Skip to main content

Basics

All the methods needed for generating proofs are included in the sp1_sdk crate. Most importantly, you’ll use the ProverClient to set up the proving and verifying keys for your program. You can then use the execute, prove, and verify methods to run your program and generate and verify proofs.

Example: Fibonacci

To make this more concrete, let's walk through a simple example of generating a proof for a Fibonacci program inside the zkVM. The complete source code for the example is available here.

Embedding the Program's ELF File

First, specify the ELF file of the program for which you are generating the proof.

Loading...

Setting Up the Logger

The sp1-sdk logger displays useful information such as program execution time as your script is running.

Loading...

Providing Input for the Program

The input for the Fibonacci program is n, which specifies which Fibonacci number to calculate.

The program reads this input from SP1Stdin.

Loading...

Initializing the ProverClient

Next, initialize the ProverClient, which is the interface for executing programs and generating and verifying proofs.

Loading...

Executing the Program

First, we want to "execute" the Fibonacci program. Execution gives the estimated "proving cost" for generating a proof for the program as well as the "output" with the specified inputs, without needing to generate a computationally-intensive proof.

Using ProverClient.execute(), we pass the program (ELF) and the input to the program. Executing the program takes a fraction of the time of generating a proof of the program.

Loading...

Generating the Proof

Next, we'll generate a proof with the ProverClient.

Obtain the proving and verification key by calling ProverClient.setup() with the executable. These keys encode information about the program that the SP1 prover requires.

Then, call ProverClient::prove with the SP1ProvingKey and the input.

In this example, we are using a compressed proof type; more information on proof types can be found here.

Loading...

Reading the Public Values

After the proof generation is complete, you can read the public values from the proof. The public values bind a proof to a sub-set of the inputs of the program.

These values are read in the same order in which they are committed within the program with sp1_zkvm::io::commit or sp1_zkvm::io::commit_slice.

Loading...

Verifying the Proof

To verify a proof, use client.verify, providing the proof (which includes the public values) and the verification key as arguments.

Loading...

This example can be run from the script directory with RUST_LOG=info cargo run --release.

Running the script will generate a proof locally.