“Cartesi’s Dave Fraud-Proof algorithm further optimizes the fraud proof mechanism to achieve the best balance between security, decentralization, and activity.”
Not long ago, @donnoh_eth, a researcher at L2 Beats, an authoritative research institution in the Rollup field, tweeted that Cartesi's Dave is currently the most advanced fraud proof system, surpassing Arbitrum's BoLD and Optimism's OPFP, and expressed the hope that the Optimism and Orbit Stack ecosystems can integrate this groundbreaking solution. @donnoh_eth's recognition shows that the technical advantages of the Dave solution in the field of fraud proofs have received widespread attention in the industry.
In fact, in the exploration of blockchain expansion, the Optimistic Rollup solution has become one of the most widely used technologies in the Layer2 ecosystem due to its high efficiency and low cost. Unlike ZK-Rollup, which relies on complex zero-knowledge proofs, Optimistic Rollup adopts an "assumed honesty" approach: all transactions are valid by default, and only when a transaction is controversial will the fraud proof mechanism be triggered for verification. This mechanism significantly reduces the on-chain computing cost and enhances the scalability of Rollup, enabling it to support larger transaction throughput.
However, there are many challenges in the design and implementation of the fraud proof mechanism itself. We have seen that in order to ensure the security of the Rollup system, the fraud proof needs to be able to effectively prevent malicious validators from submitting false status while ensuring the safety of ordinary users' funds. However, in actual operation, the fraud proof mechanism is often subject to many restrictions.
The first is a resource consumption attack, where a malicious attacker can use a large amount of computing resources to create meaningless disputes, forcing honest validators to continuously consume computing power and gas fees, and ultimately making them unable to continue to defend their rights. In extreme cases, if the computing resources of honest validators are exhausted, the system may default to accepting the false status submitted by the attacker, causing serious security vulnerabilities.
The second is delay attacks. The challenge process of some fraud proof mechanisms is long, which may be used by attackers to artificially delay the dispute resolution time. One example is that in some systems, the dispute resolution time may be as long as several months. This delay will seriously affect the liquidity and user experience of Rollup, and even give attackers the opportunity to profit through market manipulation.
In addition, its degree of decentralization will also be limited. Many existing fraud proof schemes require participants to pay high deposits to ensure that they do not submit false information at will during the dispute process. However, this design directly raises the threshold for ordinary users to participate in the challenge, making the group that can truly fight against malicious validators highly centralized. For example, Arbitrum's BoLD scheme requires 3,600 ETH as a challenge deposit. Although it can effectively improve the security of the system, it also makes most retail validators discouraged.
In this context, Cartesi launched the Dave Fraud-Proof algorithm, which further optimized the fraud proof mechanism and achieved the best balance between security, decentralization, and activity. The solution adopts a tournament-style challenge mechanism, which greatly reduces the computing and capital costs of honest validators, and effectively eliminates the Sybil attacks of malicious validators, ensuring that disputes are resolved in the shortest possible time. The recognition of L2 Beats just illustrates the advancement and feasibility of the solution.
Comparative Analysis of Existing Fraud Proof Mechanisms
In the current Optimistic Rollup ecosystem, the design of the fraud proof mechanism directly determines the security, decentralization and user experience of the system. Different projects have different optimization directions for fraud proofs, resulting in significant differences in the existing solutions in terms of anti-attack resistance, execution efficiency and accessibility.
1. Optimism’s OPFP (Optimism Fault Proof)
Optimism uses the OPFP mechanism, whose core design is a parallel challenge system based on the Modular Game Tree. Under this mechanism, multiple challengers can challenge the same transaction at the same time and enter a hierarchical challenge process. Ideally, this model can maximize verification efficiency and make it difficult for attackers to hide invalid transactions.
However, in practical applications, OPFP still has two major problems. First, because its challenge process lacks strict time constraints, attackers can delay the entire verification process by continuously submitting false disputes, causing funds to be frozen for weeks or even longer. Second, because OPFP allows anyone to initiate challenges, attackers can create a large number of Sybil accounts in batches to interfere with the verification process, thereby artificially creating chaos and increasing the computational cost of fraud proofs. Therefore, this also makes OPFP's defense capabilities against Sybil attacks relatively weak, and it cannot effectively prevent large-scale malicious intervention.
