Skip to main content

ZkSync Era Verifier


Statement hash components

  • context: keccak256(b"zksync")
  • vk: keccak256([])
  • pubs: keccak256(pubs)

Verifier implementation

This Verifier implementation can be used to verify ZkSync-Era proofs; these proofs are generated by Boojum prover that's a STARK-based proof system. ZkSync-Era rollups generate these proofs and you can verify them on ZkVerify instead of post them directly on Ethereum. public inputs: the pallet use zksync-era-verifier crate

  • verify_proof() uses zksync-era-verifier crate to deserialize the proof and then verify them against the given public inputs.

  • Define the following types:

    pub type Pubs = [u8; 32];
    pub type Proof = [u8; 1402];
    pub type Vk = ();
  • hash context data is b"zksync"

  • the pubs bytes are the input ones


In this pallet it doesn't make sense to register any verification key, because the only valid one is (): the void key.


The pallet's duties are summarized in the following code snippet:

use zksync_era_verifier::{default_eth_vk, deserialize_eth_proof, verify, ZkSyncEthProof};

let mut eth_proof: ZkSyncEthProof =
eth_proof.inputs = &proof_data.to_vec();
let vk = default_eth_vk();
assert!(verify(&vk, &eth_proof).unwrap());

The submitProof exstrinsic can fail both if it's not possible to deserialize the proof or public inputs (InvalidProofData, InvalidInput) or if the proof doesn't verify (VerifyError).