• The ZK Proof Landscape: From Academic Cryptography to Sovereign Infrastructure
  • The Performance Revolution
  • The zkVM War: SP1 vs RISC Zero
  • The Emerging Frontier: Binius and Binary Fields
  • ZK + AI: The Convergence Nobody Expected
    • 1. Vitalik’s “ZK API Usage Credits”
    • 2. World (Worldcoin) AgentKit: ZK Identity for AI Agents
    • 3. zkAgent and the Verifiable AI Problem
  • Beyond Blockchain: The Real-World Deployment Timeline
  • The $3B+ Industry Map
  • Sovereignty Implications
  • Rabbit Holes for Next Time
  • Sources

§The ZK Proof Landscape: From Academic Cryptography to Sovereign Infrastructure

#privacy #technology #AI #bitcoin #opensource

[!abstract] Zero-knowledge proofs have crossed from theoretical cryptography into production infrastructure. The zkVM race (SP1 vs RISC Zero) is driving real-time Ethereum proving, Aztec is launching the first privacy-preserving smart contract platform with CHONK client-side proofs, Vitalik’s “ZK API Usage Credits” proposal envisions anonymous AI model access, and the convergence of ZK with agentic AI is creating entirely new verification paradigms. Here’s where the field stands in March 2026.

§The Performance Revolution

ZK proofs spent four decades as mathematical curiosities. Between 2016 and 2024, proving times dropped from minutes to milliseconds. By March 2026, the benchmark landscape on a standardized SHA-256 circuit (~22,000 constraints) looks like this:

The critical insight: no single system dominates all dimensions. Groth16 still produces the smallest proofs (192 bytes, constant regardless of computation size), STARKs prove large computations fastest (quasilinear scaling beats linear at high constraint counts), and PLONK’s universal setup makes it the pragmatic choice for diverse applications.

The engineering consensus has converged on STARK-to-SNARK wrapping: use STARKs for proving efficiency and transparency, then wrap in a SNARK for compact verification. SP1 and RISC Zero both use this approach — transparent setup with near-SNARK proof sizes.

§The zkVM War: SP1 vs RISC Zero

The most consequential competition in ZK is between two general-purpose virtual machines that let developers write standard Rust programs and generate proofs of correct execution.

Succinct (SP1):

• Powers ~90% of the rollup market (Optimism, Base, Unichain, Ink)
• SP1 Hypercube achieves 10.3 seconds per Ethereum block proof on 16x RTX 5090 GPUs
• Hardware requirement dropped from $300-400K (200x RTX 4090) to $24-48K (16x RTX 5090)
• $55M Series A led by Paradigm
• Launched $PROVE token and decentralized Prover Network

RISC Zero:

• R0VM 2.0 reduced Ethereum block proving from 35 minutes to 44 seconds
• Boundless decentralized proof marketplace: 542.7 trillion cycles processed, 399K orders since Sept 2025
• Claims 7x cheaper than SP1
• $40M Series A

Both are RISC-V based, Rust-native, and open source. The difference is in market approach: Succinct captured the rollup market early while RISC Zero is competing on cost and decentralization.

My opinion: SP1’s market dominance gives it a network effect advantage — the tooling, documentation, and ecosystem mature faster when 90% of rollups are using your stack. RISC Zero’s cost advantage matters, but developer familiarity is stickier than marginal proving cost in the near term. However, the real game-changer is hardware cost reduction. Going from $300K to $24K in one generation means ZK proving becomes accessible to any serious project, not just well-funded rollups.

§The Emerging Frontier: Binius and Binary Fields

Irreducible (formerly Ulvetanna) is building Binius — a proof system that operates over binary fields instead of large prime fields. This is a fundamental architectural change: most computation is natively binary (hashing, bitwise operations, comparisons), yet traditional proof systems force everything through 256-bit prime field arithmetic. The overhead is enormous.

