From the heights of these towers of fields, forty centuries of mathematics look down on us.

This library provides efficient implementation of cryptographic primitives used to build proving systems. Along with it, many backends for proving systems are shipped, and compatibility with different frontends is supported.

• Transforming the Future with Zero-Knowledge Proofs, Fully Homomorphic Encryption and new Distributed Systems algorithms
• Lambda Crypto Doctrine

• Math
• Crypto primitives
• STARK Prover
• Plonk Prover
• Cairo Prover
• Groth 16

• Elliptic curves
• Multiscalar multiplication
• Hashes

Most of math and crypto crates supports no-std without allocation with no-default-features. A few functions and modules require the alloc feature.

Both Math and Crypto support wasm with target wasm32-unknown-unknown. To see an example of how to use this to deploy a verifier in a browser, check the Cairo Prover wasm-pack verifier.

• Merkle Tree CLI

• lambdaworks exercises and challenges
• Roadmap for Sparkling Water Bootcamp

If you use lambdaworks libraries in your research projects, please cite them using the following template:

@software{lambdaworks,
  author={lambdaworks contributors},
  title={lambdaworks},
  url={https://github.com/lambdaclass/lambdaworks},
  year={2023}
}

Zero-Knowledge and Validity Proofs have gained a lot of attention over the last few years. We strongly believe in this potential and that is why we decided to start working in this challenging ecosystem, where math, cryptography and distributed systems meet. The main barrier in the beginning was not the cryptography or math but the lack of good libraries which are performant and developer friendly. There are some exceptions, though, like gnark or halo2. Some have nice APIs and are easy to work with, but they are not written in Rust, and some are written in Rust but have poor programming and engineering practices. Most of them don't have support for CUDA, Metal and WebGPU or distributed FFT calculation using schedulers like Dask.

So, we decided to build our library, focusing on performance, with clear documentation and developer-focused. Our core team is a group of passionate people from different backgrounds and different strengths; we think that the whole is greater than just the addition of the parts. We don't want to be a compilation of every research result in the ZK space. We want this to be a library that can be used in production, not just in academic research. We want to offer developers the main building blocks and proof systems so that they can build their applications on top of this library.

Disclaimer: This list contains cryptographic primitives and mathematical structures that we want to support in lambdaworks. It can be expanded later to include new primitives. If you find there is a mistake or there has been an update in another library, please let us know.

List of symbols:

• ✔️ means the feature is currently supported.
• 🏗️ means that the feature is partially implemented or is under active construction.
• ❌ means that the feature is not currently supported.

Additionally, provers are compatible with the following frontends and VMs:

This can be used in a multi prover setting for extra security, or as a standalone to be used with Rust.

Fuzzers are divided between the ones that use only the CPU, the ones that use Metal, and the ones that use CUDA.

CPU Fuzzers can be run with the command bash make run-fuzzer FUZZER=fuzzer_name

For example:

make run-fuzzer FUZZER=field_from_hex

The list of fuzzers can be found in fuzz/no_gpu_fuzz

Fuzzers for FTT in Metal and Cuda can be run with make run-metal-fuzzer and make run-cuda-fuzzer

Run a specific fuzzer from the ones contained in fuzz/fuzz_targets/ folder withcargo, for example to run the one for the target field_from_hex:

make run-fuzzer FUZZER=field_from_hex

To serve the documentation locally, first install both mdbook and the Katex preprocessor to render LaTeX, then run

make docs

Benchmark results are hosted here.

These are the results of execution of the benchmarks for finite field arithmetic using the STARK field prime (p = 3618502788666131213697322783095070105623107215331596699973092056135872020481).

Differences of 3% are common for some measurements, so small differences are not statistically relevant.

ARM - M1

x86 - AMD Ryzen 7 PRO

*assembly feature was enabled manually for that bench, and is not activated by default when running criterion

To run them locally, you will need cargo-criterion and cargo-flamegraph. Install it with:

cargo install cargo-criterion

Run the complete benchmark suite with:

make benchmarks

Run a specific benchmark suite with cargo, for example to run the one for field:

make benchmark BENCH=field

You can check the generated HTML report in target/criterion/reports/index.html

The following links, repos and projects have been important in the development of this library and we want to thank and acknowledge them.

• Starkware
• Winterfell
• Anatomy of a Stark
• Giza
• Ministark
• Sandstorm
• STARK-101
• starknet-rs
• Risc0
• Neptune
• Summary on FRI low degree test
• STARKs paper
• DEEP FRI
• BrainSTARK
• Plonky2
• Aztec
• Arkworks
• Thank goodness it's FRIday
• Diving DEEP FRI
• Periodic constraints
• Chiplets Miden VM
• Valida
• Solidity Verifier
• CAIRO verifier
• EthSTARK
• CAIRO whitepaper
• Gnark