To verify ZK proofs on-chain, Axiom uses specialized smart contracts which are programmatically generated for each SNARK. This was done with the snark-verifier library developed by the Privacy Scaling Explorations group at the Ethereum Foundation, which generates Yul code for verifying any given ZK circuit.
Compiling ZK Circuits to On-Chain Verifiers
We record the Rust command using snark-verifier which generates each of the on-chain ZK circuit verifiers below.
In AxiomV1and AxiomV1Query, each of these verifiers is subject to a timelock upgrade guarantee as detailed in Guardrails. To ensure that this timelock guarantee cannot be bypassed by a metamorphic contract attack, users should verify on each upgrade that the bytecode for verifier contracts above does not contain DELEGATECALL or SELFDESTRUCT opcodes. Thanks to Zellic for pointing out this concern.
Verifying the absence of these potentially problematic opcodes is possible either directly from the bytecode view on Etherscan or using tools such as metamorphic-contract-detector or evmdis. For convenience, we have integrated the latter to perform this check automatically in our Github CI for the axiom-v1-contracts repo.