[D] The engineering overhead of Verifiable ML: Why GKR + Hyrax for on-device ZK-ML?

The engineering challenge of verifiable machine learning (ZK-ML) moves beyond simple local inference to proving a model's output was generated correctly without revealing the input data. Tools for Humanity, the team behind Worldcoin, has open-sourced its 'Remainder' prover system, which tackles this by employing a GKR (Goldwasser-Kalai-Rothblum) + Hyrax-based proof system. This choice represents a critical engineering trade-off, prioritizing prover time efficiency to work within mobile hardware constraints, a significant hurdle for decentralized applications like 'Proof of Personhood' that require client-side verification.

Most ZK-ML implementations using frameworks like Plonky2 or Halo2 struggle with the immense circuit depth of neural networks. While GKR is theoretically 'doubly-efficient,' its practical implementation on consumer mobile GPUs is notoriously difficult. The Remainder prover shifts the paradigm: instead of relying on trusted hardware (like Worldcoin's Orb sensors), trust is placed in the mathematical integrity of the zero-knowledge proof generated on the device. This production-ready system handling ML layers locally sets a new benchmark, but questions remain about whether prover overhead is low enough for real-time apps or if we're still pushing the limits of mobile GPU capabilities for ZK-proof generation.