On-chain ZK Verifiers

How Axiom verifies ZK proofs on-chain.

To verify ZK proofs on-chain, Axiom uses specialized smart contracts which are programmatically generated for each SNARK. This was done with the snark-verifier library developed by the Privacy Scaling Explorations group at the Ethereum Foundation, which generates Solidity assembly code for verifying any given ZK circuit.

Deployed Verifier Contracts

We deployed the verifier contracts to Goerli from Solidity source code using solc Version: 0.8.19. The Solidity assembly code for each contract can be inspected on Etherscan.

We will soon be open-sourcing the Rust code used to programmatically generate the Solidity code above.

Checking Verifiers are not Metamorphic

In AxiomV2CoreMockHistoricaland AxiomV2Query, each of these verifiers is subject to a timelock upgrade guarantee. To ensure that this timelock guarantee cannot be bypassed by a metamorphic contract attack, users should verify on each upgrade that the bytecode for verifier contracts above does not contain DELEGATECALL or SELFDESTRUCT opcodes. This can be done either by searching the Solidity assembly code or analyzing the compiled bytecode itself. Thanks to Zellic for pointing out this concern.

Last updated