2. Arbitrum’s BoLD (Bisection Optimistic Layered Dispute)
In contrast, Arbitrum's BoLD mechanism uses a stricter all-staff challenge framework designed to eliminate delays in the Optimism solution. BoLD ensures that all disputes can be resolved in a short period of time by forcing a maximum dispute time of 1 week, preventing attackers from disrupting the normal operation of the system by means of indefinite delays. In addition, BoLD also introduces Historical Commitments to ensure that all calculation paths submitted during the dispute process can be traced, thereby reducing the possibility of attackers tampering with data during the challenge process. Although this scheme performs well in terms of security, BoLD also has a serious problem, namely the extremely high capital threshold.
The scheme requires any challenger who wishes to participate in the dispute to pay a deposit of 3,600 ETH, but such a high amount is far beyond the affordability of most ordinary users, making the execution of fraud proofs ultimately dependent on a small number of well-funded participants. Although this design improves the security of the system, it also seriously damages decentralization, resulting in limited usability of the BoLD scheme in reality.
3. Cartesi’s early introduction of the PRT (Permissionless Refereed Tournaments) mechanism
The PRT mechanism launched by Cartesi in the early days once tried to solve the problem of high capital threshold. The core innovation of PRT is to use computational hashing for verification. The verifier submits not only the final state of the transaction, but the hash value of the entire computation process, thus ensuring the transparency of fraud proof.
In addition, PRT also further adopts a recursive dispute mechanism to reduce computing overhead by gradually narrowing the scope of the dispute. Although this method lowers the deposit threshold to a certain extent, allowing 1 ETH to participate in the challenge and enhancing decentralization, PRT also faces a challenge, that is, the dispute time is too long.
Since recursive disputes require multiple rounds of calculations and confirmation, the final ruling may take up to 20 weeks or even longer. This extremely long challenge time limits the feasibility of PRT in practical applications, making it unable to meet the Rollup ecosystem's needs for liquidity and activity.
4. Kroma ZK Fault Proof
Kroma uses Kroma ZK Fault Proof as a fraud proof mechanism and attempts to improve the efficiency and security of fraud proofs through zero-knowledge proofs. In its solution, a one-on-one challenge mechanism is adopted, that is, each time a fraud proof dispute occurs, a direct duel will be held between the attacker and the verifier, rather than a parallel challenge or a full challenge. The advantage of this model is that it can significantly shorten the time required for each round of challenges, because ZK proofs can be efficiently calculated off-chain and only small-scale verification is performed on the chain.
However, this approach is still in its early stages and faces some key challenges. We see that the main problem with Kroma ZK Fault Proof is that it has weak Sybil attack defense capabilities. Due to the high computational complexity of ZK proofs, attackers can use a large number of Sybil accounts to create computing resource consumption attacks, forcing honest validators to bear high computational overhead. In addition, while ZK proofs themselves can improve the credibility of fraud proofs, they still need further optimization to ensure that they can maintain efficient operation in a high-concurrency challenge environment. More importantly, the generation of ZK proofs relies on specific computing resources, and Kroma has not yet fully solved the problem of decentralized verification, so there is still a certain degree of uncertainty in operating in a truly permissionless environment.
5. Dave from Cartesi (Decentralized and Verified Execution)
Based on the above solution, Cartesi launched the Dave fraud proof mechanism in 2024, which is deeply optimized for Sybil attacks, resource consumption attacks and delay attacks.
Dave itself inherits the computational hashing mechanism of PRT, and through the Tournament-based Dispute System, it forces malicious challengers to compete with each other during the dispute process, rather than directly confronting honest validators. This mechanism significantly reduces the computational consumption of honest validators, allowing them to maintain competitiveness at a lower resource cost.
Dave further introduced a Hitpoint (HP) mechanism, where each disputant starts with 21 HP, and 1 HP is deducted for each challenge failure or timeout. When the HP reaches zero, the disputant is automatically eliminated to ensure that even if an attacker creates a large number of Sybil accounts, the dispute process cannot be delayed indefinitely.
Compared to BoLD, which requires a high deposit of 3,600 ETH, Dave only requires 3 ETH, significantly lowering the entry threshold and allowing ordinary users to participate in the fraud proof process. In addition, Dave shortens the dispute time to 2-5 weeks through a more optimized matching mechanism, effectively solving the problem of long PRT dispute time.
So overall, the current mainstream fraud proof mechanisms have their own advantages and disadvantages.
