Introduction to zkVMs

Why zkVMs are important for Web3 and how they work

Pi Squared is fundamentally based on Zero Knowledge (ZK) technology - it’s core to our Proof-of-proof protocol that can validate any mathematical proof and ultimately any application in Web3. In this post, we’ll discuss why this technology is so important for developers, and explain the concept of a “zkVM.”

Why ZK is important to Web2 and Web3 developers

Central to what makes computing technology so powerful is its reliability. When you browse a website, check your email, or query a search engine, your computer and the computers on the internet to which you connect will carry out millions of operations to ensure that the right information gets to your screen. Each of these operations has to be done correctly to give you a good experience as a user. When operating across a network, it can be hard to know and trust that the data provided is what it seems: Is the person you’re chatting with who they claim to be? Is the image or video you’re looking at a real person, or is it a deepfake created by AI?

This is why verifiable computing is becoming increasingly important in Web3. This is a new paradigm in computing where the data you receive is authenticated with respect to the computations that constructed it. The data you receive is proven to be correct. 

The archetypal application for verifiable computing is in Web3 technology. Blockchains protect financial value, making them prime targets for attack, and this necessitates high standards for reliability. But verifiable computing is important to Web2 as well: As attackers become more sophisticated, tighter security is needed in applications such as identity management, image authentication, and machine learning.

Luckily, years of research in computer security have honed techniques in verifiable computing. The pinnacle of this research has resulted in the integration of many desirable security properties into a single technique: The “zk-SNARK.” zk-SNARKs combine the best properties of security, privacy, and efficiency, making them ideal for use in essentially any verifiable computing application.

What is a zk-SNARK?

You can think of a zk-SNARK as a certification stamp you can put on the output of your computation. This stamp guarantees to anyone who sees it that the data was produced in the way the stamp claims.

There are a few things that the zk-SNARK stamp should and shouldn’t be able to do:

1. It shouldn’t be possible to put a stamp on a piece of data that says it was created in a certain way, when it wasn’t. Otherwise, the stamp would be meaningless.
2. We would like to always be able to create the stamp successfully for any data that a program outputs, so that whatever program we are authenticating, others will be able to verify our stamp if we make it correctly.
3. The stamp shouldn’t reveal anything about its creator. Constructing a piece of data might require personal information or data that needs to be cryptographically protected. The stamping process should ensure that no one can learn this information from the stamp alone.
4. The stamp should not take up too much space. We might ideally like to store multitudes of stamps for many different pieces of data. If the stamp takes up more space than the data it’s attached to, that will be a concern for the efficiency of the system.
5. The stamp should be quick to check. This is particularly important in the web3 space, when we might want to check a stamp on a blockchain. The harder it is to check the stamp, the more gas this process will consume, which becomes expensive very quickly.

What is a zkVM?

These properties of a zk-SNARK give us the important factors for verifiable computation. But just as important is the programming language in which the computation is specified. Without a programming language to express what is being verified, the system is meaningless. And moreover, it’s an important quality-of-life feature that the programming language be widely-accepted, otherwise even if the programmer knows what they want to do, they won’t have the experience to be able to do it. Generic zk-SNARKs use languages like Circom which are very domain-specific, making them hard to use for a wide number of developers.

This is where “ZK Virtual Machines” or zkVMs come in. A zkVM is what you get when you apply a zk-SNARK to all the steps of computation that a typical program might run through. This involves keeping track of data and what actions the program is doing, and updating those data and actions as the program runs.

This lets us create a verifiable computing framework for any programming language, as long as we can build a “virtual machine” to run it. We create this virtual machine, which describes all the things the program does when it runs, and we then use a zk-SNARK on top of this virtual machine to make the computation verifiable as correct or not. This lets the programmer get the protection of zk-SNARK in the language for which a zkVM has been made.

How do zkVMs work?

Let’s describe zkVMs in a little more detail: A typical program operates on data which is held in registers. Each register is a slot for a few bytes of data which corresponds to some value that the program needs to think about to carry out its purpose. During each step of the program, a single operation is carried out on the data in those registers.

In a zkVM, we operate a zk-SNARK to check that each of these updates is correct. As an example, consider the following short program that computes the Collatz function.

0 WHILE x is EVEN: x /= 2
1 IF x == 1: y = 1
2 x *= 3 
3 x += 1
4 GOTO 0

We can write out, at each time step of the program:

• The number of the currently-executing instruction.
• The value of x.
• The value of y. 

This information, taken together, is called an execution trace.

In order to make a zkVM proof for this execution trace, we make a ZK proof for each step of this trace.

This lets us use the zk-SNARK technique to create verified computation for a program.

Conclusion

zk-SNARKs and zkVMs are core to enabling a wider range of developers to build on-chain applications, however they are hampered by being tied to specific languages. The number of Web3 users will not grow without first making it easier for more developers to build useful and compelling Web3 applications. For this reason, it is our mission at Pi Squared to expand the capabilities of zk-SNARKs and zkVMs for all programming languages through our Proof of Proof protocol. In a subsequent blog post, we’ll discuss some of the considerations that make this proving process as performant as possible.

If you want to learn more about Pi Squared ZK technology, check our introductory blog on Proof of Proof, or if you want to go deeper, read our documentation. Think Proof of Proof will help your dApp or other project? Reach out to our team.