How Does Starknet Work?

L2|Risk C+|9 mechanisms|6 interactions

An Ethereum Layer 2 that uses zero-knowledge STARK proofs for security and a custom programming language called Cairo. It holds $716M in deposits with $287M in funding. Its C grade reflects repeated sequencer outages, a non-standard codebase with limited security auditors, and a single company controlling transaction processing.

TVL

$234M

Sector

L2

Risk Grade

C+

Value Grade

C

Core Mechanisms

Rollup/ZK Rollup/Validity Rollup

STARK-based validity rollup using recursive proofs for Ethereum L1 verification

Uses STARK proofs (no trusted setup) for validity verification. STARKs are larger but offer quantum resistance and transparent setup.

Rollup/Execution/Cairo VM

Novel

Custom Cairo VM execution environment purpose-built for STARK proof efficiency

Cairo is a non-EVM language designed for maximum STARK efficiency. Requires specialized developer tooling and auditor expertise, limiting security review availability.

Rollup/Sequencer/Centralized Sequencer

Single StarkWare-operated sequencer with planned decentralization roadmap

Centralized sequencer has experienced multiple outages. No permissionless fallback mechanism currently deployed.

Rollup/Proving/Recursive STARK Proofs

Novel

Recursive proof aggregation allowing multiple blocks to be verified in a single L1 transaction

SHARP (SHARed Prover) aggregates proofs across multiple applications. Reduces per-transaction verification cost but creates shared prover dependency.

Governance/Token/STRK Governance

STRK token used for governance, staking, and gas fees with 50% supply unlocked

Multi-purpose token with significant unlock schedule remaining. Staking mechanism introduces new economic dynamics.

Bridge/Canonical/StarkGate

Canonical bridge with STARK-proven message passing between L1 and Starknet

Bridge security inherits from STARK proof validity. Withdrawal delays depend on proof generation and L1 finalization.

Account/Native Account Abstraction

Novel

Native account abstraction where all accounts are smart contracts with customizable validation

All Starknet accounts are smart contracts by default, enabling flexible signature schemes and gas abstractions. Novel approach but increases contract-level attack surface.

Rollup/Data Availability/On-chain DA

State diffs posted to Ethereum L1 with optional Volition mode for off-chain DA

Volition allows per-transaction DA choice. Off-chain DA mode reduces costs but weakens data availability guarantees.

Token Supply/Vesting/Scheduled Unlock

10B total STRK supply with approximately 50% unlocked, ongoing monthly unlocks

Continuous unlock schedule creates persistent sell pressure. Large remaining locked supply from early investors and team.

How the Pieces Interact

Centralized sequencerSTARK proof generationHigh

Sequencer outages halt both transaction processing and proof generation simultaneously. January 2026 incident caused 18 minutes of block reversions, demonstrating that sequencer failure cascades to proof layer.

Cairo VMSmart contract securityHigh

Non-EVM execution environment limits the pool of qualified auditors and security researchers. Cairo-specific bugs may go undetected longer than Solidity vulnerabilities due to smaller review community.

SHARP shared proverExternal RPC dependenciesHigh

Shared prover depends on external Ethereum RPC providers. RPC failures during the January 2026 outage exposed this dependency, potentially affecting all applications sharing the prover.

Native account abstractionCairo smart contract accountsMedium

All accounts being smart contracts increases the attack surface for account-level exploits. Custom validation logic in Cairo adds complexity that could lead to novel authorization bypass vectors.

Volition DA modeBridge withdrawalsMedium

Transactions using off-chain DA in Volition mode have weaker availability guarantees. If off-chain DA provider fails, state needed for withdrawal proofs may become temporarily unavailable.

See all 6 interactions in the full risk report →

What Could Go Wrong

  1. Repeated sequencer outages (Sep 2025, Jan 2026) expose fragile liveness with 18 minutes of reverted blocks
  2. Cairo VM is a non-EVM execution environment requiring entirely new tooling and audit expertise
  3. Centralized sequencer with no permissionless fallback creates single point of failure for transaction inclusion

Sequencer-Prover Cascading Outage

Moderate

Trigger: Centralized sequencer experiences extended outage exceeding 4 hours due to external RPC dependency failure (as in January 2026 incident), halting both transaction processing and STARK proof generation

  1. 1.External Ethereum RPC provider used by SHARP prover experiences downtime STARK proof generation halts; unfinalized blocks accumulate
  2. 2.Sequencer attempts recovery but generates blocks that cannot be proven Block reversions occur (as in January 2026: 18 minutes of reverted blocks)
  3. 3.DeFi protocols on Starknet freeze as transaction processing halts Liquidation engines, oracle updates, and position management stop; debt positions become unmanageable
  4. 4.StarkGate bridge withdrawals become impossible without proof finalization Users cannot exit to L1; funds are locked on L2 for the duration of the outage
  5. 5.Extended outage causes DeFi positions to accrue bad debt or miss margin calls Lending protocols face insolvency risk; traders suffer unintended liquidations when sequencer resumes
See all 2 collapse scenarios in the full risk report →

Risk Profile at a Glance

Mechanism Novelty8/15
Interaction Severity8/20
Oracle Surface0/10
Documentation Gaps3/10
Track Record7/15
Scale Exposure5/10
Regulatory Risk2/10
Vitality Risk8/10
C+

Overall: C+ (41/100)

Lower score = safer

More on Starknet

Is Starknet Safe?

Safety analysis

Is Starknet a Good Investment?

Value analysis

Full Risk Report

All mechanisms & interactions

Related L2 Explainers

How Does MegaETH Work?CHow Does BOB (Build on Bitcoin) Work?CHow Does Fuel Network Work?CHow Does Blast Work?CHow Does Movement Work?C