Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

List of Existing ZkVMs #40

Open
23 tasks done
moudyellaz opened this issue May 15, 2024 · 0 comments
Open
23 tasks done

List of Existing ZkVMs #40

moudyellaz opened this issue May 15, 2024 · 0 comments
Assignees
@moudyellaz @jonesmarvin8 @seugu @tyshko-rostyslav
Labels
vm-foundations Integrate advanced cryptographic primitives to create a highly secure, privacy-preserving computatio

Comments

@moudyellaz
Copy link
Collaborator

moudyellaz commented May 15, 2024
edited
Loading

Introduction

We are compiling a comprehensive list of existing Zero-Knowledge Virtual Machines (zkVMs). To ensure that we don't have multiple people working on the same zkVM, please assign yourself to the corresponding entry before you start filling in the information.

How to Contribute

  1. Assign Yourself: Click on the gear icon next to the zkVM you want to provide information about and assign yourself.
  2. Fill in the Template: Copy the template provided below and fill in the details for the zkVM you chose.
  3. Submit Your Information: Edit the issue to add your filled-in template under the respective zkVM.

Assignment Comments

  1. Please leave a comment in the following format to assign yourself to a zkVM:
    @Yourusername - I will work on zkVM Example 1
  2. If there are missing ZkVms, please contact me so I can add them (Do not add new ones to avoid confusion)

Template

[zkVM Name]

  • ZkVM: [Yes/No]
  • Zero Knowledge: [Yes/No]
  • Description: A brief description of the zkVM (A paragraph or two at most)
  • Repository: [Link to the GitHub repository or other source]
  • Documentation: [Link to documentation and/or paper or Website (specific to the Zkvm)]
  • Status: [Active/Inactive]
  • Type of Proof Systems Used: [zk-SNARKs, zk-STARKs, etc.]
  • Main Focus: [Scalability, privacy, interoperability, etc.]
  • Privacy Guarantees Achieved: [What information is hidden or revealed during transactions, resistance to privacy attacks]
  • Potential Privacy Enhancements: [Additional privacy features that could be added]
  • Cryptographic Primitives and Security Assumptions: [List of cryptographic primitives used and their security assumptions]
  • Performance and Scalability: [Overhead, transaction throughput, benchmarks, etc.]
  • Integration with Existing Systems: [How well it integrates with existing systems]
  • Development Tools and Documentation: [Availability of dev tools and quality of documentation]
  • Additional Information: [Any other relevant information]

List of ZkVMs

Compiled Information for each ZkVM in the above list

[SP1]

[Nexus]

  • ZkVM: Yes
  • Zero Knowledge: No
  • Description: The Nexus zkVM is a modular, extensible, open-source, and highly-parallelized zkVM, designed to run at a trillion CPU cycles proved per second given enough machine power.
  • Repository: https://github.com/nexus-xyz/nexus-zkvm
  • Documentation: https://docs.nexus.xyz/
  • Status: [Active]
  • Type of Proof Systems Used: zk-SNARK
  • Main Focus: Scalability
  • Privacy Guarantees Achieved: None
  • Potential Privacy Enhancements: ZK could be added in the future
  • Cryptographic Primitives and Security Assumptions: [List of cryptographic primitives used and their security assumptions]
  • Performance and Scalability: No benchmarks
  • Integration with Existing Systems: Theoretically very good
  • Development Tools and Documentation: Industry level: https://docs.nexus.xyz
  • Additional Information: Nexus 1.0: The Zero Knowledge Machine,
    The Nexus v1.0 zkVM and Roadmap

[Risc0]

[Powdr]

  • ZkVM: No
  • Zero Knowledge: Yes
  • Description: Powdr is a toolkit that helps build zkVMs and similar proof frameworks. Anyone can build a zkVM by choosing one of the front-end such as RISC-V and the back-end such as Halo2 and convert any rust code to a verifiable execution.
  • Repository: https://github.com/powdr-labs/powdr
  • Documentation: https://docs.powdr.org/
  • Status: Active
  • Type of Proof Systems Used: zk-SNARKs, zk-STARKs
  • Main Focus: Modular compiler stack for zkVMs
  • Privacy Guarantees Achieved: Not mentioned
  • Potential Privacy Enhancements: Not mentioned
  • Cryptographic Primitives and Security Assumptions: During the linking phase, powdr can use either lookup arguments or recursive proofs.
  • Performance and Scalability: Not mentioned
  • Integration with Existing Systems: revm: https://github.com/powdr-labs/powdr-revme?tab=readme-ov-file
  • Development Tools and Documentation: https://docs.powdr.org/installation.html
  • Additional Information: The github readme points out that the compiler currently generates unnecessary columns. This causes efficiency issues, but they are working on an optimizer to fix this.

