The zkEVM ecosystem has achieved a monumental milestone, successfully collapsing proving times for Ethereum blocks from minutes to mere seconds. This victory in latency, with 99% of mainnet blocks now proven under 10 seconds, signals the end of the performance race and ushers in a new, more critical era focused entirely on the fundamental soundness and provable security of these sophisticated systems.
From Speed to Soundness: The New Imperative
For the past year, zkEVM developers sprinted to optimize latency, dramatically reducing costs and proving times. The Ethereum Foundation (EF) declared this performance bottleneck cleared, confirming that real-time proving is indeed viable. However, this triumph quickly revealed a deeper, more concerning issue: the inherent security of many STARK-based zkEVMs was built upon unproven mathematical conjectures. Over recent months, some of these "proximity gap" assumptions, crucial for hash-based SNARK and STARK low-degree tests, have been mathematically disproven. This has compromised the effective bit-security of existing parameter sets, rendering speed without provable security a significant liability. The EF's unwavering stance is clear: only "provable security" at a 128-bit level, aligned with mainstream cryptographic standards, is acceptable for L1 integration, a non-negotiable margin given the potential for system-wide fraud if proofs can be forged.
A Three-Milestone Roadmap to Robust Security
To address these vulnerabilities, the EF has unveiled a structured roadmap with three hard-stop milestones, shifting the focus from engineering throughput to cryptographic rigor.
- February 2026: Standardized Security Assessment. By this date, every zkEVM team must integrate their proof system into "soundcalc," an EF-maintained tool providing canonical security estimates based on current cryptanalytic bounds. This ensures a common, evolving ruler for measuring bit security, replacing bespoke and potentially optimistic team-specific assumptions.
- May 2026 (Glamsterdam): Interim Provable Security. Teams are required to demonstrate at least 100-bit provable security via soundcalc, produce final proofs under 600 kilobytes, and publicly explain their recursion architecture with a sketch of its soundness argument. This serves as an interim target, acknowledging the journey towards the ultimate goal.
- December 2026 (H-star): Full 128-bit Provable Security. The final benchmark demands 128-bit provable security as calculated by soundcalc, proofs at or below 300 kilobytes, and a comprehensive, formal security argument for the entire recursion topology. This milestone emphasizes formal methods and deep cryptographic proofs over mere engineering.
Technical Levers and Enduring Challenges
Achieving these ambitious security and proof-size targets necessitates cutting-edge technical innovation. The EF highlights tools like WHIR (a new Reed-Solomon proximity test offering transparent, post-quantum security with smaller, faster proofs), JaggedPCS (techniques for efficient polynomial encoding), and "grinding" (brute-force search for optimal proofs). The focus is on exotic polynomial math and "well-structured recursion topology" to shrink proofs while bolstering security. If successful, these advancements would allow Ethereum to increase its gas limit, enabling validators to verify small proofs instead of re-executing transactions, thereby growing block capacity while keeping home-staking viable. However, significant challenges remain. The current real-time proving benchmarks are off-chain, and widespread adoption by thousands of independent validators is yet to be realized. The security landscape is dynamic, with conjectures continually being disproven, meaning security parameters may shift again. Furthermore, the hardest part may be formalizing and auditing the "glue code" and bespoke recursion architectures that compose many zkEVMs, demanding extensive work in formal verification. While the question of whether zkEVMs could prove fast enough has been answered, the new and profound challenge is whether they can prove soundly enough—with provable, unassailable security, compact proofs, and formally verified architectures robust enough to secure the billions of dollars flowing through the Ethereum ecosystem. The security race has just begun.
