All notable changes to OpenVM will be documented in this file.
The format is based on Keep a Changelog, and this project follows a versioning principles documented in VERSIONING.md.
No circuit constraints or verifying keys were changed in this release.
A substantial refactor has been done to the guest libraries to separate the low level Rust bindings for OpenVM intrinsic instructions from the higher level user interface. For each VM extension, the openvm-$name-guest crate is now a primitives library containing only the Rust bindings for the intrinsic instructions and essential logic related to the extension (e.g., ECDSA signature verification). We introduce new guest libraries as standalone Rust crates which provide the high-level interfaces guest programs should use to interact with the associated VM extensions.
Users are advised to switch to using the new guest libraries.
- (ISA) Added OpenVM phantom sub-instructions
HintNonQrandHintSqrtto the algebra (modular arithmetic) extension. Added corresponding RISC-V custom instructionshint_non_qrandhint_sqrt. - (Guest Libraries) We introduce the following new guest libraries:
openvm-keccak256: guest library for the Keccak256 hash function.openvm-sha2: guest library providing access to a set of accelerated SHA-2 family hash functions. Currently, the SHA-256 hash function is supported.openvm-pairing: guest library for the elliptic curve pairing check operation.ff_derive: patch of ff_derive using the algebra extension.k256: patch of k256 using the algebra and ECC extensions.p256: patch of p256 using the algebra and ECC extensions.ruint: patch of ruint using the big integer extension.openvm-verify-stark: a new guest library providing adefine_verify_stark_proof!macro which generates a user-named function$verify_starkthat can be used to verify an OpenVM STARK proof from within a Rust program. The$verify_starkfunction is accelerated using the native field arithmetic extension.
- (CLI) New
cargo openvm initandcargo openvm commitcommands. - (CLI) New
cargo openvm prove starkandcargo openvm verify starkcommands to generate a single final STARK proof without Halo2 SNARK wrapper. - (SDK) New functions
generate_e2e_stark_proofandverify_e2e_stark_proof
- (Toolchain) The
openvmcrate andcargo openvm buildcommand have been updated to support bothgetrandomv0.2andv0.3. - (Primitives Libraries) In the algebra and elliptic curve primitive libraries, the
setup_*functions have been removed from guest bindings and are now called on-demand within other relevant binding functions. Additionally, custom opcode initialization is now simplified through the inclusion ofopenvm_init.rsfiles and theopenvm::init!()macro. Read the book for more details. - (CLI) The build command
cargo openvm buildnow stores build artifacts in thetarget/to match cargo conventions. - (CLI) The
cargo openvm setupcommand now supports skipping halo2 proving keys and outputs halo2 PK and STARK PK as separate files. - (CLI) The
cargo openvm commitandcargo openvm prove starkcommands now consistently output commit values in hexadecimal format. - (CLI) The
cargo openvm provecommand now outputs proofs to${bin_name}.app.proofinstead ofapp.proof.
- (ISA) Removed OpenVM phantom sub-instructions
HintDecompressandHintNonQrfrom the elliptic curve extension. Removed corresponding RISC-V custom instructionshint_decompressandhint_non_qr.
This release makes fixes for security advisories:
- Plonky3: https://github.com/Plonky3/Plonky3/security/advisories/GHSA-f69f-5fx9-w9r9
- OpenVM: https://github.com/openvm-org/openvm/security/advisories/GHSA-4w7p-8f9q-f4g2 (recursion circuit fixes corresponding to Plonky3)
- The solidity verifier contract no longer has any awareness of the OpenVM patch version.
{MAJOR_VERSION}.{MINOR_VERSION}is the minimum information necessary to identify the verifier contract since any verifier contract changes will be accompanied by a minor version bump.
- Adds
OpenVmHalo2Verifiergeneration to the SDK which is a thin wrapper around the originalHalo2Verifiercontract exposing a more user-friendly interface. - Updates the CLI to generate the new
OpenVmHalo2Verifiercontract duringcargo openvm setup. - Removes the ability to generate the old
Halo2Verifiercontract from the SDK and CLI. - Changes the
EvmProofstruct to align with the interface of theOpenVmHalo2Verifiercontract. - Formats the verifier contract during generation for better readability on block explorers.
- For verifier contract compilation, explicitly sets the
solcconfig via standard-json input for metadata consistency.
- Fixes security vulnerability OpenVM allows the byte decomposition of pc in AUIPC chip to overflow