[ZkMips]

  • ZkVM: Yes
  • Zero Knowledge: Yes
  • Description: General purpose zkVM in MIPS architecture.
  • Repository: https://github.com/zkMIPS/zkm
  • Documentation: https://docs.zkm.io/zkm-architecture
  • Status:Inactive
  • Type of Proof Systems Used: zk-STARK in particular Starky and Plonky2 based.
  • Main Focus: Scalability, privacy, and interoperability
  • Privacy Guarantees Achieved: Private inputs(witnesses) are allowed.
  • Potential Privacy Enhancements: Not mentioned.
  • Cryptographic Primitives and Security Assumptions: Quantum safe hash-based architecture
  • Performance and Scalability: Not mentioned
  • Integration with Existing Systems: It can be integrated into private connections to IoT networks, decentralized cloud computing, Ethereum L2 roll up, and ZKML.
  • Development Tools and Documentation: whitepaper: https://whitepaper.zkm.io/whitepaper1.2.pdf
    proof guide: https://docs.zkm.io/guides/proof-generation-guide
  • Additional Information: None

[Valida]

  • ZkVM: Yes
  • Zero Knowledge: No
  • Description: Valida is a VM that focuses on the Prover's performance. Currently, Valida VM uses a special instruction set that is RISC-inspired. The goal is to construct a zkVM that can prove programs that are written in a variety of languages, such as Rust, Go, and C++, with minimal changes to the original source code.
  • Repository: https://github.com/valida-xyz/valida
  • Documentation: https://delendum.xyz/writings/2023-05-10-zkvm-design.html
  • Status: WIP
  • Type of Proof Systems Used: STARK; Plonky3
  • Main Focus: Code reusability, prover's performance, and extensibility.
  • Privacy Guarantees Achieved: Not mentioned.
  • Potential Privacy Enhancements: Not mentioned.
  • Cryptographic Primitives and Security Assumptions: FRI, potentially quantum secure.
  • Performance and Scalability: Code base for Valida benchmark https://github.com/valida-xyz/benchmarks Results for benchmarks provided: https://lita.gitbook.io/lita-documentation/architecture/benchmarks
  • Integration with Existing Systems: Not mentioned, but unlikely since currently uses specialized ISA.
  • Development Tools and Documentation: https://lita.gitbook.io/lita-documentation/architecture/valida-zk-vm
  • Additional Information: Valida's roadmap includes fast recursion, parallelizable proving of individual program execution. Valida uses FRI, but may switch to Brakedown for speedup. Plans to use Groth16 wrapper

[Jolt]

  • ZkVM: Yes
  • Zero Knowledge:No
  • Description: Jolt is a zkVM framework built around the Lasso lookup argument.

Jolt powers succinct proofs of execution of programs written in any high-level language. Jolt's sumcheck-based SNARK makes extensive use of multivariate polynomials and commitment schemes. Jolt zkVMs have state-of-the-art prover performance and have substantial room for growth over the coming decades.

[ZkWasm]

