Enabling General Purpose Verifiable Cloud Computing

An Overview of the Nexus System for the Stanford Blockchain Review.

Enabling General Purpose Verifiable Cloud Computing

An Overview of the Nexus System for the Stanford Blockchain Review.


Verifiable cloud computing presents the possibility of outsourcing the computation of traditional programs (e.g. written in Rust or C++) to remote servers, such as those provided by AWS or Google Cloud, and receiving both the output of the program and a proof that verifies the correctness of the computation. This would allow users to outsource computation to untrusted servers while retaining the ability to verify the results.

The potential impact of verifiable cloud computing, especially in the blockchain space, is hard to fathom. By enabling smart contracts to outsource computation, storage, and interactions with other systems in a mathematically verifiable manner, this technology holds the promise of massively enhancing the computational capabilities of smart contract systems.

Nexus is an attempt at achieving general-purpose verifiable cloud computing, designed in particular to scale Ethereum applications. In this paper, we provide a brief overview of the main innovations our team is working on to enable this future.

Verifiable Computing

Verifiability can be defined and achieved in different ways. Generally, we have:

  • Proofs of validity: Through zero-knowledge proofs / zk-SNARKs, a verifier can mathematically verify that a certain program was computed correctly.
  • Proofs of fraud: One can instead provide proofs of in-validity. This is usually referred to as optimistic computation, and requires at least one honest party to identify and prove fraud was committed.
  • Proofs of consensus: Instead of requiring mathematical correctness, one may assume that a threshold (t-of-N) of parties are honest or economically rational actors. This is the approach taken by blockchains and sidechains.

Each approach has significant tradeoffs, but generally speaking zero-knowledge proofs provide the best security guarantees, while consensus/state-machine-replication provides the most practical and powerful primitive today.

Safety and Liveness

Verifiability alone is not enough. Enabling truly unstoppable decentralized applications requires providing two security guarantees:

  • Safety: This is equivalent to the verifiablity / correctness property.
  • Liveness: Ensures the application will eventually execute, i.e. it is censorship-resistant.

Systems like optimistic and zk rollups may provide safety (through fraud proofs / ZKPs), but not liveness (e.g. if they have a centralized sequencer). A system which provides both safety and liveness is said to be totally correct.

Nexus: Enabling Totally Correct General-Purpose Cloud Computing

Nexus is a decentralized marketplace for verifiable cloud computing. It enables developers to host serverless cloud applications written in traditional languages (e.g. Rust, C++, Go), similar to AWS Lambda, while enjoying both safety and liveness guarantees.

Nexus comes in two flavors: Nexus and Nexus Zero, which build on top of each other.

Nexus Zero: A Zero-Knowledge Cloud Computing Network

Nexus Zero is a decentralized network of off-chain zero-knowledge provers, which allow Ethereum smart contracts to outsource general computation.

It is comprised of three components:

  • A general-purpose zero-knowledge virtual machine (zkVM).
  • A permissionless network of provers.
  • A decentralized market-making network.

Applications on Nexus Zero are stateless "zk-Functions", which are invoked directly by smart contracts.

Underneath, Nexus Zero is based on a zk-SNARK implementation that supports executions on a universal von Neumann RISC-V machine. In practice, this means that instead of compiling a program to different circuit representations, Nexus Zero uses a single unversal circuit that can prove any computation (within an upper bound on the runtime).

Nexus: A Decentralized Cloud Computing Network

Nexus is a decentralized network of decentralized cloud computing networks. In other words, it is a network of independent, externally-aware "serverless blockchains".

Applications on Nexus are stateful "Nexus Functions", invoked directly by smart contracts.

In particular, Nexus networks can be used to outsource computation, storage, and I/O capabilities from smart contract systems. Nexus networks can also be used to replicate any prover system (e.g. ZK / optimistic), and in general do anything one can do with AWS / Google Cloud, but with total correctness guarantees.

Nexus networks reach internal consensus and can communicate with external systems through special-purpose multi-party computation techniques, like threshold signature schemes. Node incentivation is based on traditional Proof-of-Stake.

Thus, one can use Nexus to immediately spin up an Ethereum-connected "serverless blockchain". In particular, these networks can serve as sidechains, oracle networks, storage / data-availability networks, keeper-networks, decentralized sequencer networks or special-purpose blockchains.

Nexus: Simplicity

Beyond achieving general-purpose verifiable cloud computing, one of our central goals at Nexus Labs is to provide an extremely simple and enjoyable developer experience.

That is why both Nexus and Nexus Zero are designed to provide an experience indistinguishable from traditonal cloud computing. Developers can write programs in traditional languages and import their favorite libraries.

use nexus_sdk::{nexus, Ethereum};

struct Function {}

impl Function {
    pub fn execute(&mut self) {
        // Read from Ethereum state.
        let state = self.env().read(Ethereum, ENDPOINT);
        // Run any computation, import any libraries.
        let output = crypto::sha256(data);
        // Write to Ethereum state.
        self.env().write(Ethereum, ENDPOINT, output);

The above is an example of an Ethereum-connected stateless "Lambda Function" on Nexus, which is invoked on every new block. Functions also have access to storage and a local POSIX-like filesystem.

In addition, Nexus functions can also be stateful (keep state between invocations) just like a smart contract, and unlike smart contracts they can run long-running tasks, like rollup sequencers or any zero-knowledge prover as long as it is 1) deterministic and 2) compiles to WASM.


General-purpose verifiable cloud computing opens new uncharted territory for innovation in blockchain scalability, a future that promises massively enhanced computational capabilities for blockchains, rollups and smart contracts.

At Nexus Labs we are working to enable exactly this future, and we believe that mathematics, cryptography and distributed systems hold the key.