By embracing RISC-V, Ethereum not only addresses its scalability bottleneck but also positions itself as the foundational trust layer for the next generation of the internet.

Author: jaehaerys.eth

Compiled by: Deep Tide TechFlow

Abstract

Ethereum is preparing for the most significant architectural transformation since its inception: replacing the EVM with RISC-V.

The reason is simple— in a future centered around zero-knowledge (ZK), the EVM has become a performance bottleneck:

• The current zkEVM relies on an interpreter, leading to a 50–800 times slowdown in performance;

• Precompiled modules complicate the protocol and increase risks;

• The 256-bit stack design is highly inefficient when generating proofs.

RISC-V Solutions:

• Minimalist design (about 47 basic instructions) + a mature LLVM ecosystem (supporting languages like Rust, C++, Go, etc.);

• Has become the de facto zkVM standard (90% of projects adopted);

• Features a formal SAIL specification (compared to the vague yellow paper) → enabling strict verification;

• Hardware proof paths (ASICs/FPGAs) are in testing (SP1, Nervos, Cartesi, etc.).

The Migration Process is Divided into Three Stages:

1. Replace RISC-V as a precompiled module (low-risk testing);

2. Dual virtual machine era: EVM and RISC-V coexist and are fully interoperable;

3. Reimplement EVM within RISC-V (Rosetta strategy).

Ecosystem Impact:

• Optimistic Rollups (like Arbitrum and Optimism) will need to rebuild their fraud proof mechanisms;

• Zero-knowledge Rollups (like Polygon, zkSync, Scroll) will gain significant advantages → cheaper, faster, simpler;

• Developers can directly use libraries in languages like Rust, Go, and Python at the L1 layer;

• Users will enjoy approximately 100 times lower proof costs → paving the way for Gigagas L1 (around 10,000 TPS).

Ultimately, Ethereum will evolve from a "smart contract virtual machine" into a minimalist, verifiable trust layer for the internet, with the ultimate goal of "making everything ZK-Snarkified."

Ethereum at a Crossroads

Vitalik Buterin once said, "The endpoint includes… making everything ZK-Snarkified."

The endgame of zero-knowledge proofs (ZK) is inevitable, and its core argument is simple: Ethereum is starting from scratch, reshaping itself based on zero-knowledge proofs. This marks the technical endpoint of the protocol—achieving its final form through the reconstruction of L1, supported by high-performance zkVM driven by core development teams (like Succinct).

With this vision as the endpoint, Ethereum is at the most important architectural transformation since its inception. This discussion is no longer about gradual upgrades but about a comprehensive reconstruction of its computational core—replacing the Ethereum Virtual Machine (EVM). This move is the cornerstone of the broader "Lean Ethereum" vision.

The Lean Ethereum vision aims to systematically simplify the entire protocol, breaking it down into three core modules: Lean Consensus, Lean Data, and Lean Execution. At the heart of the Lean Execution issue is the critical question: has the EVM become the main bottleneck for Ethereum's future development as the engine driving the smart contract revolution?

As Justin Drake from the Ethereum Foundation stated, Ethereum's long-term goal has always been to "Snarkify everything," which is a powerful tool that can enhance all layers of the protocol. However, for a long time, this goal seemed more like an "unreachable blueprint," as achieving it requires the concept of real-time proving. Now, as real-time proving gradually becomes a reality, the theoretical inefficiencies of the EVM have transformed into an urgent practical problem.

This article will delve into the technical and strategic arguments for migrating Ethereum L1 to the RISC-V instruction set architecture (ISA). This move is expected to not only unleash unprecedented scalability but also simplify the protocol structure and align Ethereum with the future of verifiable computing.

What Exactly is Changing?

Before exploring the "why," it is essential to clarify "what" is changing.

The EVM (Ethereum Virtual Machine) is the runtime environment for Ethereum smart contracts, referred to as the "world computer" that processes transactions and updates the blockchain state. For years, its design has been revolutionary, laying the foundation for the emergence of decentralized finance (DeFi) and the NFT ecosystem. However, this custom architecture, nearly a decade old, has accumulated significant technical debt.

In contrast, RISC-V is not a product but an open standard— a free, general-purpose processor design "alphabet." As Jeremy Bruestle emphasized at the Ethproofs conference, its key principles make it an excellent choice for this role:

• Minimalism: The RISC-V base instruction set is extremely simple, containing only about 40 to 47 instructions. As Jeremy stated, this makes it "almost perfectly suited for the use case of the super minimalist general-purpose machine we need."

