In classic Ethereum, bugs are noisy: if one client diverges, other clients complain, and consensus fails until fixed.
In zk Ethereum, bugs can be silent: the proof validates the wrong execution and everyone downstream accepts it as truth.
I mean that the witness is like a transcript of everything the EVM touched while running a block: contract code, storage slots, gas usage, etc. so you can replay the block later using only this transcript, without needing the full Ethereum state.
For security, that witness ideally needs to be cryptographically bound to the block (e.g., via Merkle commitments), so no one can tamper with it.
The executor is the piece that replays that transcript deterministically. If it does so correctly, then you can generate a zk proof saying “this block really executed as Ethereum says it should.” But correctness here isn’t binary, it means bit-for-bit agreement with the Yellow Paper and all EIPs, including tricky cases like precompile gas rules. So the danger is in the details. If the witness omits even one corner case, or the executor diverges subtly, the zk system can still generate a perfectly valid proof, but of the wrong thing. zk proofs don’t check what you proved, only that you proved it consistently. In today’s consensus model, client bugs show up quickly when nodes disagree.
So while the compilation and toolchain work here is impressive, the real challenge is making sure the witness and executor are absolutely faithful to Ethereum semantics, with strong integrity guarantees. Otherwise you risk building cryptographic certainty, but about the wrong computation. This makes the witness/executor correctness layer the single point of failure in my view where human fallibility can undermine mathematical guarantees, looking forward to understand how this problem will be tackled
> In zk Ethereum, bugs can be silent: the proof validates the wrong execution and everyone downstream accepts it as truth.
Are there any write-ups by folks who have run into this scenario? Maybe Linea while developing their zkEVM?
benaadams•4mo ago
Compile C# to a minimal RISC-V runtime. You run the program once, and instead of shipping all the outputs and logs, you generate a zk proof—a tiny math receipt that says "this execution was correct." Anyone can verify that receipt in milliseconds.
It's a bit like TEEs (Intel SGX, AMD SEV) where you outsource compute to someone else and rely on hardware to prove they ran it faithfully. The difference is zk proofs don’t depend on trusting special chips or vendors - it's just math.
Implications:
* Offload heavy workloads to untrusted machines but still verify correctness
* Lightweight sync and validation in distributed systems
* New trust models for cloud and datacenter compute
supermatt•4mo ago
Im not familiar with how these zk proofs work, but for a PoW scheme I was working with the binary proofs were over 60kb - and they were sample based to decrease probability of cheating - not an absolute proof without full replay.
Do you have some info/resource to describe how these proofs work and can be so small?
cassonmars•4mo ago
supermatt•4mo ago