Skip to main content

What AggchainProofGen Does

AggchainProofGen generates state transition proofs for chains that require mathematical verification of internal operations. While chains using a trusted sequencer model can use simple ECDSA signature authorization, some chains need comprehensive proofs that verify both internal operations and cross-chain bridge activities. AggchainProofGen implements the chain-side component of the State Transition Proof system introduced in Agglayer v0.3. It verifies the chain’s consensus mechanism, verifies bridge constraints, and produces an Aggchain Proof that AggSender includes in its certificate.

When AggchainProofGen Is Needed

AggchainProofGen is required for chains that use CONSENSUS_TYPE = 1 (generic validity proof) rather than CONSENSUS_TYPE = 0 (ECDSA signature). This applies to:
  • Zero-knowledge rollups: Chains that generate zk-SNARKs or zk-STARKs for state transitions
  • Custom consensus chains: Chains with consensus mechanisms that cannot be authorized by a single trusted sequencer address
  • High-security deployments: Chains where mathematical certainty about state correctness is required rather than trusted-party authorization
Chains using ECDSA authorization do not need AggchainProofGen and can operate with AggSender alone.

How AggchainProofGen Works

AggchainProofGen implements a dual verification process: Step 1: Consensus verification. AggchainProofGen verifies the chain’s consensus: either validating an ECDSA signature from the trusted sequencer, or verifying a validity proof using the SP1 zkVM. Step 2: Bridge constraint verification. AggchainProofGen verifies that all bridge operations comply with the Unified Bridge security constraints. This includes GER hash chain validation, claims hash chain validation, Local Exit Root correctness, and GER Merkle proof inclusion in the L1 Info Root. Step 3: Proof generation. AggchainProofGen generates an Aggchain Proof combining both verifications. AggSender includes this proof in the certificate it submits to Agglayer.

Proof Generation Modes

ECDSA Mode

For chains with trusted sequencer models, AggchainProofGen verifies operations using ECDSA signature validation. This provides fast verification while maintaining compatibility with existing chain architectures.

Validity Proof Mode

For chains requiring mathematical certainty, AggchainProofGen generates validity proofs using zero-knowledge virtual machines. This provides cryptographic certainty about the correctness of both internal operations and bridge activities, without relying on a trusted party.

Integration with AggSender

When a chain uses AggchainProofGen, AggSender operates in AggchainProver mode: For the full context of how Aggchain Proof fits into the verification pipeline, see State Transition Proof and Aggchain Proof.