• Modular Design: More complex functionalities are added through optional extensions. This feature is crucial as it allows the core to remain simple while expanding functionality as needed, without imposing unnecessary complexity on the base protocol.

• Open Ecosystem: RISC-V has a large and mature toolchain support, including the LLVM compiler, enabling developers to use mainstream programming languages like Rust, C++, and Go. As Justin Drake mentioned, "The tools around the compiler are very rich, and building compilers is extremely difficult… thus the value of having these compiler toolchains is very high." RISC-V allows Ethereum to inherit these ready-made tools for free.

Interpreter Overhead Issues

The push to replace the EVM is not due to a single flaw but rather a convergence of multiple fundamental limitations that can no longer be ignored in the context of a future centered around zero-knowledge proofs. These limitations include performance bottlenecks in zero-knowledge proof systems and the increasing risks posed by the growing complexity accumulated within the protocol.

Interpreter Overhead Issues

The most pressing driver for this transformation is the inherent inefficiency of the EVM in zero-knowledge proof systems. As Ethereum gradually shifts towards a model of verifying L1 state through ZK proofs, the performance of the prover becomes the biggest bottleneck.

The problem lies in how the current zkEVM operates. They do not directly perform zero-knowledge proofs on the EVM but rather on the interpreter of the EVM, which itself is compiled into RISC-V. Vitalik Buterin pointed out this core issue bluntly:

"…If the implementation of the zkVM is to compile the execution of the EVM into something that ultimately becomes RISC-V code, then why not expose the underlying RISC-V directly to smart contract developers? This would completely eliminate the overhead of the entire outer virtual machine."

This additional layer of interpretation incurs significant performance losses. Estimates suggest that this layer could lead to a performance drop of 50 to 800 times compared to proving native programs. Even after optimizing other bottlenecks (such as switching to the Poseidon hashing algorithm), this portion of "block execution" still occupies 80-90% of all proof time, making the EVM the ultimate and most challenging obstacle to scaling L1. By removing this layer, Vitalik expects execution efficiency to potentially improve by 100 times.

Technical Debt Trap

To compensate for the EVM's performance shortcomings in specific cryptographic operations, Ethereum introduced precompiled contracts—dedicated functions hardcoded into the protocol. While this solution seemed pragmatic at the time, it has now led to what Vitalik Buterin describes as a "disastrous" situation:

"Precompiles have been catastrophic for us… they have greatly inflated Ethereum's trusted codebase… and they have led to several serious issues that nearly caused consensus failures."

The complexity is staggering. Vitalik illustrates that the wrapping code for a single precompiled contract (like modexp) is more complex than the entire RISC-V interpreter, while the logic of the precompiled contract is actually more convoluted. Adding new precompiled contracts requires going through a slow and politically contentious hard fork process, severely hindering application innovation that requires new cryptographic primitives. In response, Vitalik has drawn a clear conclusion:

"I think we should stop adding any new precompiled contracts starting today."

Ethereum's Architectural Technical Debt

The core design of the EVM reflects the priorities of a past era, but it is no longer suitable for modern computational needs. The EVM chose a 256-bit architecture to handle cryptographic values, but this architecture is highly inefficient for the 32-bit or 64-bit integers commonly used in smart contracts. This inefficiency is particularly costly in ZK systems. As Vitalik explained:

"When using smaller numbers, each number actually saves no resources, while the complexity increases two to four times."

In addition, the stack architecture of the EVM is less efficient than the register architecture of RISC-V and modern CPUs. It requires more instructions to perform the same operations, complicating compiler optimizations.

These issues—including performance bottlenecks in ZK proofs, the complexity of precompiles, and outdated architectural choices—collectively form a compelling and urgent reason: Ethereum must move beyond the EVM and embrace a technology architecture more suited for the future.

RISC-V Blueprint: Reshaping Ethereum's Future on a Stronger Foundation

The advantages of RISC-V lie not only in the shortcomings of the EVM but also in the inherent strength of its design philosophy. Its architecture provides a robust, simple, and verifiable foundation, making it well-suited for high-risk environments like Ethereum.

