In a landmark achievement for blockchain technology, the zero-knowledge Ethereum Virtual Machine (zkEVM) ecosystem has successfully crossed the finish line for real-time proving, dramatically reducing transaction validation times. This pivotal milestone marks the end of an intensive year-long sprint focused on performance, enabling 99% of all Ethereum blocks to be proven in under 10 seconds. However, with this speed now secured, the industry is setting its sights on an even more critical objective: building mainnet-grade security with a non-negotiable target of 128-bit provable cryptographic robustness.

The journey to real-time proving has been swift and impactful. Just nine months after the Ethereum Foundation (EF) cryptography team published its north-star definition for real-time proving in July, the zkEVM ecosystem has shattered expectations. Proving latency, once a cumbersome 16 minutes, has plummeted to an astonishing 16 seconds. Simultaneously, associated costs have seen a staggering 45x reduction. This remarkable progress, spearheaded by dedicated zkEVM development teams, has effectively cleared the major performance bottlenecks that once hindered the widespread adoption of zero-knowledge proofs for Ethereum scalability.

The Paradigm Shift: From Blazing Speed to Ironclad Security

Main Facts: A New Frontier in Blockchain Trust

The rapid evolution of zkEVMs represents a significant leap forward for Ethereum’s scalability roadmap. Zero-knowledge proofs (ZKPs) are cryptographic methods that allow one party (the prover) to prove to another party (the verifier) that a statement is true, without revealing any information beyond the validity of the statement itself. zkEVMs leverage this technology to process and verify transactions off-chain, bundling them into a single, compact proof that is then submitted to the Ethereum mainnet. This significantly reduces the computational load on the main chain, leading to higher throughput and lower transaction fees.

The initial focus on speed was paramount. Without the ability to generate proofs quickly and cost-effectively, the practical utility of zkEVMs as a scaling solution would remain limited. The recent achievements in proving latency and cost reduction are a testament to the ingenuity and relentless effort of the cryptographic engineering community. However, as the technology matures and billions of dollars in assets increasingly rely on these systems, the spotlight has irrevocably shifted from sheer performance to the unassailable integrity of the underlying cryptographic foundations.

Chronology: A Year of Accelerated Progress

  • July 2025: The Ethereum Foundation cryptography team publishes a foundational "north-star definition" for real-time proving, outlining ambitious targets for zkEVM performance. This served as a clear directive for the ecosystem.
  • Over the subsequent 9 months: Intensive development across various zkEVM projects leads to groundbreaking advancements.
    • Proving latency drops from 16 minutes to 16 seconds.
    • Proving costs are reduced by a factor of 45.
    • zkVMs achieve the capability to prove 99% of all Ethereum blocks in under 10 seconds on target hardware.
  • Present Day: With performance targets largely met, the community officially declares the "real-time proving" sprint complete, initiating the next critical phase: ensuring mainnet-grade security.

This chronology highlights a period of intense innovation, where theoretical advancements were rapidly translated into practical, high-performance systems. The coordinated effort across the ecosystem, driven by the clear vision set by the EF, has delivered on the promise of fast and efficient zero-knowledge proving.

Supporting Data: The Imperative of 128-bit Provable Security

While the performance gains are undeniable, a significant challenge looms: the current reliance of many STARK-based zkEVMs on unproven mathematical conjectures for their stated security levels. Over the past months, the field of STARK security has faced intense scrutiny, with foundational conjectures being mathematically disproven by leading researchers. Each such disproof effectively erodes the claimed security bits, meaning what was advertised as 100 bits of security might, in reality, be closer to 80 bits.

This degradation of security is not a theoretical concern for the blockchain industry; it carries profound, tangible risks. A soundness issue within a zkEVM proof system is fundamentally different from other security vulnerabilities. If an attacker can forge a valid proof, they gain absolute control over the system. This could enable them to:

  • Mint tokens from nothing: Creating arbitrary amounts of cryptocurrency, leading to hyperinflation and the collapse of token value.
  • Rewrite state: Altering transaction histories, balances, or smart contract logic at will.
  • Steal funds: Transferring assets from legitimate users to an attacker’s control, potentially emptying liquidity pools or user wallets.

For an L1 zkEVM, which could eventually secure hundreds of billions of dollars in digital assets, such a vulnerability is catastrophic and unacceptable. The security margin, therefore, cannot be a point of negotiation or compromise.

The only reasonable path forward, as articulated by leading cryptographers and the Ethereum Foundation, is the adoption of provable security. This means relying on cryptographic constructions that offer mathematical guarantees of security, rather than assumptions based on unverified conjectures. The industry standard for robust cryptographic security is 128 bits. This level is not arbitrary; it is recommended by authoritative bodies such as the National Institute of Standards and Technology (NIST) in their Special Publication 800-57 Part 1 Revision 5, which outlines recommendations for key management. Furthermore, its validity is continuously reinforced by real-world computational milestones, demonstrating the immense computational resources required to break such a standard. As famously highlighted by figures like Vitalik Buterin, achieving this level of security is a critical benchmark for long-term trust and resilience.

Official Responses: Setting the New Gold Standard

The Ethereum Foundation cryptography team, recognizing the urgency of this shift, has outlined a clear strategy to guide the ecosystem towards this higher security standard. Arantxa Zapico, Benedikt Wagner, and Dmitry Khovratovich from the EF cryptography team, along with reviewers Ladislaus, Kev, Alex, and Marius, have been instrumental in shaping this new direction.

