Miden VM

The VM operates on a stack-based model, similar to Bitcoin Script or WebAssembly, where instructions manipulate values on an operand stack. This design simplifies the VM's logic and makes it easier to generate proofs for execution. Key features include:

• Deterministic Execution: Ensures identical inputs produce identical, provable outputs.
• Memory Safety: Operations are confined to the stack and a separate memory component, enhancing security.
• Efficient Proof Generation: The linear, sequential nature of stack operations is highly amenable to STARK proving.

Privacy is a first-class citizen. Miden natively supports client-side proof generation, allowing users to prove knowledge of secret data (like account balances or private notes) without revealing it on-chain. This is enabled through:

• Nullifiers: Prevent double-spending of private assets without revealing the asset itself.
• Note Model: A system for representing private state commitments that can be revealed and consumed with a zero-knowledge proof.

Miden employs a hybrid account model that supports both public and private state. Each account has a public account ID and can hold assets and data in either a publicly visible vault or a private vault obscured by commitments. This allows developers to build applications where some state is transparent (for compliance) and other state is confidential (for user privacy), all within a single, coherent framework.

The VM's design and proof system are optimized for parallel processing. Large computations can be broken into smaller, independent chunks, proved in parallel, and then recursively aggregated into a single final proof. This is critical for achieving scalability, as it allows the proving workload to be distributed across multiple machines, significantly reducing the time to generate a proof for complex applications.

The VM's performance and deterministic execution make it ideal for complex on-chain game logic and persistent worlds.

• Fully on-chain games with provably fair mechanics and hidden player state.
• Autonomous world engines where the game state advances via proven computations, independent of constant L1 settlement.
• Massively scalable game economies supported by local proof generation and batched verification.

Miden's support for zero-knowledge proofs enables new models for decentralized identity.

• Selective disclosure proofs where users can prove attributes (e.g., age, citizenship) without revealing the underlying document.
• Soulbound tokens (SBTs) and attestations with private ownership and transfer rules.
• Private reputation systems where a user's score can be verified without exposing their transaction history.

Institutions leverage Miden for auditable privacy and compliance-friendly blockchain solutions.

• Private supply chain finance with verifiable invoices and payments hidden from competitors.
• Confidential corporate treasury management on-chain.
• Regulatory reporting where authorities can receive zero-knowledge proofs of compliance without accessing sensitive commercial data.

Miden operates as a settlement layer or sovereign rollup, leveraging its STARK proofs for security.

• As a Layer 2: Batches proven state transitions to Ethereum for data availability and final settlement.
• As a Layer 3 AppChain: Serves as a high-performance execution environment for a specific application, settling to a Polygon CDK Layer 2.
• This modularity allows applications to choose their optimal balance of sovereignty, cost, and security.

Scalable Transparent Arguments of Knowledge are a class of zero-knowledge proofs characterized by their post-quantum security and transparent setup (no trusted ceremony required). In Miden VM, STARKs are used to create proofs for the execution of its programs. Key advantages include:

• Scalability: Proof generation and verification time grows quasi-linearly with computation.
• Transparency: Relies on public randomness, not a trusted setup.
• Efficiency: Enables high-throughput rollups by batching many transactions into a single proof.

Miden's core state model, where assets are represented as notes. Each note is a data structure containing assets and a program (a script) that defines the conditions for its consumption. This model enables:

• Ownership by logic: Assets are controlled by predicates, not just private keys.
• Native privacy: Note details are hidden by default, revealed only to involved parties.
• Complex asset logic: Enables escrows, vesting schedules, and custom authorization rules directly in the state layer.

The low-level, stack-based assembly language for writing programs (scripts) for the Miden VM. MASM provides direct control over the VM's stack and memory, allowing for highly optimized and verifiable logic. It is designed to be ZK-friendly, meaning its operations are efficient to prove in a STARK. Developers typically write in higher-level languages that compile down to MASM.

The cryptographic accumulator used in Miden to represent the state of all notes. It is a key-value store where keys are note hashes and values are note metadata. The 'Fibonacci' refers to the use of a rescue prime hash function over a Fibonacci field. This structure enables:

• Efficient proofs of inclusion/non-inclusion (Merkle proofs).
• Fast state updates essential for high-performance rollups.
• Commitment to the entire state in a single root hash.