This looks like an extension of the older TinyRAM model [1] to a real ISA. From the Abstract:
We present an implementation of a publicly-verifiable non-interactive argument system for NP. The system, moreover, is a zero-knowledge proof-of-knowledge. It directly proves correct executions of programs on TinyRAM, a random-access machine tailored for efficient verification of nondeterministic computations.
It is similar, although rather than using a Benes net to implement the permutation, it uses PLONK (https://eprint.iacr.org/2019/953.pdf), which is massively more efficient. And of course it actually implements the RISC-V ISA which makes it more useful in practice.
Basically, you can run code in the zkVM, which looks like a normal RISC-V machine, but it generates a cryptographic proof/receipt of correct execution, so you can trust the code was run correctly (presuming the receipt verifies), even if you don't trust the machine that ran it at all. But the actual receipt 1) Doesn't get much bigger as execution time of the zkVM goes up 2) Doesn't leak anything about what happened during execution except for the what the program running in the zkVM explicitly logs to the journal.
This is the best explanation I have seen [1] : "Computer scientist Amit Sahai, PhD, is asked to explain the concept of zero-knowledge proofs to 5 different people; a child, a teen, a college student, a grad student, and an expert."
[+] [-] tromp|3 years ago|reply
We present an implementation of a publicly-verifiable non-interactive argument system for NP. The system, moreover, is a zero-knowledge proof-of-knowledge. It directly proves correct executions of programs on TinyRAM, a random-access machine tailored for efficient verification of nondeterministic computations.
[1] https://eprint.iacr.org/2013/507.pdf
[+] [-] jeremy_bruestle|3 years ago|reply
[+] [-] b33pr|3 years ago|reply
[+] [-] atalw|3 years ago|reply
[+] [-] jeremy_bruestle|3 years ago|reply
[+] [-] jimmySixDOF|3 years ago|reply
[1] https://youtu.be/fOGdb1CTu5c