#crypto #zkp #stark #verifier

no-std winter-verifier

Winterfell STARK verifier

4 releases (breaking)

Uses new Rust 2021

0.4.0 Apr 29, 2022
0.3.0 Jan 5, 2022
0.2.0 Aug 24, 2021
0.1.0 Aug 4, 2021

#318 in Cryptography

Download history 204/week @ 2022-06-06 363/week @ 2022-06-13 250/week @ 2022-06-20 656/week @ 2022-06-27 536/week @ 2022-07-04 500/week @ 2022-07-11 248/week @ 2022-07-18 243/week @ 2022-07-25 352/week @ 2022-08-01 198/week @ 2022-08-08 161/week @ 2022-08-15 192/week @ 2022-08-22 191/week @ 2022-08-29 365/week @ 2022-09-05 226/week @ 2022-09-12 286/week @ 2022-09-19

1,068 downloads per month
Used in 3 crates (2 directly)

MIT license

795KB
12K SLoC

Winterfell STARK verifier

This crate contains an implementation of a STARK verifier which can verify proofs generated by a prover from the prover crate.

Usage

To verify a proof you can use verifier::verify() function, which has the following signature:

pub fn verify<AIR: Air>(
    proof: StarkProof,
    pub_inputs: AIR::PublicInputs,
) -> Result<(), VerifierError>;

where:

  • AIR is a type implementing Air trait for your computation (see air crate for more info).
  • proof is the proof generated by the prover attesting that the computation was executed correctly against some set of public inputs.
  • pub_inputs is the set of public inputs against which the computation was executed by the prover.

For example, if we have a struct FibAir which implements the Air trait and describes a computation of a Fibonacci sequence (see examples crate for the concrete implementation), we could verify that the prover computed the 1,048,576th term of the sequence correctly, by executing the following:

let fib_result = BaseElement::new(226333832811148522147755045522163790995);
match verifier::verify::<FibAir>(proof, fib_result) {
    Ok(_) => debug!("Proof verified!"),
    Err(err) => debug!("Failed to verify proof: {}", err),
}

where, 226333832811148522147755045522163790995 is the 1,048,576th term of the Fibonacci sequence when the sequence is computed in a 128-bit field with modulus 2128 - 45 * 240.

Performance

Proof verification is extremely fast and is nearly independent of the complexity of the computation being verified. In vast majority of cases proofs can be verified in 3 - 5 ms on a modern mid-range laptop CPU (using a single core).

There is one exception, however: if a computation requires a lot of sequence assertions (see air crate for more info), the verification time may grow beyond 5 ms. But for the impact to be noticeable, the number of asserted values would need to be in tens of thousands. And even for hundreds of thousands of sequence assertions, the verification time should not exceed 50 ms.

Crate features

This crate can be compiled with the following features:

  • std - enabled by default and relies on the Rust standard library.
  • no_std - does not rely on the Rust standard library and enables compilation to WebAssembly.

To compile with no_std, disable default features via --no-default-features flag.

License

This project is MIT licensed.

Dependencies

~2.5MB
~47K SLoC