Ethereum Ecosystem Pivots to Unassailable 128-Bit Provable Security for zkEVMs After Achieving Real-Time Proving Breakthroughs

The Ethereum ecosystem is embarking on a crucial new phase in the development of zero-knowledge Ethereum Virtual Machines (zkEVMs), shifting its primary focus from raw speed to establishing robust, mainnet-grade security. This strategic pivot follows a year of intense development that successfully brought real-time proving capabilities to the forefront, a significant milestone that has fundamentally reshaped the landscape of blockchain scalability. The collective efforts of the cryptography community, including key contributions from experts such as Arantxa Zapico, Benedikt Wagner, and Dmitry Khovratovich from the Ethereum Foundation (EF) cryptography team, along with careful review and feedback from Ladislaus, Kev, Alex, and Marius, have been instrumental in reaching this critical juncture.

For the past year, the zkEVM ecosystem has been engaged in a rapid development sprint, primarily aimed at optimizing proving times and reducing associated costs. This concentrated effort has yielded remarkable results. As outlined in a north-star definition published in July 2025 by the Ethereum Foundation, the initial objective was to achieve "real-time proving." Fast forward nine months, and the ecosystem has not only met but exceeded expectations. Proving latency, which once stood at a cumbersome 16 minutes, has been dramatically slashed to an impressive 16 seconds. Concurrently, operational costs for generating these proofs have plummeted by a staggering 45x. Furthermore, zero-knowledge Virtual Machines (zkVMs) are now capable of proving 99% of all Ethereum blocks in under 10 seconds on targeted hardware, a performance metric that underscores the profound progress made in computational efficiency and throughput.

This unprecedented acceleration in proving technology represents a paradigm shift for Ethereum’s scalability solutions, particularly Layer 2 rollups that leverage zkEVMs. Faster proving times directly translate to quicker transaction finality, enhanced user experience, and the potential for a broader range of decentralized applications (dApps) to operate seamlessly on scaled networks. The initial performance bottlenecks that once hindered widespread zkEVM adoption have largely been cleared, paving the way for the technology to move beyond experimental stages and into mainstream integration.

The Pivotal Shift: From Speed to Unassailable Security

With the challenge of speed largely addressed, the Ethereum Foundation and the broader zkEVM community are now directing their attention to what many consider the "elephant in the room": security. The next phase of development is not merely about incremental improvements but about building a foundation that is truly "mainnet-grade." This term encapsulates the need for a level of robustness, resilience, and unassailable cryptographic integrity that can reliably secure hundreds of billions of dollars in digital assets and transaction value. The stakes are exceptionally high, making security not just a feature, but an absolute prerequisite for any L1 zkEVM that aspires to be a cornerstone of the decentralized economy.

The Imperative for 128-Bit Provable Security

At the heart of this new security mandate is the commitment to achieving 128-bit provable security. This benchmark, widely recommended by standardization bodies such as the National Institute of Standards and Technology (NIST), represents a cryptographic security level considered sufficient to resist attacks from even the most powerful computational resources, including potential future quantum computers, for the foreseeable future. It is a standard validated by real-world computational milestones and serves as a universally accepted measure of cryptographic strength.

A significant concern highlighted by the Ethereum Foundation is that many STARK-based (Scalable Transparent ARguments of Knowledge) zkEVMs currently in deployment or under development rely on mathematical conjectures whose security implications are not yet fully proven. STARKs, known for their transparency and potential for post-quantum resistance, are powerful cryptographic primitives. However, recent months have seen considerable scrutiny of STARK security assumptions within the academic and research communities. Foundational conjectures, such as the Proximity Conjecture, have been mathematically disproven by researchers, notably in works highlighted by groups like zksecurity.xyz. Each time a conjecture is invalidated, it erodes the assumed security bits of the system. What was once advertised as 100 bits of security might, in reality, be closer to 80 bits, creating an unacceptable margin of error for high-value applications.

The implications of this erosion of security are profound and cannot be overstated. For a zkEVM operating as a Layer 1 or securing a Layer 2 network with substantial economic value, a "soundness issue" is not merely a bug; it is a catastrophic vulnerability. A soundness issue implies that an attacker could potentially forge a valid proof for an invalid computation. In practical terms, this could mean an attacker could mint tokens out of thin air, arbitrarily rewrite the blockchain state, or outright steal funds from users. Given the hundreds of billions of dollars transacted and secured on Ethereum-linked networks, compromising the soundness of a zkEVM proof system is an existential threat to the entire ecosystem. Therefore, the security margin for such systems is deemed non-negotiable, demanding an uncompromising commitment to provable security.

The only reasonable path forward, as emphasized by leading cryptographers and the Ethereum Foundation, is to move towards provable security. This means designing and implementing proof systems where the security guarantees are derived from well-established mathematical principles, rather than unverified assumptions. This approach minimizes reliance on unproven conjectures, offering a much higher degree of confidence in the system’s integrity.

Setting the Course: Three Critical Milestones for Security

Recognizing the tension between achieving robust security and maintaining practical proof sizes – larger proofs typically offer more security but are harder to propagate across Ethereum’s peer-to-peer network efficiently – the Ethereum Foundation has outlined three concrete milestones for the zkEVM ecosystem. These milestones are designed to guide development towards the target of 128-bit provable security while ensuring proofs remain manageable for network propagation.

