The seal on a RISC Zero receipt is generated using a zk-STARK: a zero knowledge, scalable, transparent argument of knowledge.
STARKs are a highly technical process - an innovation in the world of zero-knowledge cryptography introduced by Eli Ben-Sasson et. al in 2018. In order to prove the integrity of a computation with a STARK, the prover arithmetizes the entire question. By encoding the execution trace into polynomials, the statement of computational integrity is reduced to a statement about polynomial division.
In the context of the RISC Zero zkVM, the term seal refers to the zk-STARK that attests to the integrity of the trace. The following documentation describes the RISC Zero zk-STARK in more detail:
- Proof system sequence diagram
This document includes a sequence diagram and step-by-step specification of the RISC Zero zk-STARK.
- STARK by Hand
This document shows a simplified, concrete example of the construction of a RISC Zero seal.
We recommend the following external references on STARKs:
- Extreme Integrity in Decentralized World
- Cambrian Explosion of Crypto Proofs
- STARKs vs. SNARKS (Consensys, 2021)
- Anatomy of a Stark (developer focused)
- The Starkmath series
- STARK 101 (developer focused)
- Vitalik's STARK series