Proof Composition

Ziren zkVM introduces an innovative proof composition system that empowers developers to nest and aggregate cryptographic proofs within zkVM programs. This flexible architecture enables recursive verification, multi-proof aggregation, and modular program upgrades, all while ensuring seamless compatibility with Ziren’s verification framework.

Key Use Cases

  • Privacy-Preserving Computation

    Securely process distributed or confidential data by splitting computations into sub-proofs, each protecting its own data fragment, and then aggregating them into a unified, privacy-preserving proof.

  • Cryptographic Proof Nesting

    Enable recursive verification of encrypted values—such as zero-knowledge proofs, digital signatures, or homomorphic encryption—without revealing underlying data, thus strengthening both privacy and security.

  • Proof Aggregation & Cross-Chain Verification

    Combine independent proofs from multiple sources or blockchains (e.g., Ethereum, other rollups) into a single aggregate proof, facilitating trusted cross-chain data flows and unified validation.

  • Rollup Optimization

    Batch and compress large numbers of transaction proofs or state changes into a single, compact proof to improve scalability, reduce verification cost, and maximize on-chain throughput.

  • Modular Program Architecture & Maintainability

    Break complex applications into independently verifiable modules, allowing developers to update or upgrade specific components without re-running the entire workflow, increasing maintainability and development agility.

  • Pipeline Proof and Concurrent Verification

    Divide lengthy computations into parallel, independently verifiable sub-proofs, streamlining the overall proof generation and validation process for greater efficiency.

Core Components

Ziren packages each proof into an object called a receipt. The proof composition system is built around the idea of recursively verifying receipts inside other zkVM programs. The main components are:

  • Assumption

    A formal assertion that declares what needs to be proven, serving as a dependency within the proof composition pipeline.

  • Receipt Claim

    A structured statement identifying a specific receipt, which includes metadata such as the program image ID and a SHA-256 commitment to the public input/output, ensuring unique and tamper-evident referencing.

  • Inner Receipt

    The fundamental container of a base proof, holding the STARK proof, public values, and the corresponding claim.

  • Assumption Receipt

    A conditional receipt that is valid only if its dependencies (assumptions) are fulfilled by other receipts.

  • Composite Receipt

    A recursively constructed bundle that aggregates multiple layers of verification, supporting nested proofs and multi-stage validation.

  • Final Receipt

    The ultimate artifact that confirms all assumptions have been resolved and all required proofs successfully verified.

Implementation Workflow

Proof Generation

  • Base Proof Generation

    Generate a STARK proof for a given (possibly nested) guest program, resulting in an initial inner receipt.

  • Recursive Composition

    Use the base and composite receipts as building blocks, recursively aggregate them using Ziren’s aggregation engine, and form higher-level proofs as needed.

  • Final Receipt Assembly

    Collect and combine all required receipts (base, assumption, composite) into a final, comprehensive receipt representing the complete proof.

Verification

  • Composite Receipt Verification

    Validate the STARK constraints for the main (composite) proof to ensure correctness of the aggregated verification.

  • Inner Receipt Validation

    Recursively verify all dependent proofs (assumptions) included within the composition.

  • Receipt Claim Consistency

    Check that SHA-256 commitments match across all receipt claims to ensure input/output consistency and cross-proof integrity.