Why Open Standards are Superior to Custom Designs

Unlike custom instruction set architectures (ISAs) that require building an entire software ecosystem from scratch, RISC-V is a mature open standard with three key advantages:

Mature Ecosystem

By adopting RISC-V, Ethereum can leverage decades of collective progress in computer science. As Justin Drake explained, this provides Ethereum with the opportunity to directly use world-class tools:

"There is an infrastructure component called LLVM, which is a compiler toolchain that allows you to compile high-level programming languages into one of several backend targets. One of the supported backends is RISC-V. So if you support RISC-V, you automatically support all high-level languages that LLVM supports."

This significantly lowers the development barrier, enabling millions of developers familiar with languages like Rust, C++, and Go to easily get started.

Minimalist Design Philosophy RISC-V's minimalism is an intentional feature rather than a limitation. Its base instruction set contains only about 47 instructions, keeping the core of the virtual machine extremely simple. This simplicity has significant advantages in terms of security, as a smaller trusted codebase is easier to audit and formally verify.

De Facto Standard in Zero-Knowledge Proofs More importantly, the zkVM ecosystem has made a choice. As Justin Drake pointed out, a clear trend can be seen from Ethproofs data:

"RISC-V is the leading instruction set architecture (ISA) for zkVM backends."

Among the ten zkVMs capable of proving Ethereum blocks, nine have chosen RISC-V as their target architecture. This market convergence sends a strong signal: Ethereum's adoption of RISC-V is not a speculative attempt but aligns with a standard that has already been practically validated and recognized by projects building its zero-knowledge future.

Born for Trust, Not Just Execution

In addition to a broad ecosystem, RISC-V's internal architecture is particularly well-suited for building secure and verifiable systems. First, RISC-V has a formalized, machine-readable specification—SAIL. This is a significant advancement compared to the EVM's specification (primarily existing in textual form as the "yellow paper"). The yellow paper has some ambiguity, while the SAIL specification provides a "gold standard" that supports critical mathematical correctness proofs, which are essential for protecting valuable protocols. As Alex Hicks from the Ethereum Foundation (EF) mentioned at the Ethproofs conference, this allows zkVM circuits to be directly "verified against the official RISC-V specification." Second, RISC-V includes a privileged architecture, a feature often overlooked but crucial for security. It defines different levels of operation, primarily including user mode (for untrusted applications like smart contracts) and supervisor mode (for trusted "execution kernels"). Diego from Cartesi elaborated on this:

"The operating system itself must protect itself from the influence of other code. It needs to isolate different programs from each other, and all these mechanisms are part of the RISC-V standard."

In the RISC-V architecture, smart contracts running in user mode cannot directly access the blockchain state. Instead, they must issue requests to a trusted kernel running in supervisor mode through a special ECALL (environment call) instruction. This mechanism creates a hardware-enforced security boundary, which is more robust and easier to verify than the EVM's purely software sandbox model.

Vitalik's Vision

This transformation is envisioned as a gradual, multi-stage process to ensure system stability and backward compatibility. As Ethereum founder Vitalik Buterin articulated, this approach aims for an "evolutionary" development rather than a complete "revolutionary" change.

Step One: Precompile Replacement

The initial phase takes the most conservative approach, introducing limited functionality for the new virtual machine (VM). As Vitalik Buterin suggested, "We can start using the new VM in limited scenarios, such as replacing precompiled functions." Specifically, this will pause the addition of new EVM precompiled functions, instead implementing the required functionality through RISC-V programs approved via a whitelist. This approach allows the new VM to undergo real-world testing in a low-risk environment on the mainnet while serving as an intermediary between the two execution environments through the Ethereum client.

Step Two: Dual Virtual Machine Coexistence

The next phase will "open the new VM directly to users." Smart contracts can indicate through a tag whether their bytecode is EVM or RISC-V. The key feature is to achieve seamless interoperability: "Contracts of both types can call each other." This functionality will be realized through system calls (ECALL), enabling the two virtual machines to collaborate within the same ecosystem.

Step Three: EVM as a Simulated Contract ("Rosetta" Strategy)

The ultimate goal is to achieve a simplification of the protocol. In this phase, "we will treat the EVM as an implementation within the new VM." The standardized EVM will become a formally verified smart contract running on the native RISC-V L1. This not only ensures permanent support for legacy applications but also allows client developers to maintain only a simplified execution engine, significantly reducing complexity and maintenance costs.

Ripple Effects on the Ecosystem

The transition from EVM to RISC-V is not just a transformation of the core protocol; it will have profound impacts on the entire Ethereum ecosystem. This transformation will not only reshape the developer experience but fundamentally alter the competitive landscape of Layer-2 solutions and unlock new economic verification models.

