This project introduces a system of zero-knowledge circuits—LiquidityCircuit, SwapCircuitGKR, and VerifierCircuitGKR—designed to enable efficient onchain verification of cross-chain liquidity provision and token swaps. Leveraging Recursive GKR (Gennaro, Gentry, Krawczyk, and Rabin) compression, we minimize gas costs and proof sizes, making complex DeFi operations scalable and verifiable on Ethereum.
Built for the hackathon theme "Efficient Onchain Verifiers Using Recursive GKR Compression", this solution proves liquidity and swap computations offchain, compressing them into a single, constant-sized proof for cheap onchain verification.
- Purpose: Proves a user has provided or withdrawn liquidity in a pool (e.g., Uniswap-style AMM).
- Inputs:
- Owner address (
U256) - Tick range (
tick_lower,tick_upper) - Liquidity delta (
i128) - Current sqrt price (
sqrt_price_current_x96) - Optional hook data
- Owner address (
- Logic:
- Validates tick alignment and range (
tick_lower < tick_upper). - Computes token deltas (
amount0,amount1) using sqrt price math, scaled by 10^18. - Outputs deltas as public signals.
- Validates tick alignment and range (
- Design: Uses BN254 arithmetic and Poseidon hashing for efficiency.
- Purpose: Proves a swap operation adheres to pool rules.
- Inputs:
- Swap direction (
zero_for_one) - Amount specified (
I256) - Price limit (
sqrt_price_limit_x96) - Current price (
sqrt_price_current_x96) - Liquidity (
u128) - Fee pips (
u32)
- Swap direction (
- Logic:
- Calculates next sqrt price, amount in/out, and fee.
- Adjusts deltas based on hooks (e.g., 1% fee tweak).
- Outputs signed
amount0andamount1as public signals.
- Design: GKR-friendly arithmetic for swap step computation.
- Purpose: Aggregates and verifies multiple proofs onchain.
- Inputs:
- Final proof (
Proof) - Aggregated prior proofs
- Public outputs (
amount0,amount1)
- Final proof (
- Logic:
- Recursively hashes proofs with Poseidon:
Poseidon(prev_proof, amount0)→Poseidon(intermediate, amount1). - Asserts the final proof matches the aggregated hash.
- Recursively hashes proofs with Poseidon:
- Design: Lightweight, optimized for recursive compression.
- Each circuit generates a GKR proof for its computation.
generate_gkr_proofhashes proofs sequentially:Poseidon(prev_proof, amount0)→ Intermediate hash.Poseidon(intermediate, amount1)→ Circuit proof.
VerifierCircuitGKRaggregates all proofs into a single 32-byte hash, verified onchain with one Poseidon operation.
- Without Compression: 150 circuits = 150 × 32 bytes (~4.8 KB), ~1M+ gas.
- With Recursive GKR: 1 × 32 bytes (constant size), ~50K gas.
- Result: Scales verification linearly with circuits, not proof count.
Enable trustless cross-chain DeFi by proving liquidity and swap operations offchain, with a minimal onchain footprint.
- Efficiency: Reduces gas from ~1M to ~50K for 150 proofs, rivaling SNARKs without complex setup.
- Onchain Verifiers: Integrates with Solidity’s
PoseidonT3for seamless Ethereum deployment. - Scalability: Supports batched operations (e.g., 150 swaps) in one proof, perfect for rollups or bridges.
A demo where users execute swaps or liquidity changes, generate compressed proofs, and verify them onchain cheaply—unlocking scalable, secure DeFi.
Cross-chain DeFi is bottlenecked by trust and cost. Our solution proves complex operations (e.g., Uniswap V3 math) efficiently, enabling secure bridges and pools verifiable on Ethereum with minimal overhead.
- User Action: Execute a swap or liquidity provision.
- Proof Generation: Circuits compute
amount0,amount1, and proofs. - Compression: Recursive GKR aggregates proofs into 32 bytes.
- Onchain Verification:
VerifierCircuitGKRchecks the proof in ~50K gas.
+-----------------------------------------------+
| Cross-Chain Liquidity & Swap Workflow |
+-----------------------------------------------+
[User Action]
(Swap/Liquidity)
|
v
+-------------------------+-----------------------------+
| LiquidityCircuit | SwapCircuitGKR |
| - Inputs: | - Inputs: |
| - owner | - zero_for_one |
| - tick_lower/upper | - amount_specified |
| - liquidity_delta | - sqrt_price_limit |
| - sqrt_price_x96 | - sqrt_price_x96 |
| - Computes: | - Computes: |
| - amount0, amount1 | - amount0, amount1 |
+-------------------------+-----------------------------+
| |
v v
[Public Outputs] [Public Outputs]
(amount0, amount1) (amount0, amount1)
| |
+-------------+-------------+
|
v
+---------------------------------------------------+
| Proof Generation (GKR) |
| - Poseidon(prev_proof, amount0) --> Intermediate |
| - Poseidon(intermediate, amount1) --> Proof |
| - For each circuit: Proof 0, Proof 1, ... |
+---------------------------------------------------+
|
v
+-------------------------------+
| Recursive GKR Compression |
| - Aggregate Proofs: |
| Proof 0 --> Proof 1 --> ... |
| --> Single 32-byte Proof |
+-------------------------------+
|
v
+-------------------------------+
| VerifierCircuitGKR |
| - Input: Final Proof |
| - Verifies: |
| Poseidon(aggregated) = Proof |
+-------------------------------+
|
v
[Ethereum Blockchain]
(Efficient Verification)
+------------------------------------------------------------------------+
| Test Name | Circuits | Gen Time (ms) | Verify Time (ms) | Valid |
+------------------------------------------------------------------------+
| Large Batch Test | 150 | 12.66 | 2.41 | Yes |
+------------------------------------------------------------------------+
- Rust (for circuit compilation)
- Foundry (for Solidity integration)
- Ethereum node (for deployment)
# Compile circuits
cargo build --release
# Run proof generation
cargo run --release