Engineering · zkVerify

AERE verifies zk proofs natively, SP1 + RISC Zero live on chain 2800

AERE Network now natively verifies zero-knowledge proofs from the two leading EVM-targeting proving systems: SP1 v6.1.0 (Succinct Labs) and RISC Zero zkVM. The first real proof, a canonical SP1 Groth16 proof of a Fibonacci computation, was verified end-to-end at block 2,151,318 on chain 2800.

Why this matters: any application that wants to bring trustless off-chain compute (a complex calculation, a credential check, a state transition) into an EVM smart contract can now do it on AERE, for the same gas cost as Ethereum mainnet, but with 0.5-second blocks. Real Groth16 pairing math runs on the EVM's alt_bn128 precompiles. Same engine class as Polygon zkEVM and zkSync's prover-side, but as a primitive any AERE contract can call.

The stack we deployed

We followed the canonical pattern Succinct Labs and RISC Zero recommend for production deployments: concrete verifier contracts behind a gateway/router, with downstream apps integrating against the stable gateway address. When a future SP1 v7 or RISC Zero v2 ships, the gateway operator calls addRoute() to register the new verifier, every integrating app keeps working unchanged.

ComponentAddress on chain 2800
SP1VerifierGateway (stable)0x9ca479C8c52C0EbB4599319a36a5a017BCC70628
SP1VerifierGroth16 v6.1.00xb5456d48bFdA70635c13b6CBE1Ad0310Dc0171aD
SP1VerifierGroth16 v6.0.00xa9BD3020bC9a9614F9e2BC1618153c9fB1890ca6
SP1VerifierPlonk v6.1.00x24a7a85E6D9A2b120F2730880bE7283dFB14d29B
RiscZeroVerifierRouter (stable)0x3f7015BC3290e63F7EC68ecF769b00aB296a249C
RiscZeroGroth16Verifier0x95cB30f3bdb3187f39203A9907bf707Aef07a1FD
AereProofRegistry v2 (stable)0x0A9b09677DbE995ACfC0A28F0033e68F068517Ee

The contracts are the canonical sources from the upstream succinctlabs/sp1-contracts and risc0/risc0-ethereum repositories, compiled with Solidity 0.8.23 and the standard 200-run optimizer. No AERE-specific modifications to the math, the only edits were import-path tweaks to match our OpenZeppelin v4.9 layout, and a constructor adapter to bridge OZ v4's Ownable() to upstream's v5-style Ownable(initialOwner) signature.

End-to-end verification, observed live

We registered the canonical Fibonacci program (vkey 0x004a55ed…3090) on AereProofRegistry and submitted SP1's official v6.0.0 Fibonacci Groth16 fixture proof. The flow:

  1. AereProofRegistry.submitSP1Proof() verifies the program is registered + enabled
  2. Routes the call to SP1VerifierGateway.verifyProof()
  3. Gateway reads the first 4 bytes of the proof (selector 0x0e78f4db)
  4. Routes to the v6.0.0 concrete verifier
  5. Real Groth16 pairing math executes on the BN254 precompiles (≈230k gas)
  6. Returns success → registry emits ProofVerified event with the program key indexed

Transaction: 0x8b5f36c4…1cfef3 in block 2,151,318. Gas used: 562,415 (verification + storage). The verified proof is permanently on-chain; off-chain consumers can subscribe to ProofVerified events filtered by their program of interest and use the attestation as input to their own logic.

Live event feed

See verified proofs as they land at aere.network/zk-proofs, a live event feed reading ProofVerified directly from the registry on chain 2800.

What you can build with this

What we explicitly did NOT do

We did not deploy a placeholder verifier with stub math. We did not pin a release-candidate version and call it production. We did not build a fee-extracting middleware in front of free verification. Every contract on the list above is the canonical upstream source, deployed as-is, and the first proof verified is a real cryptographic proof from SP1's own test suite that any independent observer can re-run on the exact same data.

← Back to all posts