RISC Zero is a zero-knowledge virtual machine (zkVM) that proves the correct execution of arbitrary code written in high-level languages like Rust. It leverages the open-source RISC-V instruction set architecture, compiling user programs into an executable format that runs inside the zkVM. The system generates a STARK (Scalable Transparent Argument of Knowledge) proof attesting that the program executed faithfully and produced a specific output, without revealing the program's inputs.
Glossary
RISC Zero

What is RISC Zero?
RISC Zero is a zero-knowledge virtual machine (zkVM) built on the RISC-V instruction set architecture, enabling developers to write programs in standard languages like Rust and generate STARK-based proofs of correct execution.
The architecture employs recursive proof composition to achieve efficiency, where a smaller, fast proof is generated and then wrapped by a larger, constant-size SNARK for on-chain verification. This design eliminates the need for a trusted setup ceremony, relying instead on collision-resistant hash functions for transparency and post-quantum security. RISC Zero's Bonsai proving service further abstracts infrastructure complexity, allowing developers to request proofs via API without managing dedicated hardware.
Key Features of RISC Zero
RISC Zero is a zero-knowledge virtual machine (zkVM) that proves the correct execution of arbitrary code written in standard languages like Rust. It combines the RISC-V instruction set architecture with a STARK-based proving system and recursive proof composition to deliver scalable, general-purpose verifiable computation.
RISC-V zkVM Architecture
RISC Zero implements a zero-knowledge virtual machine built on the open RISC-V instruction set architecture (ISA). This design choice means developers can write programs in standard high-level languages like Rust and C++, which compile to RISC-V binaries. The zkVM then executes these binaries and generates a validity proof attesting that the program ran correctly and produced a specific output. By using a general-purpose ISA rather than a custom circuit language, RISC Zero eliminates the need for developers to learn domain-specific languages like Circom for many applications, dramatically lowering the barrier to entry for verifiable computation.
- Executes unmodified RISC-V ELF binaries
- Supports Rust, C++, and any language targeting RISC-V
- Generates a STARK proof of correct execution
- Separates program logic from cryptographic proving infrastructure
STARK-Based Proving System
RISC Zero's core proving engine relies on ZK-STARKs (Zero-Knowledge Scalable Transparent Arguments of Knowledge). Unlike SNARK-based systems, STARKs require no trusted setup ceremony, eliminating the security risk of toxic cryptographic waste. STARKs rely on collision-resistant hash functions rather than bilinear pairings, giving them post-quantum security properties. The proving system encodes program execution traces as polynomial constraints, then uses the FRI (Fast Reed-Solomon Interactive Oracle Proof of Proximity) protocol to prove that these constraints are satisfied. STARKs scale efficiently with computation size, making them well-suited for complex workloads.
- No trusted setup required
- Post-quantum secure via hash-based cryptography
- Transparent: all randomness is publicly verifiable
- Proving time scales quasi-linearly with computation size
Recursive Proof Composition
RISC Zero implements recursive proof composition, a technique where a zero-knowledge proof attests to the validity of one or more previous proofs. This allows the system to compress arbitrarily many proofs into a single constant-size proof. The recursive layer uses a SNARK-friendly circuit to verify STARK proofs, combining STARK's scalability and transparency with SNARK's small proof sizes. This recursion enables proof aggregation across many independent computations and supports continuations—splitting large programs into segments, proving each segment, and recursively combining them into one final proof. The result is a system that can handle unbounded computation while maintaining compact, fast-to-verify proofs.
- Compresses multiple proofs into one constant-size proof
- Enables proof aggregation across independent executions
- Supports continuations for unbounded computation
- Combines STARK scalability with SNARK succinctness
Continuations for Unbounded Execution
RISC Zero's continuations mechanism splits large program executions into multiple segments, each proved independently, then recursively combines the segment proofs into a single final proof. This breaks through the memory and cycle limitations of a single zkVM instance. Without continuations, a zkVM can only prove computations that fit within its fixed cycle budget. With continuations, the system can handle arbitrarily long computations—from complex machine learning inference to entire blockchain state transitions—by segmenting the execution trace and composing proofs. This is critical for real-world applications that require proving computations far larger than what fits in a single circuit.
- Splits large programs into provable segments
- Recursively combines segment proofs
- Removes cycle budget limitations
- Enables proving of arbitrarily complex workloads
zkML: Verifiable Machine Learning
RISC Zero enables zero-knowledge machine learning (zkML) by proving that a specific model inference was executed correctly on a given input without revealing the model weights or the input data. Because the zkVM runs standard RISC-V code, existing ML frameworks can be compiled and executed inside the proving environment. This allows scenarios where a model provider can prove they ran a specific model without disclosing proprietary weights, or a user can prove they possess certain biometric data matching a template without revealing the raw data. zkML on RISC Zero bridges the gap between AI transparency and data privacy.
- Proves correct model inference without revealing weights
- Preserves input data privacy
- Runs standard ML code compiled to RISC-V
- Enables verifiable AI in privacy-sensitive domains
RISC Zero vs. Other zkVM Architectures
A technical comparison of RISC Zero's RISC-V based zkVM against other prominent zero-knowledge virtual machine designs across key architectural and performance dimensions.
| Feature | RISC Zero | zkSync (ZK Stack) | Polygon Miden |
|---|---|---|---|
Instruction Set Architecture | RISC-V (rv32im) | Custom zkEVM bytecode | Miden Assembly (custom) |
Proof System | STARK with FRI | PLONK-based SNARK | STARK with FRI |
Trusted Setup Required | |||
Recursive Proof Composition | |||
Proving Time (1M cycles) | ~2.5 sec | ~1.8 sec | ~3.1 sec |
Proof Size (constant) | ~200 KB | ~45 KB | ~150 KB |
Native Language Support | Rust, C++, Go (via RISC-V target) | Solidity, Yul, Vyper | Miden Assembly, Rust (via SDK) |
Post-Quantum Security |
Enabling Efficiency, Speed & Accuracy
Intelligent Analysis, Decision & Execution
We build AI systems for teams that need search across company data, workflow automation across tools, or AI features inside products and internal software.
Talk to Us
Search across company data
Give teams answers from docs, tickets, runbooks, and product data with sources and permissions.
Useful when people spend too long searching or get different answers from different systems.

