A shared prover is a decentralized network or service that generates cryptographic proofs—specifically Zero-Knowledge Proofs (ZKPs) or Validity Proofs—for multiple blockchain rollups. This architecture allows individual rollups to outsource their most computationally intensive task, proof generation, to a specialized, shared infrastructure. By doing so, rollups can achieve greater scalability and cost-efficiency without each needing to maintain their own expensive proving hardware and expertise. The concept is central to modular blockchain design, where execution, settlement, and data availability are separated into distinct layers.
LABS
Glossary
Shared Prover
A Shared Prover is a proving service or network that generates validity proofs, such as Zero-Knowledge Proofs (ZKPs), for multiple rollups or blockchains.
Chainscore © 2026
definition
BLOCKCHAIN SCALING
What is a Shared Prover?
A shared prover is a decentralized network or service that generates cryptographic proofs for multiple blockchain rollups, enabling them to outsource their computationally intensive proof generation and achieve greater scalability and cost-efficiency.
The core mechanism involves the shared prover network receiving execution traces (a record of transactions) from connected rollups. Provers within the network then perform the complex cryptographic computations to generate a succinct proof that verifies the correctness of those transactions. This single proof is posted back to the underlying Layer 1 (L1) blockchain, such as Ethereum, providing a secure, verifiable guarantee of the rollup's state. This model transforms proof generation from a per-rollup capital expenditure into a shared, competitive marketplace for proving services, often called a proof marketplace.
Key benefits of a shared prover architecture include economic efficiency (lower costs through resource pooling), accelerated innovation (rollup developers focus on execution environments, not proof systems), and enhanced security (decentralized proving networks reduce reliance on single operators). It also facilitates interoperability, as multiple rollups using the same proving system can more easily verify each other's states. Projects like Espresso Systems with its Espresso Sequencer and proving network, and =nil; Foundation with its Proof Market, are pioneering implementations of this concept.
From a technical perspective, shared provers often rely on advanced proof systems like zkSNARKs or zkSTARKs. The security model depends on the decentralization and cryptoeconomic incentives of the prover network to ensure liveness and honesty. Challenges include minimizing proof generation latency, managing the data availability of execution traces, and designing incentive mechanisms that prevent collusion or censorship. The evolution of shared proving is closely tied to the broader adoption of ZK-Rollups as a dominant scaling solution.
In practice, a shared prover enables a future where dozens of specialized, application-specific rollups (e.g., for gaming, DeFi, or social media) can operate securely and cheaply by all leveraging the same robust proving backbone. This moves the blockchain ecosystem toward a modular stack where critical functions like consensus, data availability, and proving are provided by optimized, reusable layers, allowing for maximum developer flexibility and user experience at the execution layer.
how-it-works
BLOCKCHAIN SCALING
How a Shared Prover Works
A shared prover is a core component of modular blockchain architectures that provides cryptographic proof generation as a service to multiple execution layers, enabling efficient and secure scaling.
A shared prover is a decentralized network or service that generates validity proofs (like ZK-SNARKs or ZK-STARKs) for batches of transactions processed by separate execution layers or rollups. Instead of each rollup operating its own costly proving infrastructure, they outsource this computationally intensive task to a shared, specialized network. This model transforms proof generation from a per-chain overhead into a scalable, reusable utility, analogous to how cloud computing provides shared compute resources. The primary output is a succinct cryptographic proof that attests to the correct execution of transactions, which is then posted to a settlement layer like Ethereum for final verification and data availability.
The workflow begins when a rollup, such as a zkRollup or validium, processes a batch of transactions and produces an execution trace. This trace, representing the new state root and all state transitions, is sent to the shared prover network. Nodes within this network, often called provers or sequencers, then perform the complex cryptographic work to generate a validity proof for the batch. This process involves creating a polynomial representation of the computation and generating a proof that it was executed correctly without revealing the underlying data. The resulting proof is extremely compact, often just a few hundred bytes, enabling low-cost verification on the settlement layer.
Key technical advantages of this architecture include cost efficiency, as proving costs are amortized across all client rollups; security unification, where multiple chains benefit from the collective cryptographic security of a single, battle-tested proving system; and developer ergonomics, as teams can launch a scalable chain without building proving infrastructure from scratch. Furthermore, a shared prover can facilitate interoperability, as proofs generated under a common system can enable trust-minimized communication between different rollups. This creates a cohesive zkEcosystem where sovereignty and security are not mutually exclusive.
In practice, a project like EigenDA provides data availability, while a shared prover network like RiscZero or Succinct provides the proof computation. A rollup stack might use a shared prover for settlement proofs and a separate shared sequencer for transaction ordering. The economic model typically involves rollups paying fees in a native token or ETH to the prover network for its service. This modular separation aligns with the modular blockchain thesis, which advocates for specializing core functions—execution, settlement, consensus, and data availability—into independent layers to achieve optimal scalability and innovation.
key-features
SHARED PROVER
Key Features & Benefits
A shared prover is a decentralized network component that generates cryptographic proofs for multiple blockchain applications, enabling them to inherit security from a common, robust system.
