Inferensys

Glossary

RISC Zero

RISC Zero is a zero-knowledge virtual machine (zkVM) built on the RISC-V instruction set architecture that uses ZK-STARKs to generate proofs of correct program execution, with a recursive proof composition layer for proof compression and scalability.
Knowledge engineer constructing knowledge base on laptop, document hierarchy visible, casual office setup.
VERIFIABLE COMPUTE INFRASTRUCTURE

What is RISC Zero?

RISC Zero is a zero-knowledge virtual machine (zkVM) built on the RISC-V instruction set architecture, enabling developers to write programs in standard languages like Rust and generate STARK-based proofs of correct execution.

RISC Zero is a zero-knowledge virtual machine (zkVM) that proves the correct execution of arbitrary code written in high-level languages like Rust. It leverages the open-source RISC-V instruction set architecture, compiling user programs into an executable format that runs inside the zkVM. The system generates a STARK (Scalable Transparent Argument of Knowledge) proof attesting that the program executed faithfully and produced a specific output, without revealing the program's inputs.

The architecture employs recursive proof composition to achieve efficiency, where a smaller, fast proof is generated and then wrapped by a larger, constant-size SNARK for on-chain verification. This design eliminates the need for a trusted setup ceremony, relying instead on collision-resistant hash functions for transparency and post-quantum security. RISC Zero's Bonsai proving service further abstracts infrastructure complexity, allowing developers to request proofs via API without managing dedicated hardware.

VERIFIABLE COMPUTE

Key Features of RISC Zero

RISC Zero is a zero-knowledge virtual machine (zkVM) that proves the correct execution of arbitrary code written in standard languages like Rust. It combines the RISC-V instruction set architecture with a STARK-based proving system and recursive proof composition to deliver scalable, general-purpose verifiable computation.

01

RISC-V zkVM Architecture

RISC Zero implements a zero-knowledge virtual machine built on the open RISC-V instruction set architecture (ISA). This design choice means developers can write programs in standard high-level languages like Rust and C++, which compile to RISC-V binaries. The zkVM then executes these binaries and generates a validity proof attesting that the program ran correctly and produced a specific output. By using a general-purpose ISA rather than a custom circuit language, RISC Zero eliminates the need for developers to learn domain-specific languages like Circom for many applications, dramatically lowering the barrier to entry for verifiable computation.

  • Executes unmodified RISC-V ELF binaries
  • Supports Rust, C++, and any language targeting RISC-V
  • Generates a STARK proof of correct execution
  • Separates program logic from cryptographic proving infrastructure
RISC-V
Instruction Set Architecture
02

STARK-Based Proving System

RISC Zero's core proving engine relies on ZK-STARKs (Zero-Knowledge Scalable Transparent Arguments of Knowledge). Unlike SNARK-based systems, STARKs require no trusted setup ceremony, eliminating the security risk of toxic cryptographic waste. STARKs rely on collision-resistant hash functions rather than bilinear pairings, giving them post-quantum security properties. The proving system encodes program execution traces as polynomial constraints, then uses the FRI (Fast Reed-Solomon Interactive Oracle Proof of Proximity) protocol to prove that these constraints are satisfied. STARKs scale efficiently with computation size, making them well-suited for complex workloads.

  • No trusted setup required
  • Post-quantum secure via hash-based cryptography
  • Transparent: all randomness is publicly verifiable
  • Proving time scales quasi-linearly with computation size
03

Recursive Proof Composition

RISC Zero implements recursive proof composition, a technique where a zero-knowledge proof attests to the validity of one or more previous proofs. This allows the system to compress arbitrarily many proofs into a single constant-size proof. The recursive layer uses a SNARK-friendly circuit to verify STARK proofs, combining STARK's scalability and transparency with SNARK's small proof sizes. This recursion enables proof aggregation across many independent computations and supports continuations—splitting large programs into segments, proving each segment, and recursively combining them into one final proof. The result is a system that can handle unbounded computation while maintaining compact, fast-to-verify proofs.

  • Compresses multiple proofs into one constant-size proof
  • Enables proof aggregation across independent executions
  • Supports continuations for unbounded computation
  • Combines STARK scalability with SNARK succinctness
05

Continuations for Unbounded Execution

RISC Zero's continuations mechanism splits large program executions into multiple segments, each proved independently, then recursively combines the segment proofs into a single final proof. This breaks through the memory and cycle limitations of a single zkVM instance. Without continuations, a zkVM can only prove computations that fit within its fixed cycle budget. With continuations, the system can handle arbitrarily long computations—from complex machine learning inference to entire blockchain state transitions—by segmenting the execution trace and composing proofs. This is critical for real-world applications that require proving computations far larger than what fits in a single circuit.

  • Splits large programs into provable segments
  • Recursively combines segment proofs
  • Removes cycle budget limitations
  • Enables proving of arbitrarily complex workloads
06

zkML: Verifiable Machine Learning

RISC Zero enables zero-knowledge machine learning (zkML) by proving that a specific model inference was executed correctly on a given input without revealing the model weights or the input data. Because the zkVM runs standard RISC-V code, existing ML frameworks can be compiled and executed inside the proving environment. This allows scenarios where a model provider can prove they ran a specific model without disclosing proprietary weights, or a user can prove they possess certain biometric data matching a template without revealing the raw data. zkML on RISC Zero bridges the gap between AI transparency and data privacy.

  • Proves correct model inference without revealing weights
  • Preserves input data privacy
  • Runs standard ML code compiled to RISC-V
  • Enables verifiable AI in privacy-sensitive domains
ARCHITECTURAL COMPARISON

RISC Zero vs. Other zkVM Architectures

A technical comparison of RISC Zero's RISC-V based zkVM against other prominent zero-knowledge virtual machine designs across key architectural and performance dimensions.

FeatureRISC ZerozkSync (ZK Stack)Polygon Miden

Instruction Set Architecture

RISC-V (rv32im)

Custom zkEVM bytecode

Miden Assembly (custom)

Proof System

STARK with FRI

PLONK-based SNARK

STARK with FRI

Trusted Setup Required

Recursive Proof Composition

Proving Time (1M cycles)

~2.5 sec

~1.8 sec

~3.1 sec

Proof Size (constant)

~200 KB

~45 KB

~150 KB

Native Language Support

Rust, C++, Go (via RISC-V target)

Solidity, Yul, Vyper

Miden Assembly, Rust (via SDK)

Post-Quantum Security

RISC ZERO FAQ

Frequently Asked Questions

Clear, technical answers to the most common questions about RISC Zero's zkVM architecture, its use of STARKs, and how it enables verifiable computation for developers.

RISC Zero is a zero-knowledge virtual machine (zkVM) built on the open-source RISC-V instruction set architecture. It works by executing a program inside its zkVM, generating an execution trace, and then using a STARK-based proving system to produce a cryptographic receipt that proves the program ran correctly. The verifier can check this receipt in milliseconds without re-executing the program or seeing the inputs. The architecture uses a continuation mechanism to split large computations into segments, proves each segment individually, and then compresses them into a single proof via recursive proof composition. This allows RISC Zero to handle arbitrarily large computations while maintaining a constant-size, quickly verifiable proof. Developers write programs in Rust or C++ using standard toolchains, compile them to RISC-V, and the zkVM handles the cryptographic proving automatically.

Prasad Kumkar

About the author

Prasad Kumkar

CEO & MD, Inference Systems

Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.

His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.