This repository provides functionabilities to verify cairo program execution using plonkish arithemization + KZG polynomial commitment. This repository is built based on Axiom's halo2-lib library. state transition function is implemented following section 4.5 of Cairo white paper.

The Cairo language is a popular programming language for building zero knowledge applications which has a long track record with production apps built on top and zk friendly design. Building the Cairo VM in halo2 would allow any previous code written in the VM to be able to generate ZK proofs that can be efficiently verified on-chain through our existing snark-verifier stack. Compared to proofs generated by STARK, proofs generated by Halo2 with KZG backend should have smaller proof size, shorter verification time with tradeoff on transparency and post quantum security. goal: verify any Cairo program on Ethereum using Halo2 efficiently.

Cairo frontend: Transform Cairo program into Cairo chip input data. The vm function succeeds iff executing the Cairo program generates expected return value. Cairo Chip input: data fed to the circuit simulating state transition of Cairo VM. includes:

1. immutable memory
2. value of the three registers before & after execution
3. public instance constraints to enforce Cairo program return value is expected.
4. number of cpu cycles

Cairo Chip: circuits built on halo2 simulating state transition function of Cairo VM. VM function: given register values, number of cpu cycles and memory, return True if:

1. all public instance constraints satisfied.
2. no unidentified behavior.
3. after running state_transition function for the given cpu cycles, the register values match expected register value.

state transition function: given register values, return register values after one cycle. Panic if unidentified behavior encountered. memory read function: read the immutable memory at arbitrary index. Will start with naive O(n) solution then adopt dynamic lookup table.

Install rust:

curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh

Clone this repo:

git clone https://github.com/odyssey2077/halo2-cairo.git
cd halo2-cairo

LOOKUP_BITS=10 cargo run --example cairo_program_with_builtin -- --name cairo_program_with_builtin -k 11 mock

LOOKUP_BITS=10 cargo run --example cairo_program_with_builtin -- --name cairo_program_with_builtin -k 11 keygen

After you have generated the proving and verifying keys, you can generate a proof using

LOOKUP_BITS=10 cargo run --example cairo_program_with_builtin -- --name cairo_program_with_builtin -k 11 prove

After you have generated the proving and verifying keys, you can verify a proof using

LOOKUP_BITS=10 cargo run --example cairo_program_with_builtin -- --name cairo_program_with_builtin -k 11 verify