"A year ago, the question was whether zkEVMs could prove fast enough. That question is answered," states a representative from the EF cryptography team. "The new question is whether they can prove soundly enough. We are confident they can, and we are committed to providing the tools and setting the benchmarks to ensure this."

To achieve the 128-bit provable security target while managing proof size – a critical factor for efficient propagation across Ethereum’s P2P network – the EF has established three ambitious milestones:

Milestone 1: Soundcalc Integration

  • Deadline: End of February 2026
  • Objective: To standardize and consistently measure security across different zkEVM implementations, the EF developed soundcalc. This open-source tool estimates zkVM security based on the latest cryptographic security bounds and proof system parameters. By the deadline, all participating zkEVM teams are required to integrate their proof system components and all associated circuits with soundcalc. This integration will establish a common, verifiable ground for subsequent security assessments, ensuring transparency and comparability. Soundcalc is a living tool, continuously updated with the latest research and known attack vectors, making it an indispensable resource for maintaining cutting-edge security.

Milestone 2: Glamsterdam

  • Deadline: End of May 2026
  • Objective: This milestone focuses on the implementation and benchmarking of next-generation polynomial commitment schemes (PCS) and proof aggregation techniques designed for enhanced security and efficiency. Teams are expected to demonstrate preliminary implementations of advanced PCS like WHIR and integrate techniques such as JaggedPCS into their proving systems. The goal is to achieve a demonstrable reduction in proof size for a given security level or a significant increase in security for existing proof sizes, alongside rigorous security audits of these newly integrated components. "Glamsterdam" will serve as a critical checkpoint for validating the practical applicability of these theoretical advancements.

Milestone 3: H-star

  • Deadline: End of 2026
  • Objective: H-star represents the culmination of the security sprint. By this deadline, zkEVM teams are expected to achieve 128-bit provable security for their core proof systems, as verified by soundcalc and independent audits. This includes optimizing recursion topologies and fully documenting the architecture and soundness of their complex multi-circuit setups. The H-star milestone will also involve the finalization of security proofs and the development of comprehensive specifications that precisely match deployed code, laying the groundwork for formal verification efforts. Success in H-star signifies a zkEVM architecture robust enough for L1-grade security.

These milestones are not merely aspirational; they are deemed tractable due to recent cryptographic and engineering advances. Compact polynomial commitment schemes like WHIR, innovative techniques such as JaggedPCS, the practice of "grinding" (which involves optimizing cryptographic parameters for improved security or performance), and meticulously structured recursion topologies are all critical enablers. Recursion, in particular, is highlighted as a complex but powerful element. Modern zkEVMs often involve multiple circuits composed in custom ways with intricate "glue" logic. Documenting this intricate architecture and proving its soundness is absolutely essential for the overall security and integrity of the entire system.

Implications: Building the Secure Foundation for Ethereum’s Future

The strategic decision to "lock in" on zkEVM security now has far-reaching implications for the entire blockchain ecosystem. Securing a rapidly moving target is inherently challenging. By setting these clear milestones and pushing for the stabilization of zkVM architectures, the Ethereum Foundation is enabling the next phase of development: formal verification.

The EF has already been investing in formal verification work, and once proof system layers have "settled" – becoming stable enough without being perpetually frozen – this work can reach its full potential. By the H-star deadline, the ambition is for the proof system layer to be largely solidified, allowing for the formal verification of critical components, the finalization of security proofs, and the creation of specifications that perfectly align with deployed code.

This foundation is indispensable for the realization of truly secure L1 zkEVMs. The implications are profound:

  • Enhanced Trust and Adoption: With provable 128-bit security, zkEVMs can instill greater confidence among institutional investors, enterprises, and individual users, accelerating their adoption as a primary scaling solution for Ethereum.
  • Robustness for Billions: Securing hundreds of billions of dollars in assets demands nothing less than the highest cryptographic standards. This initiative ensures that the infrastructure supporting these assets is resilient against even the most sophisticated attacks.
  • Standardization and Interoperability: The soundcalc tool and the shared milestones will foster a more standardized approach to security assessment across the zkEVM ecosystem, potentially leading to better interoperability and clearer benchmarks for evaluating different solutions.
  • Future-Proofing Ethereum: By building a secure, scalable foundation now, Ethereum positions itself for long-term growth and innovation, capable of handling a global scale of decentralized applications without compromising on its core principles of security and decentralization.
  • Advancing Cryptographic Research: The challenges posed by these security targets will continue to drive cutting-edge research in zero-knowledge proofs and related cryptographic primitives, pushing the boundaries of what’s possible in secure computation.

The performance sprint is over, and the industry has demonstrated its capability to build incredibly fast proving systems. Now, the collective effort shifts to strengthening the foundations, ensuring that these high-speed systems are also impregnable. The Ethereum Foundation, along with the broader zkEVM community, is confident that this new phase will solidify the trustworthiness of zero-knowledge technology, paving the way for a more scalable, secure, and decentralized future for Ethereum. The question of soundness is not just about technical achievement; it’s about safeguarding the integrity of a global, digital economy.

By Nana Wu