Repositioning Rollups: The Clash of Optimistic and ZK

Adopting RISC-V as the execution layer at L1 will have drastically different impacts on the two main types of Rollups.

Optimistic Rollups (like Arbitrum and Optimism) face architectural challenges. Their security model relies on re-executing disputed transactions through the L1 EVM to resolve fraud proofs. If the L1 EVM is replaced, this model will collapse entirely. These projects will face a tough choice: either undergo a massive engineering overhaul to design a fraud proof system for the new L1 VM or completely detach from Ethereum's security model.

In contrast, ZK Rollups will gain significant strategic advantages. The vast majority of ZK Rollups have already adopted RISC-V as their internal instruction set architecture (ISA). An L1 that "speaks the same language" will enable tighter and more efficient integration. Justin Drake proposed the future vision of "native Rollups": L2 effectively becomes a specialized instance of L1's own execution environment, utilizing L1's built-in VM for seamless settlement. This alignment will bring about the following changes:

Simplified Tech Stack: L2 teams will no longer need to build complex bridging mechanisms between the internal RISC-V execution environment and the EVM.

Tool and Code Reuse: Compilers, debuggers, and formal verification tools developed for the L1 RISC-V environment can be directly used by L2, significantly reducing development costs.

Aligned Economic Incentives: L1's gas fees will more accurately reflect the actual costs of RISC-V-based ZK verification, leading to a more rational economic model.

A New Era for Developers and Users

For Ethereum developers, this transformation will be gradual rather than disruptive.

For developers, they will gain access to a broader and more mature software development ecosystem. As Vitalik Buterin pointed out, developers will "be able to write contracts in Rust, while these options can coexist." Meanwhile, he predicts that "Solidity and Vyper will remain popular for their elegant design in smart contract logic." This shift, utilizing mainstream programming languages and their vast library resources through the LLVM toolchain, will be revolutionary. Vitalik likened it to a "NodeJS-like experience," where developers can write on-chain and off-chain code in the same language, achieving integration in development.

For users, this transformation will ultimately bring a lower-cost, higher-performance network experience. Proof costs are expected to decrease by about 100 times, from several dollars per transaction to a few cents or even less. This directly translates to lower L1 fees and L2 settlement costs. This economic viability will unlock the vision of "Gigagas L1," aiming for performance of around 10,000 TPS, paving the way for more complex and higher-value on-chain applications in the future.

Succinct Labs and SP1: Building the Proof Future Today

Ethereum is poised for a breakthrough. "Scaling L1, scaling blocks" is a strategic urgency within the EF protocol cluster. Significant performance improvements are expected in the next 6 to 12 months.

https://blog.ethereum.org/2025/07/31/lean-ethereum

Teams like Succinct Labs have already demonstrated the theoretical advantages of RISC-V in practice, and their work serves as a strong case for validating this proposal.

The SP1 developed by Succinct Labs is a high-performance, open-source zkVM based on RISC-V, which validates the feasibility of the new architectural approach. SP1 adopts a "precompile-centric" philosophy, perfectly addressing the cryptographic bottlenecks of the EVM. Unlike traditional methods that rely on slow, hard-coded precompiles, SP1 offloads intensive operations like Keccak hashing to specially designed, manually optimized ZK circuits, called through standard ECALL instructions. This approach combines the performance of custom hardware with the flexibility of software, providing developers with a more efficient and scalable solution.

The practical impact of Succinct Labs is already evident. Their OP Succinct product empowers Optimistic Rollups with zero-knowledge proof capabilities (ZK-ify) using SP1. As Succinct co-founder Uma Roy explained:

"With Rollups using the OP Stack, there's no longer a need to wait seven days for final confirmation and withdrawals… now it only takes an hour to complete confirmation. This speed improvement is fantastic."

This breakthrough addresses a critical pain point for the entire OP Stack ecosystem. Additionally, Succinct's infrastructure—the Succinct Prover Network—is designed as a decentralized proof generation market, showcasing a viable economic model for future verifiable computing. Their work is not just a proof of concept but a practical blueprint for the future, as described in this article.

How Ethereum Reduces Risk

One major advantage of RISC-V is that it makes the holy grail of formal verification—proving the correctness of systems through mathematics—an achievable goal. The EVM's specification is written in natural language in the Yellow Paper, making it difficult to formalize. In contrast, RISC-V has an official, machine-readable SAIL specification that provides a clear "golden reference" for its behavior.