Although Optimism’s OPFP mechanism has the ability to challenge in parallel, it is vulnerable to delay attacks and Sybil attacks;
Arbitrum’s BoLD solution enhances security by enforcing time limits and historical commitment mechanisms, but high margin requirements reduce decentralization;
Cartesi’s PRT solution performs well in lowering margin thresholds, but the challenge time is too long, making its liquidity poor;
Kroma ZK Fault Proof uses zero-knowledge proof to improve verification efficiency, but there is still room for improvement in decentralization and resistance to Sybil attacks.
As the latest optimized fraud proof scheme, Dave minimizes the capital threshold and dispute time while ensuring security. It improves the ability to resist Sybil attacks through tournament matching and Hitpoint mechanism.
Detailed explanation of the core design of Dave's fraud proof algorithm
Focusing on Cartesi's Dave solution, it aims to solve the three major pain points of existing fraud proof solutions, namely security, decentralization, and activity, ensuring that the system can still operate stably in the face of malicious attackers or even state-level adversaries, and allowing anyone to participate in the verification process at a lower cost.
Security
Security is the primary goal of Dave's design. In traditional fraud proof systems, if attackers control enough computing resources or funds, they may use resource consumption attacks to make honest validators unable to resist, or even manipulate the entire fraud proof process. In Dave's scheme, the attacker's Sybil accounts are forced to compete with each other, which means that even if the attacker invests a huge amount of money, there is no guarantee of victory in the end. At the same time, the computational hash mechanism used by Dave requires that all challenges must be based on a complete execution history to prevent attackers from bypassing the verification process through false data. In the end, even in the face of state-level attackers, a single honest validator can still successfully challenge improper transactions and ensure the security of the system.
Decentralization
Decentralization is a key factor in whether the fraud proof mechanism can be truly widely adopted. BoLD like Arbitrum requires 3,600 ETH as a deposit, making it difficult for ordinary users to become challengers, while Dave ensures that anyone can participate in the fraud proof process by lowering the deposit requirement (only 3 ETH). At the same time, the total cost of the entire dispute process is about 7 ETH, but since all honest validators' fees are compensated after the dispute is over, it means that their actual cost is almost zero.
In addition, the tournament-style matching mechanism adopted by Dave allows multiple challengers to operate independently without relying on centralized organization and coordination, thus maintaining the decentralized nature of the system.
In @GCdePaula's new post on Ethresearch about Dave's fraud proof algorithm, it is shown how many honest actors are needed to ensure the normal operation of the system under different system architectures. In the above figure, from "1 of 1" (centralized) in the lower left corner to "N of N" (fully decentralized) in the upper right corner, the trust requirements of different fraud proof mechanisms vary.
BoLD (Arbitrum) Due to the high deposit limit, only a few validators can participate. It is in the N/2 of N (small scale N) area and has a low degree of decentralization.
PRT (Cartesi) allows more people to participate, but because the challenge time is too long, the actual feasibility is limited and it is located in the Middle Zone.
Dave (Cartesi) optimizes the tournament-style matching and Hitpoint mechanism so that even if only "1 of N" honest validators participate, the system security can still be ensured and the impact of Sybil attacks can be greatly reduced.
Therefore, this diagram clearly and intuitively illustrates the advantages of Dave's solution in terms of decentralization.
Activity
Finally, liveness solves the problem of long fraud proof dispute time. In some early fraud proof schemes, the dispute time could be as long as 20 weeks, seriously affecting the liquidity of user funds. In Dave's scheme, the maximum duration of a single challenge is only 8 hours, and the entire dispute process can usually be completed within 2-5 weeks. This means that even if an attacker tries to interfere with the system through delay strategies, it cannot effectively prevent the smooth progress of fraud proofs.
How to achieve the above advantages?
In fact, Dave's core innovations are mainly reflected in three aspects: hash calculation mechanism, tournament challenge mechanism, and hitpoint counting mechanism, and each part is optimized for the pain points of the current fraud proof system.
- Calculating the Hash
Traditional fraud proof systems usually only verify the final status of a transaction without caring about the specific path of transaction execution, which provides attackers with the opportunity to tamper with data. Dave uses a calculated hash mechanism to ensure that all challenges must be based on the complete execution history, making it impossible for attackers to create false disputes.
