proof-engine

proof-engine is a versatile, EVM-universal zero-knowledge proof engine designed to empower DeFi developers with seamless privacy tools. This enables efficient zk-proof generation and verification for applications like private transactions, confidential lending, or shielded DEX trades—addressing DeFi's privacy gaps without sacrificing scalability.

proof-engine was built from the ground up during HackMoney 2026 as an EVM-universal zero-knowledge proof engine, prioritizing simplicity, efficiency, and broad compatibility for DeFi privacy applications. We focused on making zk-SNARKs accessible for any EVM chain, with primary deployment on Ethereum Sepolia testnet.

Core Technologies Stack:

Circuit Definition & Proving: Circom 2.1.6 for writing zk-SNARK circuits (R1CS format). We chose Groth16 proving system via snarkjs for its compact proofs (~few hundred bytes) and fast on-chain verification—ideal for gas-constrained EVM environments.

Proof Generation: snarkjs handles the full workflow off-chain: witness computation (via Circom's generated wasm), proving with zkey, and public signal extraction. The TypeScript SDK wraps this for easy developer use (e.g., generateProof(inputs) returns proof + publicSignals in <2 seconds on average hardware).

On-Chain Verification: Solidity verifier contracts auto-generated by snarkjs from the verification key. We deployed a modular verifier.sol (with pairing checks via bn254 precompile) to Sepolia using Hardhat 2.22+. Gas usage optimized to ~210-250k per verification through inlining and removing unnecessary storage ops.

Integration Layer: ethers.js v6 for EVM interactions (wallet connections, tx signing, contract calls). The SDK provides a clean API: deploy verifier once per chain, then verify proofs via verifier.verifyProof(proof, publicSignals) which returns boolean.

Testing & Deployment Tools: Hardhat for local testing/forking (Anvil from Foundry for quick chain simulations), Alchemy as RPC provider for Sepolia deploys. Scripts in package.json: hardhat deploy --network sepolia auto-compiles, verifies on Sourcify (if enabled), and logs contract addresses.

How They Piece Together:

Define circuit (e.g., circom/rangeProof.circom for "value in range" – common in private lending proofs). Compile: circom circuit.circom --r1cs --wasm --sym. Trusted setup: snarkjs powersoftau (phase1) + circuit-specific phase2 to get proving/verification keys. Generate Solidity verifier: snarkjs zkey export solidityverifier verification_key.json verifier.sol. Deploy via Hardhat script, then SDK users import verifier ABI/address. In a dApp: client generates proof → submits to chain → contract verifies → executes logic (e.g., approve private tx if proof valid).

Notable Hacky Bits:

1. To achieve true EVM universality without chain-specific tweaks, we hardcoded bn254 curve params and avoided any L1/L2-specific opcodes/precompiles beyond what's in Ethereum mainnet (works seamlessly on Optimism/Base/Polygon forks).
2. Gas golfing: Manually refactored verifier's pairing lib to strip debug logs and unused vars—dropped ~15-20% gas vs default snarkjs output.
3. Quick cross-chain testing hack: Used Hardhat's forking + multiple network configs in hardhat.config.js to verify the same proof on simulated Sepolia, Optimism Sepolia, and Polygon Amoy in one CI run.