Skip to main content
The Hello World example is a minimal zkVM application that demonstrates the core concepts of RISC Zero. It proves that you know two non-trivial factors of a composite number without revealing what those factors are.

What You’ll Learn

  • How to structure a zkVM application with host and guest programs
  • How to pass data between host and guest
  • How to commit values to the journal
  • How to verify a receipt

Project Structure

zkVM applications are organized into two parts:
  • Host Program (src/main.rs): Executes the guest program and generates proofs
  • Guest Program (methods/guest/src/main.rs): Runs inside the zkVM and performs the computation

How It Works

1
Guest Program
2
The guest program receives two numbers from the host, verifies they’re non-trivial factors, and commits their product to the journal:
3
use risc0_zkvm::guest::env;

fn main() {
    // Load the first number from the host
    let a: u64 = env::read();
    // Load the second number from the host
    let b: u64 = env::read();
    // Verify that neither of them are 1 (i.e. nontrivial factors)
    if a == 1 || b == 1 {
        panic!("Trivial factors")
    }
    // Compute the product while being careful with integer overflow
    let product = a.checked_mul(b).expect("Integer overflow");
    env::commit(&product);
}
4
Host Program
5
The host program provides the factors to the guest, generates a proof, and verifies it:
6
use hello_world::multiply;
use hello_world_methods::MULTIPLY_ID;

fn main() {
    // Pick two numbers
    let (receipt, _) = multiply(17, 23);

    // Here is where one would send 'receipt' over the network...

    // Verify receipt, panic if it's wrong
    receipt.verify(MULTIPLY_ID).expect(
        "Code you have proven should successfully verify",
    );
}

Running the Example

1
Install Dependencies
2
First, install the RISC Zero toolchain:
3
curl -L https://risczero.com/install | bash
rzup install
4
Run the Example
5
Clone the examples repository and run:
6
cargo run --release
7
You should see output confirming that you’ve constructed a zero-knowledge proof that you know the factors of 391 (17 × 23).

What Gets Proven?

The receipt proves:
  1. The guest program was executed correctly
  2. The value in receipt.journal (391) is the product of two non-trivial factors
  3. The prover knows what those factors are (17 and 23)
Critically, the factors themselves are never revealed - only their product appears in the journal.
This demonstrates the “zero-knowledge” aspect: Alice proves she knows the factorization without revealing the actual factors.

Key Concepts

Receipt

A receipt is cryptographic proof that a program executed correctly. It contains:
  • Journal: Public outputs from the program
  • Seal: Cryptographic proof of correct execution
  • Image ID: Identifier of the program that was executed

Journal

The journal is a public record of values committed during execution using env::commit(). Anyone with the receipt can read the journal.

Image ID

The Image ID uniquely identifies the guest program. It’s derived from the compiled guest code, so any change to the guest program changes the Image ID.

Use Cases

  • Privacy-preserving computations: Prove you performed a calculation correctly without revealing inputs
  • Credential verification: Prove you have valid credentials without exposing them
  • Computational integrity: Offload expensive computations and verify results cheaply
  • Blockchain applications: Generate proofs off-chain for on-chain verification

Next Steps

Build docs developers (and LLMs) love

Get started for freeTalk to us