  • ZkVM: Yes, ZAWA
  • Zero Knowledge: Yes
  • Description: zkWASM is a portable virtual machine that allows developers to create privacy-preserving applications using any language that compiles to WebAssembly (WASM), without needing specialized knowledge of zero-knowledge proof (ZKP) technology. These applications run seamlessly in web browsers without requiring any special hardware or software. Using Zero-Knowledge Proofs, zkWASM accelerates transaction times by combining off-chain computations with on-chain verifications, making the blockchain more efficient. This ensures that all transactions remain secure and private, enhancing the overall security of the blockchain. The core concept is: On-Chain Contracts + Off-Chain VM + WASM Integration.
  • Repository: https://github.com/DelphinusLab/zkWasm
  • Documentation: https://delphinuslab.com/zk-wasm/
  • Status: WIP
  • Type of Proof Systems Used: zk-SNARKs or better Halo2's zero-knowledge proof system generating execution proofs in a ZKSNARK way.
  • Main Focus: Scalability and Privacy
  • Privacy Guarantees Achieved: Mpc-solution for hiding the witness, confidential transactions, private smart contracts, and secure data sharing.
  • Potential Privacy Enhancements: Not mentioned
  • Cryptographic Primitives and Security Assumptions: ZAWA uses KZG and plookup (for lookup tables); DelphinusLab's zkwasm appears to use zcash's Halo2 (IPA instead of KZG).
  • Performance and Scalability: All the benchmark test suites are run on a machine with AMD Ryzen 7 5800X3D 8-Core Processor, one GeForce RTX 3090 graphic card and 32G * 4 DDR4 2133 ram https://jhc.sjtu.edu.cn/~hongfeifu/manuscriptb.pdf
  • Integration with Existing Systems: Rollup application builders, Circuit integrators, ZkVM builders.
  • Development Tools and Documentation: https://zkwasmdoc.gitbook.io/delphinus-zkwasm
  • Additional Information: https://hackmd.io/@sinka/BJUIyufEc Game development on chain with zkwasm and corresponding talk. Bugs found in zkwasm. ICME proposes using SuperNova or Plonky2 instead of Halo2 to improve efficiency for client-side application; this appears to be the origins of Novanet.

[Aleo]

  • ZkVM: Yes
  • Zero Knowledge: Yes
  • Description: SnarkVM is a zkVM that proves Leo applications by converting the codes into Aleo instructions which are further compiled into bytecode.
  • Repository: https://github.com/AleoNet/snarkVM
  • Documentation: https://aleo.org/
  • Status: Active
  • Type of Proof Systems Used: zk-SNARK
  • Main Focus: Privacy, and hybrid states
  • Privacy Guarantees Achieved: Fully private decentralized applications
  • Potential Privacy Enhancements: None
  • Cryptographic Primitives and Security Assumptions: Not mentioned
  • Performance and Scalability: Not mentioned
  • Integration with Existing Systems: Not mentioned
  • Development Tools and Documentation: https://developer.aleo.org/aleo/language/
  • Additional Information: None

[Ola]

[Miden]

[ZkOS]

  • ZkVM: No
  • Zero Knowledge: No
  • Description: A brief description of the zkVM: It is a proof of concept of the verifiable operating system in RISC-V architecture. In the end, it will be an operation system in which all untrusted executions are run in a verifiable way. It helps to create a world computer.
  • Repository: https://github.com/matter-labs/zk_os
  • Documentation: https://osblog.stephenmarz.com/index.html
  • Status: Inactive
  • Type of Proof Systems Used: Not mentioned
  • Main Focus: Verifiable Operating System
  • Privacy Guarantees Achieved: Not mentioned
  • Potential Privacy Enhancements: Not mentioned
  • Cryptographic Primitives and Security Assumptions: Not mentioned
  • Performance and Scalability: Not mentioned
  • Integration with Existing Systems: Not mentioned
  • Development Tools and Documentation: Not mentioned
  • Additional Information: None

[Triton]

  • ZkVM: Yes
  • Zero Knowledge: Yes but more Succint verification
  • Description: Triton is a Turing-complete virtual machine engineered for rapid recursive zk-STARK verification. Triton VM is versatile and can be utilized for various applications. Its swift, recursive verification of computational integrity transforms the way computation is approached in networked environments.
  • Repository: https://github.com/TritonVM/triton-vm
  • Documentation: https://triton-vm.org/spec/
  • Status: Under Progress
  • Type of Proof Systems Used: AIR + STARKs
  • Main Focus: Mostly scalability
  • Privacy Guarantees Achieved: Not mentioned
  • Potential Privacy Enhancements: Not mentioned
  • Cryptographic Primitives and Security Assumptions: Not mentioned
  • Performance and Scalability: None
  • Integration with Existing Systems: Proves correct execution of programs written in Triton assembly! Built for Neptune blockchain, but can be used as a standalone.
  • Development Tools and Documentation: https://docs.rs/triton-vm/latest/triton_vm/
  • Additional Information: Talk on Triton-VM, TritonVM (Neptune Blockchain), Making Triton-VM Faster

[Cairo]

