On-chain ZK Verifiers
How Axiom verifies ZK proofs on-chain.
Last updated
How Axiom verifies ZK proofs on-chain.
Last updated
To verify ZK proofs on-chain, Axiom uses specialized smart contracts which are programmatically generated for each SNARK. This was done with the snark-verifier library developed by the Privacy Scaling Explorations group at the Ethereum Foundation, which generates Yul code for verifying any given ZK circuit.
We record the Rust command using snark-verifier which generates each of the on-chain ZK circuit verifiers below.
| Verifier | Yul Generation Command |
|---|---|
The Yul source code for each verifier contract deployed in production is listed on Github. To generate bytecode for deployment, we used the command
using solc Version: 0.8.19. For reproduceability, the deployed bytecodes on Etherscan and Yul contracts compiling to them are listed below.
| Contract | Yul Code |
|---|---|
In AxiomV1and AxiomV1Query, each of these verifiers is subject to a timelock upgrade guarantee as detailed in Guardrails. To ensure that this timelock guarantee cannot be bypassed by a metamorphic contract attack, users should verify on each upgrade that the bytecode for verifier contracts above does not contain DELEGATECALL or SELFDESTRUCT opcodes. Thanks to Zellic for pointing out this concern.
Verifying the absence of these potentially problematic opcodes is possible either directly from the bytecode view on Etherscan or using tools such as metamorphic-contract-detector or evmdis. For convenience, we have integrated the latter to perform this check automatically in our Github CI for the axiom-v1-contracts repo.
AxiomV1 Verifier
AxiomV1 Historical Verifier
AxiomV1Query Verifier