Binius eliminates this mismatch. Vitalik Buterin wrote an explainer calling it a potential breakthrough. Polygon Labs is partnering on a Binius-based zkVM. The company raised $39M total ($15M seed, \(24M Series A) from Paradigm and Bain Capital Crypto. Early benchmarks suggest **10-100x efficiency improvement** for binary-heavy circuits. If that holds in production, it changes the economics of everything from on-chain verification to client-side proving on mobile devices. ## Aztec: Privacy-First Smart Contracts Aztec represents the most ambitious attempt to bring privacy to programmable blockchains. They're building a hybrid ZK rollup that combines **privacy + scaling** — one ZK layer encrypts transactions, another compresses them. Key developments in 2026: - **CHONK (Client-side Highly Optimized ploNK):** Purpose-built for mobile and browser ZK proof generation, reducing time and memory requirements for client-side proofs. This matters because privacy requires the prover to be the user — you can't outsource proof generation without revealing your private data. - **Noir 1.0** nearing completion with compiler audit underway. Noir is becoming a standard for ZK circuit development, used beyond just the Aztec ecosystem. - **Ignition Chain** running with zero downtime, 3,500+ Sequencers, 50+ Provers across five continents. - **\)AZTEC token** sale completed (~$61M in Dec 2025), TGE in Feb 2026.

Aztec invented PLONK — used by 50+ projects across ZK. Their track record gives Noir and the Aztec stack credibility that most privacy projects lack.

My opinion: The CHONK prover is the most important development here. Client-side ZK is the only way to get real privacy — server-side proving is a contradiction in terms for privacy applications. If CHONK can generate proofs in <2 seconds on a phone, it unlocks private DeFi, private voting, and private credentials that actually work at consumer scale.

§ZK + AI: The Convergence Nobody Expected

Three developments signal that ZK and AI are converging:

§1. Vitalik’s “ZK API Usage Credits”

Proposed in February 2026 by Vitalik Buterin and Ethereum Foundation AI lead Davide Crapis. The design:

1. User deposits funds into a smart contract (e.g., 100 USDC)
2. Contract registers the deposit in an encrypted on-chain list
3. For each API call, user generates a ZK proof showing: they’re on the list and have sufficient balance
4. The proof never reveals which person on the list they are

The service provider gets paid and prevents abuse, but never learns the user’s identity. This is the “anonymous API key” concept — you prove you have the right to access a service without revealing who you are.

The proposal is still in research, and model providers have no incentive to adopt it yet. But the idea matters because it articulates a principle: in the AI era, users should not have to surrender their identity to use intelligence tools. As AI models become integral infrastructure (like electricity or water), the right to access them privately becomes a civil liberties question.

§2. World (Worldcoin) AgentKit: ZK Identity for AI Agents

World launched AgentKit in March 2026, partnering with Coinbase’s x402 protocol. The design lets AI agents carry ZK proof of human backing — proving a unique real person authorized the agent without revealing who that person is.

This addresses the “one person, thousand bots” problem. Platforms can enforce per-human limits regardless of how many agents someone deploys. Zero-knowledge proofs ensure verification without data collection.

The convergence of autonomous AI agents and ZK identity creates a new paradigm: agents as sovereign economic actors with cryptographic attestation of their human principal.

With estimates of agentic commerce reaching $3-5 trillion by 2030, this isn’t speculative — it’s infrastructure for an economy where agents outnumber humans in transaction volume.

§3. zkAgent and the Verifiable AI Problem

An arxiv paper from March 2026 (Wang et al.) proposes zkAgent — one-shot proofs that a specific model produced a given output. Meanwhile, zkLLM (Sun et al., 2024) constructs end-to-end ZK proofs for entire inference computations.

The challenge: zkAgent requires minutes of proving time per query, making it impractical for interactive use. A counter-proposal (NabaOS) argues for lightweight receipt-based verification instead, using HMAC-signed tool execution receipts that add <15ms overhead vs. minutes for ZK proofs.

My take: This debate reveals a fundamental tension. ZK proofs verify that computation was correct, not that the output is factually correct. An LLM can correctly compute a confident hallucination that passes ZK verification. For the AI trust problem, what users actually need is epistemic classification (was this claim from a tool output or an inference?) not computational verification (was the matrix multiply correct?). ZK is the wrong tool for the hallucination problem, but the right tool for the identity and payment problems around AI.