Automate internal workflows
Use AI to route work, draft outputs, trigger actions, and keep approvals and logs in place.
Useful when repetitive work moves across multiple tools and teams.

Add AI to products and internal tools
Build assistants, guided actions, or decision support into the software your team or customers already use.
Useful when AI needs to be part of the product, not a separate tool.
Frequently Asked Questions
Clear, technical answers to the most common questions about RISC Zero's zkVM architecture, its use of STARKs, and how it enables verifiable computation for developers.
RISC Zero is a zero-knowledge virtual machine (zkVM) built on the open-source RISC-V instruction set architecture. It works by executing a program inside its zkVM, generating an execution trace, and then using a STARK-based proving system to produce a cryptographic receipt that proves the program ran correctly. The verifier can check this receipt in milliseconds without re-executing the program or seeing the inputs. The architecture uses a continuation mechanism to split large computations into segments, proves each segment individually, and then compresses them into a single proof via recursive proof composition. This allows RISC Zero to handle arbitrarily large computations while maintaining a constant-size, quickly verifiable proof. Developers write programs in Rust or C++ using standard toolchains, compile them to RISC-V, and the zkVM handles the cryptographic proving automatically.
Related Terms
Core cryptographic primitives and scaling architectures that form the foundation of RISC Zero's zero-knowledge virtual machine and recursive proof composition layer.

About the author
Prasad Kumkar
CEO & MD, Inference Systems
Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.
His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.
Partnered with leading AI, data, and software stack.
How We Work
Custom AI workflows for your Business
One-fit-all AI don't work for modern businesses. At Inferensys, we aim to understand your business & custom requirements; which we use to define most efficient agentic workflows, the data, and the tools for your business.
01
Review the use case
We understand the task, the users, and where AI can actually help.
Read more02
Pick the right approach
We define what needs search, automation, or product integration.
Read more03
Build the first useful version
We implement the part that proves the value first.
Read more04
Improve from there
We add the checks and visibility needed to keep it useful.
Read moreThe first call is a practical review of your use case and the right next step.
Talk to Us