Compiling to ZKVMs

With the advent of non-uniform folding schemes, the lookup singularity, generalised arithmetisations such as CCS and the application of towers of binary fields to SNARKs, many of the existing assumptions on SNARKs have been put into question, and the design space of zkVMs has opened.

Although zkVMs provide a friendly developer experience, their proving time is still significantly (around a million times) slower than direct compilation to circuits due to the overhead of their abstractions (stack, memory, execution unit, etc).

One of the causes of their poor performance is that existing zkVMs are still program agnostic; their provers haven't leveraged the structure of a program. Compilers have a long history of optimising computations by identifying patterns in their structure. We take advantage of the fact that a program is generally executed before it is proven, so the prover of a zkVM is aware of execution trace before establishing a proving strategy. We explore different ways zkVMs may benefit from identifying identical sub-circuits (data-parallel circuits) in programs by analysing techniques such as the GKR protocol, uniform compilers and proof-carrying data (PCD).