What Is StarkWare?
StarkWare is an Israeli cryptography company founded in 2018 by Eli Ben-Sasson, a co-inventor of STARKs (Scalable Transparent ARguments of Knowledge). With over $273 million in funding and a peak valuation of $8 billion in 2022, StarkWare has become the most prominent name in zero-knowledge proof infrastructure for blockchain.
Their two primary products serve one purpose — making Ethereum cheaper and faster:
- StarkEx — a permissioned scaling engine used by exchanges like dYdX, Sorare, and Immutable X. It batches thousands of transactions off-chain, generates a single STARK proof, and posts it to Ethereum L1. This compresses gas costs dramatically while preserving Ethereum's security guarantees.
- Starknet — a permissionless Layer 2 rollup that gives developers a general-purpose blockchain with STARK-verified state transitions. Smart contracts are written in Cairo, StarkWare's custom programming language designed specifically for generating provable computation traces.
The underlying cryptography deserves genuine respect. STARKs rely on hash functions rather than elliptic curves, making them inherently post-quantum — a property that most competing ZK systems (Groth16, PLONK with KZG commitments) lack. The "transparent" in STARK means no trusted setup ceremony, eliminating a class of systemic risk that plagues SNARKs. These are real advantages that have earned StarkWare its position in the cryptographic landscape.
Where StarkWare Falls Short for Enterprise
StarkWare's architecture is purpose-built for blockchain scaling. Every design decision — from Cairo's execution trace model to the on-chain verifier contracts — assumes Ethereum as the settlement layer. When an enterprise needs zero-knowledge proofs for authentication, identity verification, or biometric matching, this architecture introduces friction at every layer.
StarkWare's proof verification happens on-chain. Every verified computation costs gas. For a bank authenticating 50,000 employees per hour or a healthcare system verifying patient identities, paying Ethereum gas fees per verification is not just expensive — it introduces a dependency on a public blockchain that most regulated enterprises cannot accept.
The structural gaps compound when you evaluate StarkWare against enterprise authentication requirements:
- Proof generation latency. Generating a STARK proof for a complex computation takes seconds to minutes, depending on the circuit size and computational complexity. H33's in-process DashMap delivers a cached ZKP lookup in 0.062µs — roughly 16 million times faster than a fresh STARK proof generation. Even StarkWare's optimized recursive proving pipelines cannot match sub-microsecond retrieval.
- Cairo learning curve. Developers must learn Cairo, a domain-specific
language with no relation to their existing stack. Cairo is not Python, not Rust, not Go.
It is a provable-computation DSL that requires understanding execution traces, memory cells,
and hint mechanisms. H33 exposes a standard REST API — one
POSTendpoint, JSON in, JSON out. - No FHE layer. StarkWare provides zero-knowledge proofs but not fully homomorphic encryption. For biometric authentication, you need to compute on encrypted templates without ever decrypting them. STARKs prove that a computation happened correctly, but they do not enable computation on encrypted data. H33's BFV engine processes 32 encrypted biometric templates in 967µs per batch.
- No biometric pipeline. StarkWare has no enrollment flow, no template storage, no match-score computation, and no liveness detection integration. Building a biometric authentication system on Starknet would require writing the entire pipeline in Cairo from scratch — an effort measured in engineering years, not sprints.
- No post-quantum signatures. While STARKs themselves are post-quantum (hash-based, no elliptic curves), StarkWare's broader ecosystem does not include CRYSTALS-Dilithium signatures or CRYSTALS-Kyber key exchange. H33 ships NIST FIPS 203 (ML-KEM) and FIPS 204 (ML-DSA) compliant post-quantum primitives in every API call.
- On-chain verification costs gas. Every STARK proof verified on Ethereum consumes gas. Even with EIP-4844 blob transactions and the cost reductions of Dencun, each verification carries a variable cost tied to Ethereum network congestion. Enterprise auth systems need predictable, fixed-cost operations — not gas-market exposure.
H33's Approach: ZKP Without a Blockchain
H33 uses STARK-derived proofs in its verification layer, but the architecture looks nothing like a blockchain rollup. There is no on-chain settlement, no gas fees, no consensus mechanism, and no Cairo. The entire pipeline runs in-process on a single API server.
A single authentication call flows through three stages, all within one HTTP request:
- FHE Batch (BFV) — 32 biometric templates are SIMD-packed into one ciphertext. A single encrypted inner product computes all 32 match scores in 967µs. The NTT engine uses Montgomery multiplication with Harvey lazy reduction, radix-4 butterflies, and NEON-accelerated Galois rotations on ARM.
