Inferensys

Glossary

Proof Carrying Data (PCD)

A cryptographic primitive enabling a proof that attests to the correct execution of a distributed computation across multiple steps or parties, maintaining a verifiable lineage of state transitions.
Cinematic overhead of a WeWork creative suite room with multiple curved monitors showing AI decision dashboards, executives in casual attire reviewing data, dramatic pendant lighting.
DISTRIBUTED VERIFIABLE COMPUTATION

What is Proof Carrying Data (PCD)?

Proof Carrying Data (PCD) is a cryptographic primitive that enables a proof attesting to the correct execution of a distributed computation across multiple steps or parties, maintaining a verifiable lineage of state transitions.

Proof Carrying Data (PCD) is a recursive cryptographic primitive that produces a single, compact proof verifying the entire history of a distributed computation. Unlike a static zero-knowledge proof that attests to a single statement, PCD ensures that a final output is correct only if every preceding step in a multi-party or multi-step process was executed correctly. The proof is "carried" alongside the data as it moves through the computational graph, creating an unforgeable chain of incremental verifiability.

PCD generalizes Incrementally Verifiable Computation (IVC) to a distributed setting where different parties perform each computation step. Each participant receives an input and a prior proof, performs their local computation, and generates a new proof that attests to their step's correctness and the validity of the entire preceding history. This enables trustless, asynchronous collaboration, making PCD foundational for scalable zk-rollups, verifiable MapReduce, and privacy-preserving multi-party machine learning pipelines.

DISTRIBUTED VERIFIABLE COMPUTATION

Key Characteristics of PCD

Proof Carrying Data (PCD) is a cryptographic primitive that generalizes Incrementally Verifiable Computation (IVC) to distributed settings. It enables a proof that attests to the correct execution of a computation across multiple steps or parties, maintaining a verifiable lineage of state transitions without requiring a single prover to know the entire history.

01

Distributed Proof Composition

Unlike single-prover IVC, PCD allows multiple independent provers to each generate a proof for their local computation step. These proofs are then recursively composed into a single, constant-size proof that attests to the correctness of the entire distributed computation. Each participant only needs to know their own input and the incoming proof from the previous step, not the entire global history.

  • Enables asynchronous collaboration across untrusted parties
  • Final proof size and verification time are independent of the total number of steps
  • Built on recursive composition of Succinct Non-Interactive Arguments of Knowledge (SNARKs)
02

Compliance Predicates

PCD enforces compliance predicates—local rules that each step of the computation must satisfy. A predicate is a boolean function that checks whether a state transition is valid given the input, output, and incoming proof. If any step violates its predicate, no valid final proof can be generated.

  • Predicates act as distributed invariant checks
  • Enables policy enforcement without a central authority
  • Used in blockchain rollups to ensure every transaction follows protocol rules
03

Message Passing Model

PCD formalizes distributed computation as a message-passing graph where nodes represent computation steps and edges carry both data and proofs. Each node receives a message with an attached proof of its sender's correct execution, performs its local computation, and outputs a new message with an updated proof.

  • The graph topology can be arbitrary and dynamic
  • Supports branching and merging of computation paths
  • Natural fit for modeling asynchronous distributed systems and cross-chain communication
04

Constant-Size Verification

A defining property of PCD is that the final proof size and verification cost remain constant regardless of how many steps or parties contributed to the computation. This is achieved through recursive SNARK composition, where each new proof absorbs and verifies the previous proof before generating its own.

  • Verification time: O(1) relative to computation length
  • Proof size typically a few hundred bytes in modern systems
  • Critical for resource-constrained verifiers like light clients and on-chain smart contracts
05

Folding Schemes for PCD

Modern PCD constructions leverage folding schemes like Nova to achieve dramatically faster prover times. Instead of fully verifying the incoming proof at each step, a folding scheme reduces two instances of a constraint system into a single instance, deferring expensive cryptographic operations.

  • Nova achieves sub-linear prover costs through incremental folding
  • Eliminates the need for expensive proof verification at each recursive step
  • Enables practical PCD for long-running distributed computations with frequent state updates
06

Applications in Blockchain Rollups

PCD is the cryptographic backbone of recursive zk-rollups and verifiable blockchain scaling solutions. Each transaction generates a proof of valid execution, and a batch prover recursively composes these into a single proof submitted to the Layer-1 chain.

  • Enables horizontal scaling through parallel proof generation
  • Used in systems like Mina Protocol where the entire blockchain is a single recursive proof
  • Supports cross-rollup interoperability by carrying proofs across independent execution environments
PROOF CARRYING DATA

Frequently Asked Questions

Explore the core concepts behind Proof Carrying Data (PCD), a foundational primitive for incrementally verifiable computation and recursive zero-knowledge proofs.

Proof Carrying Data (PCD) is a cryptographic primitive that produces a succinct proof attesting to the correct execution of a distributed, step-by-step computation. It works by wrapping both the current computational step's output and a proof of all prior steps' correctness into a single, constant-size proof. This creates a verifiable lineage of state transitions. Unlike a simple recursive proof, PCD is specifically designed for a compliance predicate, meaning the proof not only shows that a computation happened but that it followed specific application rules at every step. This is the core mechanism behind Incrementally Verifiable Computation (IVC).

Prasad Kumkar

About the author

Prasad Kumkar

CEO & MD, Inference Systems

Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.

His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.