  • ZkVM: Yes
  • Zero Knowledge: Zk-friendly
  • Description: The Cairo VM employs a single-write-only memory model, ensuring each memory slot is written to only once. The Cairo compiler abstracts this, allowing mutable variables in code. This model enhances predictability and verifiability, providing an immutable computation record essential for generating STARK proofs. Cairo lacks inheritance and polymorphism. Contracts extend functionality by importing specific functions and storage variables, requiring a different approach from traditional object-oriented programming.
  • Repository: https://github.com/lambdaclass/cairo-vm
  • Documentation: https://github.com/lambdaclass/cairo-vm/blob/main/docs/python_vm/README.md
  • Status: Active
  • Type of Proof Systems Used: zk-STARKs
  • Main Focus: Scalability and Performance.
  • Privacy Guarantees Achieved: Not mentioned
  • Potential Privacy Enhancements: Not mentioned
  • Cryptographic Primitives and Security Assumptions: Not mentioned
  • Performance and Scalability: Benchmarks
  • Integration with Existing Systems: Compile Cairo programs into Sierra and CASM.
  • Development Tools and Documentation: Implementation is very well documented.
  • Additional Information: It simplifies contract writing and reduces the chance for bugs

[SnarkOS]

[Lurk]

  • ZkVM: No
  • Zero Knowledge: No
  • Description: Lurk is an in-development, Turing-complete programming language for recursive zk-SNARKs.
  • Repository: https://github.com/lurk-lab
  • Documentation: https://twitter.com/LurkLab/status/1777806522825019393
  • Status: Active
  • Type of Proof Systems Used: zk-SNARK, folding
  • Main Focus: Scalability
  • Privacy Guarantees Achieved: None
  • Potential Privacy Enhancements: ZK could be added
  • Cryptographic Primitives and Security Assumptions: Poseidon hash, Merkle trees
  • Performance and Scalability: Repository level benchmarks.
  • Integration with Existing Systems: Its their own ecosystem, so not as good.
  • Development Tools and Documentation: Industry standard in tools, lacking documentation. Programmer Introduction and Circuit Specification
  • Additional Information: Current implementation has a disclaimer to not use Lurk in production code as it uses Groth16 without a trusted setup.

[Piecrust]

  • ZkVM: Yes

  • Zero Knowledge: Could be Zk-friendly, more for succint

  • Description: Piecrust is a WASM virtual machine designed to run Dusk Network's smart contracts. These smart contracts are represented by their WASM bytecode and utilize linear memory. Piecrust supports concurrent execution, allowing multiple sessions to run simultaneously on the same VM and be distributed across different threads. This ensures that contract calls are executed atomically, meaning they either complete entirely or not at all, providing robust transactional integrity. By integrating with Dusk Network, Piecrust enhances smart contract development with strong privacy-preserving and compliance features. It includes native support for cryptographic primitives, such as zero-knowledge proof verification, and offers an efficient method for creating Merkle Trees within contract storage, making it a powerful tool for secure and private decentralized applications.

  • Repository: https://github.com/dusk-network/piecrust

  • Documentation: https://docs.rs/piecrust/latest/piecrust/

  • Status: Dusk plans to launch its mainnet in the second quarter of 2024

  • Type of Proof Systems Used: not mentioned, Zk-friendly

  • Main Focus: Scalability and privacy

  • Privacy Guarantees Achieved:

        - In the [Dusk Network](https://github.com/dusk-network/phoenix/blob/master/docs/protocol.pdf

), Proof of Blind-Bid serves as the foundation for the Segregated Byzantine Agreement (SBA) consensus mechanism, providing a private proof-of-stake system.

      - The SBA consensus mechanism is a permissionless, committee-based Proof-of-Stake protocol that offers near-instant transactional finality with a negligible probability of forks.

      - [Phoenix]( https://dusk.network/news/phoenix-security-proofs/) is a UTxO-based privacy-preserving transaction model that enables users to confidentially spend non-obfuscated outputs.

