Samaharam (സമാഹാരം)
സമാഹാരം (samahāram) — Malayalam for "aggregation" or "collection"
Samaharam is a high-performance Rust library for aggregating heterogeneous zero-knowledge proofs into a single proof for efficient on-chain verification on EVM chains.
Features
- Heterogeneous Aggregation: Aggregate proofs from different circuits (different verification keys)
- External Proof Adapters: Import proofs from snarkjs, gnark, and jf-plonk
- Variable Public Inputs: No fixed limit on public inputs per proof
- BN254 Curve: Native support for EVM precompiles (ECADD, ECMUL, ECPAIRING)
- Solidity Verifier Generation: Automatically generate deployable verifier contracts
- Parallel Processing: Optional rayon-based parallelism for high throughput
Quick Start
use ;
use Arc;
// Initialize with SRS (use Srs::from_ceremony for production)
let srs = new;
let mut client = new?;
// Register circuit types
let transfer_vk = client.register_circuit;
let deposit_vk = client.register_circuit;
// Submit proofs
client.submit?;
// Aggregate
let result = client.aggregate?;
println!;
External Proof Adapters
Import proofs from other proving systems:
use ;
// From snarkjs/circom (Groth16)
let proof = from_json?;
// From gnark (PLONK)
let proof = from_bytes?;
// From jf-plonk/Jellyfish
let proof = from_jf_bytes?;
// Convert to accumulator instances
let instances = proof.to_accumulator_instances?;
Key Modules
| Module | Description |
|---|---|
crypto::kzg |
KZG polynomial commitments with Pippenger MSM |
crypto::accumulator |
Proof folding with multi-pairing optimization |
adapters |
Import Groth16/PLONK proofs from external systems |
solidity::generator |
Generate Solidity verifier contracts |
client |
Ergonomic high-level API |
Solidity Verifier
Two verification methods are available:
// Optimized 2-pairing check (~68k gas) - RECOMMENDED
function verifyKzg(
uint256[2] calldata adjustedCommitment,
uint256[2] calldata combinedQuotient
) external view returns (bool);
// Groth16-compatible interface (~170k gas)
function verifyGroth16(
uint256[2] calldata a,
uint256[2][2] calldata b,
uint256[2] calldata c,
uint256[] calldata publicInputs
) external view returns (bool);
Generate verifiers:
use ;
let gen = with_config;
let contract = gen.generate_complete;
write?;
Testing
Feature Flags
| Flag | Description |
|---|---|
parallel |
Enable rayon-based parallel processing |
solidity |
Enable Solidity verifier generation |
testing |
Expose testing utilities for downstream crates |
Performance
Gas Efficiency
Samaharam reduces on-chain verification costs by using Batched KZG, which requires only 2 pairings compared to the standard 4 pairings used in Groth16/PLONK verifiers.
| Verification Method | Pairings | Approx. Gas | Use Case |
|---|---|---|---|
verifyKzg |
2 | ~68,000 | Recommended for maximum efficiency |
verifyGroth16 |
4 | ~170,000 | Compatibility with existing tooling |
Note: Gas costs are estimates based on BN254 precompile costs.
Off-Chain Optimization
| Operation | Optimization |
|---|---|
| Multi-scalar multiplication | Pippenger's bucket method with adaptive window |
| Proof verification | Multi-pairing with shared final exponentiation |
Security
See docs/SECURITY.md for:
- VK registration trust model
- Threat vectors and mitigations
- On-chain protection recommendations
Disclaimer
This software is provided "as is", without warranty of any kind, express or implied. The author(s) of this crate (github.com/ronnakamoto) shall not be held responsible for any damages, losses, or liabilities arising from the use of this software. Use at your own risk.
License
Licensed under either of
- Apache License, Version 2.0 (LICENSE-APACHE or http://www.apache.org/licenses/LICENSE-2.0)
- MIT license (LICENSE-MIT or http://opensource.org/licenses/MIT)
at your option.
Contribution
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.