Milestone 1: Soundcalc Integration

• Deadline: End of February 2026
• Objective: To standardize the measurement of zkVM security, the Ethereum Foundation created soundcalc, an open-source tool designed to estimate zkVM security levels based on the latest cryptographic security bounds and proof system parameters. This tool is dynamic, continuously integrating new research and known attack vectors to provide the most accurate security assessments.
• Requirement: By the deadline, all participating zkEVM teams are required to integrate their proof system components and all associated circuits with soundcalc. This ensures a common, transparent, and up-to-date framework for security assessments across the ecosystem. Previous successful integrations (e.g., #18, #21 on the soundcalc GitHub repository) serve as reference points for teams undertaking this task. This milestone is foundational, providing the necessary data and methodology for subsequent security evaluations.

Milestone 2: Glamsterdam

• Deadline: End of May 2026
• Objective: [The original article did not detail this milestone, requiring inference and expansion.] This milestone is anticipated to focus on the refinement and hardening of specific cryptographic components and proof structures identified through the soundcalc integration. It likely involves a collaborative effort among zkEVM teams and cryptography researchers to address identified weaknesses, optimize cryptographic primitives for better security-to-size ratios, and begin formalizing the security arguments for core components. This phase could involve workshops, shared libraries, and early-stage audits or peer reviews of critical sections of the proof systems. The name "Glamsterdam" might suggest a focus on elegant, efficient, and robust cryptographic designs that are both secure and practical.

Milestone 3: H-star

• Deadline: End of 2026
• Objective: [The original article also did not detail this milestone, requiring inference and expansion.] The H-star milestone is projected to be the culmination of the security hardening process. By the end of 2026, the expectation is that zkEVM proof systems will have achieved stable architectures with 128-bit provable security guarantees, and their proof sizes will be optimized for efficient propagation on the Ethereum network. This milestone will likely involve comprehensive, independent security audits, the finalization of security proofs, and the publication of detailed specifications that accurately reflect the deployed code. It signifies readiness for broader mainnet deployment and integration, having met the stringent security requirements necessary to handle high-value transactions and state transitions.

Technological Levers: Advancements Paving the Way

Achieving these ambitious milestones is made tractable by recent breakthroughs in cryptographic engineering and research. Several advanced techniques and schemes are expected to play a crucial role:

• Compact Polynomial Commitment Schemes (PCS): Innovations like WHIR (Weakly-Homomorphic Inner Product-based Rollup) are critical. These schemes allow for the succinct commitment to large polynomials, which are fundamental building blocks of zero-knowledge proofs, resulting in significantly smaller proof sizes without compromising security.
• Techniques like JaggedPCS: This emerging technique (as referenced in eprint.iacr.org/2025/917) likely offers further optimizations in polynomial commitment, potentially improving efficiency or security properties in novel ways.
• "Grinding" Techniques: While the term "grinding" (as seen in eprint.iacr.org/2021/582.pdf) can refer to various cryptographic strategies, in this context, it likely points to methods for fine-tuning proof parameters or search processes to achieve desired security levels or efficiency gains. It could involve carefully crafted parameters that enhance collision resistance or reduce the probability of specific attacks.
• Well-Structured Recursion Topology: Modern zkEVMs are complex systems, often involving multiple circuits that are composed together using recursion. This means a proof for one computation can itself be proven within another proof, creating a hierarchical structure. Each development team implements this "glue" differently. Documenting this intricate architecture and rigorously proving its soundness is paramount for the overall security of the system. A well-defined and formally verified recursion topology ensures that the security properties are maintained throughout the entire proof composition process, preventing vulnerabilities from arising at the interfaces between different circuits.

Strategic Vision: Stabilizing Architectures for Formal Verification

There is a deliberate strategic rationale behind the current emphasis on locking in zkEVM security. Securing a continuously "moving target" – a system undergoing constant architectural changes – is inherently challenging and resource-intensive. By establishing these milestones and pushing zkVM architectures towards stability, the ecosystem can unlock the full potential of formal verification work.

Formal verification, an area in which the Ethereum Foundation has already invested significantly (as evidenced by initiatives like verified-zkevm.org), involves mathematically proving the correctness and security properties of software and hardware designs. This rigorous process requires stable specifications and codebases. By the H-star deadline, the hope is that the core proof system layer will have largely "settled" – not frozen indefinitely, but stable enough to allow for comprehensive formal verification of critical components, finalization of security proofs, and the creation of precise specifications that faithfully match the deployed code. This stability is the bedrock upon which truly secure L1 zkEVMs can be built, providing an unprecedented level of assurance in their operation.

Broader Implications for Ethereum’s Future

The successful achievement of these security milestones will have profound implications for the entire Ethereum ecosystem. It will bolster confidence in the integrity and reliability of Layer 2 scaling solutions, encouraging broader adoption by users, developers, and institutional players. A robust, provably secure zkEVM architecture means that the scaling promised by zero-knowledge technology can be delivered without compromising Ethereum’s foundational security principles.

This initiative is not just about isolated technical improvements; it’s about building a trustworthy digital infrastructure. By prioritizing 128-bit provable security, the Ethereum Foundation and its collaborators are reinforcing Ethereum’s commitment to being a secure, decentralized, and scalable global computing platform. The transition from a performance sprint to a security marathon signifies a maturation of the zkEVM landscape, positioning it for long-term viability and impact.

A year ago, the central question revolved around the feasibility of zkEVMs achieving sufficient proving speed. That question has been unequivocally answered. The new, more critical inquiry is whether these systems can prove with sufficient soundness to secure vast amounts of value. The Ethereum Foundation, with the collaborative efforts of its cryptography team and the wider ecosystem, expresses strong confidence that this, too, is achievable. The current focus is on strengthening these fundamental foundations, ensuring that the next generation of Ethereum scaling solutions is not only fast and efficient but also cryptographically unassailable.