This paves the way for stronger security. As Alex Hicks from the Ethereum Foundation pointed out, work is currently underway to "formalize the verification of zkVM RISC-V circuits against the official RISC-V specification in Lean." This is a milestone progress that shifts trust from error-prone human implementations to verifiable mathematical proofs, opening new heights for blockchain security.

Key Risks of the Transformation

Despite the many advantages of the RISC-V architecture for L1, it also brings new complexities and challenges.

Gas Measurement Issues

Creating a deterministic and fair Gas model for a general-purpose instruction set architecture (ISA) is an unsolved problem. Simple instruction counting methods are vulnerable to denial-of-service attacks. For example, an attacker could design a program that repeatedly triggers cache misses, resulting in high resource consumption at very low Gas costs. Such issues pose serious challenges to network stability and economic models.

Toolchain Security and "Reproducible Builds" Issues

This is one of the most important yet often underestimated risks during the transformation process. The security model shifts from relying on the on-chain virtual machine to depending on off-chain compilers (like LLVM), which are highly complex and known to contain vulnerabilities. Attackers could exploit compiler vulnerabilities to transform seemingly harmless source code into malicious bytecode. Additionally, ensuring that the on-chain compiled binaries match the publicly available source code exactly—known as the "reproducible builds" problem—is also extremely difficult. Minor differences in the build environment can lead to different binaries being generated, affecting transparency and trust. These issues pose significant challenges to the security of developers and users.

Mitigation Strategies

The path forward requires a multi-layered defense strategy.

Phased Rollout

Adopting a gradual, multi-phase transition plan is the core strategy for addressing risks. By initially introducing RISC-V as a precompile replacement and then running in a dual virtual machine environment, the community can accumulate operational experience and build confidence in a low-risk environment, avoiding any irreversible changes. This incremental approach provides a stable foundation for the technological transformation.

Comprehensive Audits: Fuzz Testing and Formal Verification

While formal verification is the ultimate goal, it must be combined with ongoing, high-intensity testing. As Valentine from Diligence Security demonstrated in the Ethproofs conference call, their Argus fuzz testing tool has already identified 11 critical soundness and integrity vulnerabilities in leading zkVMs. This indicates that even the most well-designed systems may have vulnerabilities that can only be discovered through rigorous adversarial testing. The combination of fuzz testing and formal verification provides stronger assurances of system security.

Standardization

To avoid fragmentation of the ecosystem, the community needs to adopt a single, standardized RISC-V configuration. This could be the RV64GC combined with a Linux-compatible ABI, as this combination has the broadest support in mainstream programming languages and tools, maximizing the advantages of the new ecosystem. Standardization not only enhances developer efficiency but also lays a solid foundation for the long-term development of the ecosystem.

Ethereum's Verifiable Future

The proposal to replace the Ethereum Virtual Machine (EVM) with RISC-V is not just a gradual upgrade but a fundamental reconstruction of Ethereum's execution layer. This ambitious vision aims to address deep-rooted scalability bottlenecks, simplify protocol complexity, and align the platform with a broader ecosystem of general-purpose computing. Although this transformation faces significant technical and social challenges, its long-term strategic benefits are sufficient to justify this bold endeavor.

This transformation focuses on a series of core trade-offs:

• Balancing the significant performance improvements brought by a ZK-native architecture with the urgent need for backward compatibility;

• Weighing the security advantages of a simplified protocol against the inertia of the EVM's vast network effects;

• Choosing between the powerful capabilities of a general ecosystem and the risks of relying on complex third-party toolchains.

Ultimately, this architectural transformation will be key to fulfilling the promise of "Lean Execution" and will be an important part of the "Lean Ethereum" vision. It will transform Ethereum's L1 from a simple smart contract platform into an efficient and secure settlement and data availability layer, designed to support the vast universe of verifiable computing.

As Vitalik Buterin stated, "The endpoint is… providing ZK-snark for everything."

Projects like Ethproofs provide objective data and collaborative platforms for this transformation, while the Succinct Labs team, through the practical application of their SP1 zkVM, offers an actionable blueprint for this future. By embracing RISC-V, Ethereum not only addresses its scalability bottlenecks but also positions itself as the foundational trust layer for the next generation of the internet—driven by the third major cryptographic primitive, SNARK, following hashes and signatures.

Proving the software of the world, ushering in a new era of cryptography.

Learn more:

Vitalik's interpretation: Click to watch

ETHProofs Fourth Discussion: Click to watch

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。