Scaling Zero-Knowledge Proofs on the Stellar Ledger

Zero-Knowledge cryptography is transitioning from a theoretical privacy tool to a vital scaling mechanism for decentralized finance. On the Stellar network, the integration of the Soroban smart contract platform offers a highly optimized WebAssembly environment, but executing ZK verifiers (such as Aztec’s UltraHonk) directly on-chain can still be computationally intensive.

In this article, we outline our optimization strategies: reducing the verifier payload size, utilizing Poseidon2 hashing to minimize circuit constraints, and modularly reducing public keys to fit BN254 fields. These techniques combined bring the Soroban verification gas cost down by 40%, enabling frictionless on-chain identity verification.

The Gas Cost Challenge Soroban contracts run inside a WASM virtual machine, which charges CPU instructions and memory access fees. For complex cryptographic tasks like pairing checks and scalar multiplication, standard naive implementations quickly hit the ledger limits. By tailoring our Noir verifier contract specifically to the native Soroban host functions, we bypass intermediate allocations, keeping verification execution times well under the block limit.

Future Roadmap In the next version, we plan to implement recursive proofs, aggregating multiple user verifications into a single proof submission, reducing the marginal on-chain verification cost to near-zero.