**Cairo – a Turing-complete STARK-friendly CPU architecture**

*Lior Goldberg and Shahar Papini and Michael Riabzev*

**Abstract: **Proof systems allow one party to prove to another party that a certain statement is true. Most existing practical proof systems require that the statement will be represented in terms of polynomial equations over a
finite field. This makes the process of representing a statement that one wishes to prove or verify rather complicated, as this process requires a new set of equations for each statement.
Various approaches to deal with this problem have been proposed.
We present Cairo, a practically-efficient Turing-complete STARK-friendly CPU architecture. We describe a single set of polynomial equations for the statement that the execution of a program on this architecture is valid. Given a statement one wishes to prove, Cairo allows writing a program that describes that statement, instead of writing a set of polynomial equations.

**Category / Keywords: **cryptographic protocols / Cairo, STARK, zkSTARK, proof system, zero knowledge, programming language, compilation

**Date: **received 16 Aug 2021

**Contact author: **lior at starkware co, spapini at starkware co, michael at starkware co

**Available format(s): **PDF | BibTeX Citation

**Version: **20210816:133123 (All versions of this report)

**Short URL: **ia.cr/2021/1063

[ Cryptology ePrint archive ]