The mechanism mainly allows each calculated hash to store the Merkle tree of the entire execution path, and ensures that all disputes can be traced back to the original calculation results through historical commitments. Therefore, when all challengers initiate disputes, they must submit the complete calculation path, not just the final state, which effectively prevents attackers from forging data or tampering with historical states during the challenge process.
- Tournament-style challenge system
In most fraud proof systems, honest validators need to directly fight against all the false disputes submitted by attackers, which may cause their computing resources to be quickly exhausted. Dave uses a tournament-style challenge mechanism, which forces the attacker's Sybil accounts to compete with each other, greatly reducing the computing pressure on honest validators.
The mechanics are similar to a knockout tournament:
When multiple challengers submit different transaction statuses, Dave will group them and match them, and let each challenger compete through binary search and hash calculation.
In the figure above, it is well demonstrated how the Dave fraud proof mechanism gradually eliminates malicious Sybil accounts in multiple rounds, leaving only honest validators (Hero). In each round, Sybil accounts are forced to match and compete with each other, and the failed accounts are gradually eliminated.
Round 0-2: Sybil accounts (blocks of different colors) start competing with each other, and the losers are demoted.
Round 3-5: As the rounds progress, more and more Sybil accounts are eliminated, and finally only honest validators win.
The hitpoint mechanic ensures that malicious challengers cannot persist by stalling attacks, with each challenger's HP gradually decreasing until they are completely removed.
This also requires attackers to consume exponential resources to maintain Sybil accounts, while the computational consumption and Gas fees of honest validators are relatively low, which significantly improves the security and activity of fraud proofs.
The attacker's Sybil account will be gradually eliminated during the challenge process, and the honest validator only needs to compete with the strongest competitor instead of facing all false challenges at the same time. This reduces the computational overhead and allows the system to identify the final correct transaction status more quickly.
It is also worth mentioning that Dave optimized the challenge time. Compared with the PRT scheme where each round of challenge may take 1 week, Dave set the maximum challenge time to 8 hours to ensure that the entire process can be carried out more efficiently. The delay strategy optimization means that even if the attacker tries to delay the challenge time, it cannot hinder the resolution of the dispute indefinitely.
- Hitpoint counting mechanism
Dave introduced a Hitpoint (HP) counting mechanism, which allows each disputer to initially allocate 21 HP points, and lose 1 HP point each time a challenge fails or times out. When a disputer's HP reaches zero, it will be automatically eliminated and can no longer initiate challenges.
Since each challenger can only fail 21 times at most, even if the attacker creates a large number of Sybil accounts, they cannot delay the fraud proof process indefinitely. In addition, honest validators are usually unlikely to encounter 21 failures, so they will not be eliminated because their HP returns to zero, ensuring that they can always win the final challenge.
This mechanism effectively prevents attackers from continuously delaying the challenge time through Sybil accounts, and further improves the efficiency and anti-attack capabilities of fraud proofs.
Computational model and experimental verification: Dave's challenge time grows logarithmically
In order to verify the actual performance of the Dave fraud proof algorithm, the research team built a rigorous mathematical model and evaluated its performance in terms of challenge time, computational cost, and anti-Sybil attack capabilities through simulation experiments. The experimental results show that Dave is superior to existing fraud proof schemes in multiple key indicators, and can still maintain efficient dispute resolution capabilities in the face of large-scale Sybil attacks.
The logarithmic growth of challenge time
In the fraud proof mechanism, challenge time is a key factor affecting user experience and fund liquidity. Dave uses a tournament challenge mechanism and a Hitpoint (HP) counting mechanism to ensure that disputes can be resolved in the shortest possible time. Studies have shown that Dave's challenge time grows logarithmically, that is, as the number of Sybil accounts increases, the growth rate of challenge time is much lower than the linear growth model.
In an experiment simulating Sybil attack scenarios of different scales, the dispute time of Dave was compared with that of other fraud proof schemes. When facing 10,000 Sybil accounts, Dave only needed 35.25 days to complete the entire challenge process, while in other schemes (such as PRT), resolving disputes of the same scale may take months. This significant time advantage is mainly due to the tournament matching mechanism adopted by Dave, which forces Sybil accounts to compete with each other, thereby reducing the computational burden of honest validators.
