Cryptology ePrint Archive: Report 2021/1063

Cairo – a Turing-complete STARK-friendly CPU architecture

Lior Goldberg and Shahar Papini and Michael Riabzev

Abstract: Proof systems allow one party to prove to another party that a certain statement is true. Most existing practical proof systems require that the statement will be represented in terms of polynomial equations over a finite field. This makes the process of representing a statement that one wishes to prove or verify rather complicated, as this process requires a new set of equations for each statement. Various approaches to deal with this problem have been proposed. We present Cairo, a practically-efficient Turing-complete STARK-friendly CPU architecture. We describe a single set of polynomial equations for the statement that the execution of a program on this architecture is valid. Given a statement one wishes to prove, Cairo allows writing a program that describes that statement, instead of writing a set of polynomial equations.

Category / Keywords: cryptographic protocols / Cairo, STARK, zkSTARK, proof system, zero knowledge, programming language, compilation

Date: received 16 Aug 2021

Contact author: lior at starkware co, spapini at starkware co, michael at starkware co

Available format(s): PDF | BibTeX Citation

Version: 20210816:133123 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]