# Cairo >>> RISC-V zkVMs #### Smart contract first Cairo is a smart-contract focused language and VM, it has an established ecosystem of tooling, devs, and apps running in prod for multiple years (including top perp DEXes and large scale onchain games). So far RISC-V zkVMs provide EVM emulation which comes with a huge overhead, and the longer term plans to introduce a native smart contract framework has many pitfalls: [Long-term L1 execution layer proposal: replace the EVM with RISC-V \- Primordial Soup \- Fellowship of Ethereum Magicians](https://ethereum-magicians.org/t/long-term-l1-execution-layer-proposal-replace-the-evm-with-risc-v/23617) #### Simplicity → Formal Security A small, minimalist VM can have its entire transition logic fully specified and mechanically verified using Lean and other theorem provers. Large ISAs create combinatorial explosions in proof state space, making full end-to-end formal security (and bug eradication) much harder for general-purpose RISC-V zkVMs. #### Maximal Efficiency for L1/L2 Use Cairo avoids emulating hardware conventions and is not shackled by legacy opcode baggage. It only implements what is required for succinct verification, whereas RISC-V zkVMs inherently bear the cost of CPU semantics and conversion layers. #### Sustainability and Evolution Cairo (as an ISA) has already ossified, i.e. very few new features, reliability is maximized, and the core needs no constant reinvention. Cairo is built for the vision of the eventual “maintenance mode” and is thus less likely to accrue technical debt compared to feature-crowded RISC-V-based stacks. #### Recursion and Aggregation as First-Class Cairo ISA has been optimized for efficient recursion (e.g. by introducing specific opcodes) which allows the proving system to operate at far lower cost. RISC-V zkVMs typically optimize for compatibility first, and optimization for efficient recursion is more “bolted on” and less deeply integrated #### Summary | Feature/Dimension | Cairo | RISC-V zkVMs | | :---- | :---- | :---- | | *Instruction Set* | Minimal & purpose-built | Full RISC-V (RV32/RV64): general-purpose, complex | | *Complexity / Verifiability* | Relatively small codebase | Complex, larger attack surface, harder full formal proofs ​ | | *Efficiency (Proof Costs)* | Circle STARK and logup lookups cut commitment costs, optimized for recursion ​ | RISC-V zkVMs (e.g., RISC Zero) require elaborate CIRCUIT translation layers (e.g., MLIR), and proof optimization post hoc ​ | | *Blockchain alignment* | ​Designed for smart contracts, has an intermediate representation for gas accounting | Used for general-purpose zk projects, smart contracts possible but with higher wrapping layers | | *Long-term Maintenance* | Deliberate, slow evolution — stability prioritized | Churn with evolving RISC-V ISAs and circuit dev stack | ## “General‑purpose” means *semantics*, not “is RISC‑V” A persistent conflation: *“Only RISC‑V zkVMs are general‑purpose.”* Not so. * **Cairo is Turing‑complete** and can express arbitrary computations. * The **non‑compatibility** is about *host toolchains* (you won’t `cargo build` your Rust onto Cairo), not expressiveness.