In addition, Dave adopted the optimization strategy of G=4 (4 matches per round), which makes the number of Sybils eliminated in each round faster, thereby further improving the speed of dispute resolution and ensuring that the computational cost remains within a reasonable range. This group matching strategy can not only effectively speed up dispute resolution, but also reduce the computational burden of each participant, making the fraud proof mechanism more scalable.
The experimental results show that compared with the mainstream fraud proof mechanism, Dave performs better in multiple key indicators:
Compared to BoLD, Dave provides similar security with a lower deposit (only 3 ETH, compared to 3,600 ETH required by BoLD), making the fraud proof mechanism more decentralized while maintaining efficient challenge processing capabilities.
Compared to PRT, Dave reduces dispute time by more than 50%, and effectively improves the ability to resist Sybil attacks through tournament matching and HP counting mechanisms, ensuring that even in the face of large-scale Sybil account attacks, disputes can be resolved in a short time.
In summary, Dave's computational model and experimental verification further prove its leading position in the field of fraud proof. Compared with traditional fraud proof schemes, Dave can ensure security while achieving the best balance between decentralization and activity, making it one of the most competitive fraud proof mechanisms.
Supporting Trusted AI
Based on the advantages in economy, computational efficiency and decentralization, Cartesi's Dave fraud proof mechanism not only optimizes the Rollup ecosystem, but also provides new possibilities for decentralized AI computing. The core goal of fraud proof is to verify the correctness of the calculation, and this capability is also applicable in the field of AI computing, especially when a transparent and verifiable AI computing environment is required.
Traditional AI computing mainly relies on centralized servers, and users can usually only trust AI outputs, but cannot verify whether its reasoning process is authentic and reliable. This model brings transparency issues and makes AI computing subject to single point failures and censorship risks of centralized infrastructure. Cartesi provides a trustless AI computing framework by calculating hashes and verifiable computing solutions, so that the AI computing process can be executed on-chain or in a verifiable environment, ensuring the transparency and credibility of the computing results.
In fact, this mechanism is essentially highly consistent with the principle of fraud proof: if the calculation result is questioned, its correctness can be verified through the fraud proof mechanism to prevent the falsification of AI calculation results. At the same time, Cartesi allows smart contracts to directly execute AI calculations and ensure full transparency and verifiability. Cartesi's RISC-V virtual machine further enhances this capability, enabling developers to seamlessly run AI libraries such as TensorFlow, PyTorch, and Llama.cpp in a decentralized environment, breaking through the traditional limitations of blockchain in AI computing.
A typical example is ThinkChain, which uses Cartesi's technology to execute LLM (such as DeepSeek-R1, DeepScaleR, Qwen2.5 and SmolLM2) on the chain, enabling smart contracts to directly build prompts and parse replies without relying on centralized servers. This means that in the future, fraud proofs can not only be used to verify the correctness of Rollup status, but also to verify the credibility of AI reasoning results, realizing truly decentralized AI computing.
It is also worth mentioning that in the recent Cartesi x EigenLayer Experiment Week, the Cartesi core engineering team successfully built a prototype system that enables smart contracts to perform verifiable large-scale language model reasoning. As a result, Cartesi became the first project in the crypto field to successfully implement DeepSeek fully on-chain. The prototype system also supports the operation of other open source LLMs such as Qwen and Smol, further demonstrating Cartesi's potential in decentralized AI computing.
Reasoning in Cartesi's verifiable environment eliminates centralized intermediaries, improves security, and ensures both the integrity of AI output and a completely trustless execution method. To date, Cartesi is still the only technology stack that supports fully on-chain, trustless LLM reasoning, and DeepSeek, as a pilot case, further verifies the huge potential of Cartesi's technology solutions in the field of decentralized AI computing.
About Cartesi
Cartei is a powerful modular blockchain protocol that provides developers with a complete Linux environment and high-performance Rollup technology, designed to support the next generation of decentralized applications. By integrating Linux, the Cartesi Virtual Machine enables developers to build dApps using programming languages, tools, and code libraries that have been battle-tested for decades. Cartesi provides each dApp with an independent Rollup layer and dedicated computing resources, significantly improving computing scalability while ensuring decentralization, security, and anti-censorship.
For more information, please visit:
Official website: https://cartesi.io/
X:https://x.com/cartesiproject
Discord: https://discord.gg/3gWG7guqMz
Telegram: https://t.me/CartesiCN
Previous Experiment Week Builds: https://cartesi.io/blog/experiment-week-2-recap/