01
Unified Security Layer
A shared prover provides a single, high-assurance cryptographic layer for multiple rollups or validiums. This means individual applications don't need to bootstrap their own trust networks; they inherit the cryptographic security and decentralization of the prover network itself. This model is analogous to how multiple websites use a common TLS/SSL certificate authority.
02
Cost Efficiency at Scale
By amortizing the fixed cost of proof generation across many users and applications, a shared prover dramatically reduces the per-transaction cost for zero-knowledge proofs (ZKPs). This is achieved through:
- Batch processing of proofs from multiple sources.
- Optimized hardware (e.g., GPUs, FPGAs) dedicated to a single, efficient proving task.
- Elimination of redundant infrastructure for each individual application.
03
Interoperability & Composability
When multiple L2s or app-chains use the same proving system, it creates a foundation for trust-minimized interoperability. Assets and messages can be transferred between these chains with the guarantee that state transitions are verified by a common, neutral cryptographic verifier. This enables new forms of cross-rollup composability without introducing additional trust assumptions.
04
Developer Abstraction
Shared provers abstract away the immense complexity of zero-knowledge cryptography and circuit design. Developers can focus on application logic while the prover network handles the secure generation of validity proofs or ZK-SNARKs/STARKs. This lowers the barrier to entry for building ZK-powered applications and ZK rollups.
05
Decentralized Prover Networks
To avoid centralization and ensure liveness, advanced shared prover designs operate as decentralized networks. Multiple independent provers (nodes) can generate proofs for the same batch, with the network using an economic consensus mechanism (like proof-of-stake) to select and reward the first correct proof. This creates a robust, censorship-resistant service.
06
Verifier Simplicity & Speed
A key benefit is the separation of proof generation (complex, slow) from proof verification (simple, fast). The shared prover performs the heavy computational lifting to produce a succinct proof. The resulting proof is then verified on-chain by a verifier contract in milliseconds, enabling fast and cheap finality for the connected applications.
ecosystem-usage
SHARED PROVER
Ecosystem Usage & Examples
A Shared Prover is a decentralized network or service that generates cryptographic proofs for multiple blockchain applications, enabling them to inherit security and scale by outsourcing computation. This section explores its key implementations and use cases.
06
Key Technical Challenge: Proof Recursion
A core innovation enabling shared provers is proof recursion (or proof composition). This allows a prover to generate a proof that verifies other proofs, aggregating them into a single, final proof. This technique is critical for scaling, as it lets a shared prover efficiently batch proofs from multiple sources (e.g., different rollups) before settling on L1. Nova and Cycle of Curves are seminal research in this area.
ARCHITECTURE COMPARISON
Shared Prover vs. Dedicated Prover
A comparison of the operational models for zero-knowledge proof generation in blockchain networks.
| Feature / Metric | Shared Prover (Marketplace) | Dedicated Prover (Solo) |
|---|---|---|
Infrastructure Model | Multi-tenant, pooled proving capacity | Single-tenant, self-hosted infrastructure |
Capital Expenditure (CapEx) | None (pay-as-you-go) | High (hardware acquisition & setup) |
Operational Overhead | Low (managed service) | High (maintenance, upgrades, monitoring) |
Proving Cost Predictability | Variable (market-driven spot pricing) | Fixed (amortized hardware cost) |
Time to First Proof (TTFP) | < 1 hour (instant provisioning) | Weeks (procurement & deployment) |
Throughput Scalability | Elastic (scale with demand) | Fixed (limited by owned hardware) |
Proof Finality Latency | Market-dependent (queue time) | Deterministic (controlled queue) |
Censorship Resistance | Higher (decentralized prover set) | Lower (single point of control) |
security-considerations
SHARED PROVER
Security & Decentralization Considerations
A Shared Prover is a specialized node or service that generates cryptographic proofs for multiple blockchain networks, centralizing a computationally intensive task. This section examines its security model and impact on decentralization.
01
Core Function: Proof Generation
A Shared Prover is a node that performs the computationally expensive task of generating validity proofs (like zk-SNARKs or zk-STARKs) for transactions from one or more rollups or blockchains. It acts as a centralized proving service, batching work to achieve economies of scale and faster proof generation times than individual chains could manage independently.
02
Security Model & Trust Assumptions
The security of systems using a Shared Prover hinges on the cryptographic soundness of the proof system and the honest operation of the prover itself. While the proofs are verifiable, users must trust that:
- The prover is not maliciously generating invalid proofs.
- The prover's software and hardware are not compromised.
- The underlying cryptographic parameters (e.g., trusted setup) are secure. This creates a single point of cryptographic failure distinct from the decentralized validation of the underlying blockchain.
03
Decentralization Trade-offs
Employing a Shared Prover introduces a centralization vector in an otherwise decentralized stack. Key trade-offs include:
- Prover Centralization: The proving task is concentrated with one or a few operators, creating a potential bottleneck or censorship point.
- Liveness Dependency: Networks rely on the prover's continuous availability to finalize state updates.
- Mitigation via Markets: Decentralization can be encouraged through a competitive proving market where multiple provers bid for work, though this is an active area of research and development.