§Beyond Blockchain: The Real-World Deployment Timeline

ZK proofs are escaping the blockchain bubble. The EU’s eIDAS 2.0 framework for digital identity wallets and the European Banking Authority’s focus on privacy-enhancing technologies are creating regulatory demand for ZK-based solutions:

Deploying now (2025-2026):

• KYC credential sharing (prove identity attributes without revealing documents)
• Age verification without revealing birthdate (10K constraints, <1s with Groth16)
• Employee credential verification (prove qualifications without full CV exposure)
• Privacy-preserving digital payments

Medium-term (2026-2027):

• Decentralized identity at scale (W3C DID + ZK selective disclosure)
• Cross-border AML proof systems
• Regulatory reporting (prove compliance metrics without granular transaction data)
• ML model verification (~10M+ constraints, <5 min with STARKs)

The Dutch banking sector is already testing ZK-based KYC, reporting reductions in duplicate data across compliance systems. Cross-border payment verification using ZK (proving sanctions screening completion without revealing screening details) could remove massive operational friction in correspondent banking.

§The $3B+ Industry Map

The ZK industry has attracted over $3 billion in funding since 2020, splitting into three layers:

Rollup layer (scaling Ethereum): Polygon ($451M+), zkSync ($458M), StarkWare ($273M), Aztec (~$180M), Scroll ($83M)

Prover infrastructure (the proving engines): Succinct ($55M), RISC Zero ($54M), Irreducible ($39M), Fabric ($39M), Ingonyama ($21M)

Hardware acceleration (custom silicon): Fabric’s VPU (custom chip for ZK+FHE), Ingonyama’s ICICLE (GPU/FPGA library)

Application layer (end-user deployments): World ($240M+, identity), Zcash (community-funded, privacy currency, 10 years in production)

The trend toward hardware specialization is particularly notable. Fabric recruited 60+ engineers from Nvidia, Apple, and Google to build a Verifiable Processing Unit — custom silicon for ZK proof generation. Polygon purchased $5M of VPU systems. When foundries and VCs are investing in ZK-specific silicon, the technology has crossed from experimental to infrastructure.

§Sovereignty Implications

The sovereignty angle is what makes ZK relevant beyond the blockchain ecosystem:

1. Identity sovereignty: Prove who you are without giving anyone your data. ZK + W3C DIDs create self-sovereign identity that’s not just a buzzword.

2. Financial sovereignty: ZK-based compliance lets individuals and institutions interact with regulated systems without full data surrender. Prove you’re compliant without proving everything about yourself.

3. Computational sovereignty: Client-side ZK proving (CHONK, Binius on mobile) means the proof happens on your device. No trusted third party, no server that could be compromised or compelled to reveal data.

4. AI sovereignty: ZK API credits let you use AI infrastructure without surveillance. Combined with local model inference, this creates a layered approach: run what you can locally, access cloud models anonymously when needed.

The thread connecting all of this: proving things about yourself without revealing yourself is becoming practical infrastructure, not theoretical cryptography. The 40-year journey from Goldwasser-Micali-Rackoff to client-side mobile provers is finally closing.

§Rabbit Holes for Next Time

• Binius deep dive — binary tower field arithmetic, actual vs. claimed performance
• CHONK architecture — how client-side PLONK works on mobile, memory/time constraints
• ZK + Nostr — ZK proofs of identity attributes on Nostr events, NIP possibilities
• ZK-ML — proving ML model inference, EZKL framework, practical overhead
• Zcash’s Halo 2 recursive proofs — the technical breakthrough that eliminated trusted setup

§Sources

• StealthCloud ZK Performance Benchmarks (March 2026)
• H33 ZK Companies Directory (March 2026)
• CoinDesk: “World launches AgentKit” (March 17, 2026)
• Buterin & Crapis: “ZK API Usage Credits” proposal (February 2026, ethresear.ch)
• Wang et al.: “zkAgent” (2026, arxiv)
• NabaOS: “Tool Receipts, Not Zero-Knowledge Proofs” (March 2026, arxiv)
• Aztec Network Roadmap Update (March 2026)
• IntelligentHQ: “7 Real-World ZK Use Cases for Banking” (March 2026)

Related: The Photonic Computing Inflection - Light Replaces Electrons | Self-Sovereign AI - The Case for Owning Your Intelligence | Reticulum - The Cryptographic Networking Stack for Sovereign Communications | The Covenant Wars - CTV, CSFS, and Bitcoin’s Next Soft Fork