~20 TPS, ORs can commit every block, at which point OR finality = L1 finality. Because ZKRs’ fixed costs are so much higher, committing every block requires a lot more activity (>100 TPS) to be feasible. However, with the blob EIP, ZKRs can reengineer to commit some of their proofs to blobs instead, so this may become less of an issue.


Application-specific rollups are fairly streamlined and can scale up massively. IIRC, StarkEx demonstrated 9,000–18,000 TPS way back in mid-2020. However, things are more challenging for smart contract rollups. We have seen StarkNet only capable of throughput that’s lower than dYdX or Immutable X is doing in prod (which is a fraction of what they are actually capable of), and make optimizing for throughput a top priority. Because both Optimism and Arbitrum are based around EVM clients, they a) have a battle-tested codebase, and b) relatively optimized clients. A few days ago, I asked how far EVM can scale before requiring parallelism, Alexey Sharp suggested that Erigon could scale to 500M gas/second sustained (with some outliers burst). So, there’s a ton of headroom available to optimized EVM-based ORs, and more available through either multi-threaded clients, or multiple instances / recursive rollups. (Yes, ORs can have L3s too, though it’s certainly more elegant with ZKRs)

Side-note: delays for rollup bridges

We’ve seen a massive $320M hack for Solana Wormhole, and we’ve seen with a recent bug bounty by Optimism bugs are certainly par for the course for early beta products.


In the end, it’s all about timelines.



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store



Rants and musings on blockchain tech. All content here in the public domain, please feel free to share/adapt/republish.