04
Economic & Incentive Design
The economic model for a Shared Prover is critical for security and sustainability. It typically involves:
- Proving Fees: Compensation for the computational resources expended.
- Slashing Mechanisms: Bonds or penalties to disincentivize malicious behavior (e.g., submitting invalid proofs).
- Sequencer-Prover Alignment: In rollup architectures, ensuring the sequencer (ordering transactions) and the prover (proving them) are not colluding is a key consideration.
05
Comparison to Dedicated Provers
Contrasts the Shared Prover model with alternative architectures:
- Dedicated (Sovereign) Prover: Each rollup or chain operates its own prover, maximizing sovereignty but incurring higher costs and slower proof times.
- Proof Aggregation Networks: A decentralized network of provers (e.g., EigenLayer AVS) that share work, aiming to reduce centralization risks.
- Hardware Specialization: Shared provers often utilize specialized hardware (ASICs, GPUs) for optimal performance, raising barriers to entry for decentralized alternatives.
06
Real-World Implementations & Examples
Shared Prover concepts are implemented in various forms:
- zkSync Era's Boojum: A high-performance prover used by the zkSync rollup.
- Polygon zkEVM Prover: The proving component of the Polygon zkEVM network.
- RISC Zero's zkVM: A general-purpose zkVM that can act as a shared proving service for various applications.
- Espresso Systems' Shared Sequencer/Prover: Proposes a decentralized network for both sequencing and proving.
visual-explainer
BLOCKCHAIN INFRASTRUCTURE
Visual Explainer: The Shared Prover Architecture
A technical overview of a foundational architecture for scaling blockchains by decoupling transaction execution from proof generation.
A Shared Prover Architecture is a blockchain scaling design pattern where a dedicated, specialized network of nodes generates cryptographic proofs for transactions executed across multiple, independent blockchains or execution layers. This model separates the roles of transaction execution and proof generation, allowing different chains—often called rollups—to outsource their computationally intensive proving work to a common, optimized marketplace. The core innovation is the creation of a prover-as-a-service economy, where proving resources are not siloed per chain but are pooled for efficiency and cost reduction.
The architecture operates through a clear division of labor. Individual execution layers, such as optimistic rollups or zkEVMs, process user transactions and batch them. Instead of constructing validity proofs internally, they submit these batches to a shared prover network. This network, which runs specialized hardware for tasks like zk-SNARK or zk-STARK generation, competes to produce the proof for a fee. The resulting proof is then returned to the originating chain and verified, typically by its parent Layer 1 blockchain, finalizing the state transition with cryptographic security.
This model offers significant advantages over isolated proving. It creates economies of scale by amortizing high fixed hardware costs across many clients, lowering costs for individual chains. It also enhances decentralization and liveness by preventing a single point of failure; if one prover is offline, others can take its work. Furthermore, it allows execution layers to remain agile and focused on their virtual machines, while leveraging the continuous, rapid advancements in proving hardware and algorithms happening in the shared network.
Key technical components enable this system. A proof marketplace or auction mechanism matches proof jobs with available provers. Standardized proof interfaces and verification contracts ensure proofs generated by any prover in the network are compatible and verifiable by the destination chain. Projects like Espresso Systems with its Espresso Sequencer, GeVul as a shared prover network, and Avail's Nexus interoperability layer exemplify implementations of this architecture, each with variations on coordination and economic models.
The shared prover model is a critical enabler for the modular blockchain thesis, where monolithic chains are decomposed into specialized layers for execution, settlement, consensus, and data availability. By providing proving as a neutral, verifiable utility, it reduces barriers to launching new secure chains and fosters a more interoperable ecosystem. Its success hinges on the security of the proof marketplace, the economic incentives for provers, and the widespread adoption of standard proof formats across the blockchain landscape.
SHARED PROVER
Frequently Asked Questions (FAQ)
A Shared Prover is a core component of modern blockchain scaling architectures, enabling multiple execution layers to leverage a single, powerful proving service. This FAQ addresses common technical and operational questions.
A Shared Prover is a decentralized service or network that generates cryptographic proofs (like ZK-SNARKs or ZK-STARKs) for multiple, independent blockchain execution layers (rollups). It works by receiving transaction batches from different rollup sequencers, processing them through a proving circuit, and outputting a single, succinct validity proof. This proof is then posted to a base layer (like Ethereum) to finalize the state transitions for all connected rollups, thereby amortizing the high computational cost of proof generation across many users and applications.
Key Mechanism:
- Batch Submission: Multiple rollups submit their state transition data.
- Proof Aggregation: The prover's hardware (often with GPUs/ASICs) runs a unified proving circuit.
- Single Output: One compact proof is generated, attesting to the validity of all transactions in the batch.
- Base Layer Verification: This single proof is verified on the underlying L1, settling all rollup states simultaneously.
ENQUIRY
Get In Touch
today.
Our experts will offer a free quote and a 30min call to discuss your project.
NDA Protected
Confidentiality24h Response
Time to ValueDirectly to Engineering Team
No Sales Fluff10+
Protocols Shipped
$20M+
TVL Overall