- ZKP Verification — An in-process DashMap retrieves the cached STARK proof for the batch in 0.062µs. No network call, no serialization overhead, no blockchain transaction. The proof verifies that the FHE computation was performed correctly without revealing biometric data.
- Post-Quantum Attestation — A single CRYSTALS-Dilithium sign-and-verify cycle produces an unforgeable, quantum-resistant attestation in 191µs. One signature covers all 32 users in the batch.
Total batch latency: ~1,160µs for 32 users. Per-authentication cost: ~36µs. Sustained throughput on a single Graviton4 instance (c8g.metal-48xl, 96 workers): 1,714,496 auth/sec over 120 seconds, with a 30-second peak of 2,154,351 auth/sec. No blockchain involved at any stage.
H33's cryptographic stack is backed by 2,227 tests covering BFV, CKKS, NTT, Dilithium, Kyber, ZKP, biometric enrollment, batch verification, and edge cases. 108 patent claims are pending across the FHE, ZKP, and post-quantum signature pipeline. NIST FIPS 203 (ML-KEM) and FIPS 204 (ML-DSA) compliant.
Head-to-Head Comparison
| Metric | H33 | StarkWare |
|---|---|---|
| ZKP Lookup / Proof Gen | 0.062µs (in-process DashMap cache) | Seconds to minutes (full STARK proving) |
| Blockchain Required | No — standalone API, zero chain dependency | Yes — Ethereum L1/L2 for proof verification |
| Post-Quantum | Full stack: FHE (lattice), ZKP (SHA3-256), Dilithium (ML-DSA), Kyber (ML-KEM) | STARKs are PQ (hash-based); broader ecosystem is not |
| FHE Support | BFV + CKKS, 32-user SIMD batching, 967µs per batch | None |
| Biometric Pipeline | Encrypted enrollment, matching, verification in one API call | None — would require custom Cairo circuits |
| Developer Integration | REST API — one POST endpoint, JSON in/out | Cairo DSL (custom language) + Ethereum tooling |
| Sustained Throughput | 2.15M auth/sec peak, 1.71M sustained (Graviton4) | Bounded by Ethereum block time and gas limits |
| Verification Cost | Fixed compute cost per API call (no gas fees) | Variable Ethereum gas fees per proof verification |
This table is not meant to diminish StarkWare. These two systems solve fundamentally different problems. StarkWare compresses thousands of blockchain transactions into a single proof to reduce gas costs on Ethereum. H33 authenticates millions of users per second with post-quantum guarantees and zero blockchain involvement. The overlap is in the underlying mathematical primitives — not in the use case, architecture, or deployment model.
When to Use Each
Choose StarkWare when:
- You are building on Ethereum and need to reduce transaction costs through Layer 2 rollups. StarkEx and Starknet are battle-tested for this.
- You need provable computation for on-chain DeFi, NFT minting, or decentralized exchange order matching — use cases where Ethereum settlement is the entire point.
- You are comfortable with Cairo and want to write verifiable programs that produce STARK proofs for on-chain submission.
- Your verification cadence is measured in blocks (seconds to minutes), not microseconds. Blockchain applications tolerate proof generation latency because consensus is the real bottleneck.
Choose H33 when:
- You need enterprise biometric authentication at scale without any blockchain dependency — banks, hospitals, government agencies, workforce identity systems.
- Sub-millisecond latency is a hard requirement. H33 completes the full FHE + ZKP + Dilithium pipeline in 36µs per user — faster than a network round-trip, let alone a blockchain confirmation.
- Post-quantum security must span the entire stack, not just the proof system. H33 delivers lattice-based FHE, hash-based ZKP, and NIST-standardized Dilithium signatures and Kyber key exchange in every API call.
- Your compliance posture requires deterministic costs, on-premise deployment options, and no dependency on public blockchain infrastructure.
- You want a single API call instead of a custom proving pipeline — no Cairo, no execution traces, no on-chain verifier contracts.
Eli Ben-Sasson and the StarkWare team invented STARKs. That contribution to cryptography is permanent and important. Transparent setup, post-quantum hash-based proofs, and scalable verification changed the field. The argument here is not that StarkWare is wrong — it is that blockchain scaling and enterprise authentication are different problems requiring different architectures. H33 was built for the second one.
Try It Yourself
H33's authentication API is live today. A single POST to the
H33 API runs the full FHE + ZKP + Dilithium pipeline in under
36µs per user. No blockchain, no Cairo, no gas fees. Just post-quantum
authentication at 2.15 million verifications per second.