      - Zedger is a hybrid privacy-preserving transaction model designed to meet regulatory requirements for security tokenization and lifecycle management. It employs a Sparse Merkle-Segment Trie to create private memory for user accounts, allowing account owners to log balance changes per segment while only publicly revealing changes to the Trie root.
  • Potential Privacy Enhancements: None
  • Cryptographic Primitives and Security Assumptions: Merkle Trees, Sparse Merkle-Segment Trie.
  • Performance and Scalability: Still not benchmarked neither launched
  • Integration with Existing Systems: If released, it can be used to achieve several privacy guarantees regarding transaction models.
  • Development Tools and Documentation: Still no mainnet.
  • Additional Information: Should keep track for updates, Audit report on current state of Piecrust.

[Ceno]

  • ZkVM: Yes
  • Zero Knowledge: Yes
  • Description: Ceno Basic and Pro are (currently) theoretical zkVM's that have not been implemented. The design goal for these zkVms is to reduce the proving time by replacing costly FFT of Plonkish proof systems with sumcheck rounds in the GKR protocol. Ceno Pro is recommended for repeated blocks of code.
  • Repository: Not mentioned
  • Documentation: https://eprint.iacr.org/2024/387
  • Status: WIP
  • Type of Proof Systems Used: GKR protocol.
  • Main Focus: Reduce proving time.
  • Privacy Guarantees Achieved: Not mentioned.
  • Potential Privacy Enhancements: Not mentioned.
  • Cryptographic Primitives and Security Assumptions: lookup tables (or set equality), sumcheck, multilinear extensions, new IOP based on GKR. Security assumption - q-String bilinear Diffie-Hellman and (d,l)-Extended Power Knowledge of Exponent.
  • Performance and Scalability: None.
  • Integration with Existing Systems: Not mentioned.
  • Development Tools and Documentation: Not mentioned.
  • Additional Information:

[Stellar]

[Novanet]

  • ZkVM: No
  • Zero Knowledge: No
  • Description: NovaNet is not a zkL1 or L2 but rather an open peer-to-peer network. It builds from the ideas of non-uniform incremental verifiable computation from the SuperNova proving scheme to allow for a highly portable and customizable zero-knowledge virtual machine and opcode based prover framework.
  • Repository: https://devs.novanet.xyz/for-developers
  • Documentation: https://www.novanet.xyz/
  • Status: Active
  • Type of Proof Systems Used: zk-SNARK
  • Main Focus: Speed
  • Privacy Guarantees Achieved: Not mentioned
  • Potential Privacy Enhancements: Not mentioned
  • Cryptographic Primitives and Security Assumptions: Unknown
  • Performance and Scalability: No benchmarks.
  • Integration with Existing Systems: Theoretically good
  • Development Tools and Documentation: Lacking
  • Additional Information: Potentially the github account for Novanet (ICME labs); ICME labs blogs which introduce Novanet.

[ZkLLVM]

[ZkMove]

  • ZkVM: Yes
  • Zero Knowledge: zk-friendly
  • Description: zkMove is a smart contract runtime environment designed to execute smart contracts written in the Move language. It is zero-knowledge proof friendly, generating zero-knowledge proofs during the execution of Move contracts. This ensures enhanced privacy and security for smart contract operations.
  • Repository: https://github.com/zkmove/zkmove
  • Documentation: https://www.zkmove.net/blog/
  • Status: WIP
  • Type of Proof Systems Used: Halo2
  • Main Focus: Not mentioned
  • Privacy Guarantees Achieved: Not mentioned
  • Potential Privacy Enhancements: None
  • Cryptographic Primitives and Security Assumptions: Poseidon Hash Functions.
  • Performance and Scalability: WIP
  • Integration with Existing Systems: Move language only
  • Development Tools and Documentation: WIP
  • Additional Information: https://github.com/zkmove/halo2-verifier.move/blob/main/TUTORIAL.md: zkMove uses Halo2 with KZG (instead of IPA) for polynomial commitment. To generate the trusted group elements, they use Perpetual Powers of Tau.

[o1VM]

Summary table (To compile by @moudyellaz )
@moudyellaz moudyellaz added the vm-foundations Integrate advanced cryptographic primitives to create a highly secure, privacy-preserving computatio label May 15, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@moudyellaz moudyellaz

@jonesmarvin8 jonesmarvin8

@seugu seugu

@tyshko-rostyslav tyshko-rostyslav

Labels
vm-foundations Integrate advanced cryptographic primitives to create a highly secure, privacy-preserving computatio
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@moudyellaz @jonesmarvin8 @seugu @tyshko-rostyslav