Skip to content

STARKNET_PROOF_PACKAGE.md

Latest commit

 

History

History
197 lines (153 loc) · 5.03 KB

STARKNET_PROOF_PACKAGE.md

File metadata and controls

197 lines (153 loc) · 5.03 KB

BitSage STWO Circle STARK Proof Package

Overview

This document contains a real ZK proof generated by the BitSage/Obelysk system using STWO (STark Witness Optimization) - the same proving system developed by StarkWare. The proof demonstrates verifiable ML inference execution.

Proof Summary

Property Value
Proof System STWO Circle STARK
Field Mersenne-31 (M31 = 2^31 - 1)
Security Level ~128 bits
Trace Length 11 steps
Trace Width 26 columns
Proof Size 3,156 bytes
Generation Time 3ms
Prover Version obelysk-stwo-real-0.1.0

What This Proof Proves

This proof cryptographically guarantees the correct execution of a 2-layer neural network inference:

Architecture: 4 inputs -> 8 hidden neurons -> 3 output classes
Input Features: [128, 64, 200, 32]
Output Logits: [107688, 110720, 104576]
Predicted Class: 1 (highest score)

The proof verifies:

  1. Layer 1: hidden = W1 * input (8x4 matrix multiplication)
  2. Layer 2: output = W2 * hidden (3x8 matrix multiplication)
  3. All arithmetic operations in M31 field were computed correctly

Proof Structure

1. Trace Commitment (Blake2s hash)

0x105e253ba9ac87b5871894a22fc4c4b068aebad31b1e668b620d0ec0eb1daa5

2. FRI Layers (5 layers of folding)

Layer Evaluations
0 [223630498, 666577364, 844249888, 141066512, 326858960, 59193033]
1 [1252673071, 1251377599, 306788208, 1090021634, 803259892, 57491036]
2 [273232310, 1725359234]
3 [736184639, 1032325421, 1464491648, 2141703334]
4 [1124838616, 1432028024]

3. Query Openings (3 random queries)

  • Position 0: Merkle path verified
  • Position 1: Merkle path verified
  • Position 2: Merkle path verified

4. Public Inputs/Outputs

  • Public Inputs: [11] (trace length indicator)
  • Public Outputs: [166533543, 30379017] (compressed result hash)

Cairo Verifier Contract

The proof can be verified on-chain using our deployed StwoVerifier contract:

Starknet Sepolia:

StwoVerifier: 0x00555555e154e28a596a59f98f857ec85f6dc7038f8d18dd1a08364d8e76dd47
ProofVerifier: 0x06c27c897108f20afbd045e561e465e0843d85e84fe7dfd55f910ee75df6385a

Verification Interface

#[starknet::interface]
trait IStwoVerifier<TContractState> {
    fn verify_proof(
        ref self: TContractState,
        trace_commitment: felt252,
        fri_commitments: Array<felt252>,
        fri_evaluations: Array<Array<felt252>>,
        query_positions: Array<u64>,
        merkle_paths: Array<Array<felt252>>,
        public_inputs: Array<felt252>,
        public_outputs: Array<felt252>
    ) -> bool;

    fn get_verification_key(self: @TContractState) -> felt252;
}

Serialized Proof for On-Chain Submission

The proof serializes to 50 felt252 elements for Starknet submission:

{
  "metadata": {
    "original_size_bytes": 3156,
    "serialized_elements": 50,
    "public_input_hash": "0x009a7025bda9312b19...",
    "config": {
      "log_blowup_factor": 4,
      "log_last_layer_degree_bound": 5,
      "n_queries": 30,
      "pow_bits": 26
    }
  }
}

How to Reproduce

1. Generate the Proof

cd rust-node
cargo run --example real_ml_proof --release

2. Submit to Starknet

export STARKNET_PRIVATE_KEY=0x...
export STARKNET_ACCOUNT_ADDRESS=0x...
cargo run --example e2e_proof_on_chain --release

Technical Details

Constraint System (AIR)

The Obelysk VM uses a 26-column trace layout:

Columns Purpose
0-7 Register state (r0-r7)
8-15 Previous register state
16 Program counter
17 Opcode
18-19 Source registers
20 Destination register
21 Immediate value
22 Memory address
23-24 Memory read/write values
25 Cycle counter

FRI Configuration

Parameter Value
Blowup Factor 8x
Number of Queries 42
Log Last Layer Degree 5
PoW Bits 26

Merkle Tree

  • Hash Function: Blake2s
  • Leaf Format: M31 field elements
  • Authentication Path: 32-byte nodes

Integration with Starknet

This proof system is designed to work natively with Starknet's infrastructure:

  1. Same Field: We use M31 (Mersenne-31), compatible with Starknet's field
  2. STWO Compatible: Based on the same STWO prover from StarkWare
  3. Cairo Verifiable: Proof format designed for Cairo verification
  4. Gas Efficient: Optimized serialization for on-chain costs

Full Proof JSON

The complete proof is saved at: /tmp/ml_inference_proof.json

{
  "trace_commitment": [16, 94, 37, 48, 186, 154, 200, 123, ...],
  "fri_layers": [...],
  "openings": [...],
  "public_inputs": [11],
  "public_outputs": [166533543, 30379017],
  "metadata": {
    "trace_length": 11,
    "trace_width": 26,
    "generation_time_ms": 3,
    "proof_size_bytes": 3156,
    "prover_version": "obelysk-stwo-real-0.1.0"
  }
}

Contact

For questions about the proof format or integration:

  • GitHub: BitSage Network
  • Proof generated: 2026-01-21