ZK/SEC Quarterly

Security Research & Advanced Cryptography

October - December 2023

2 articles in this issue
Older July - September 2023 Newer January - March 2024
Featured
ZK/SEC November 07, 2023 22 min read

Public Report of Sui's zkLogin Audit

security zk

We just finished an audit of the Sui Foundation's zkLogin application and we're sharing what we found: the code is well-documented, tested, and specified. The zkLogin is set to make user authentication on the blockchain secure but simple, replacing cryptographic keys with familiar SSO methods like Google or Facebook while preserving user privacy. We also dive into the technical details behind JWT verification, non-native arithmetic for RSA, and vector programming. Plus, learn about the trusted setup process for zkLogin, ensuring maximum security through a decentralized multi-party ceremony. If you're curious about the intricate mechanics behind zkLogin, this is a must-read.

Read →
ZK/SEC October 02, 2023 4 min read

Public Report of Reclaim Protocol's ChaCha20 Circuit

security zk audit

We audited Reclaim protocol's ChaCha20 circuits, diving deep into bit-level operations for a secure and efficient design. After a few iterations, we switched from a word-based to a bit-focused circuit approach, achieving a 10% enhancement in performance and size. We used Circom for implementation, with a focus on Groth16 system constraints. Our findings led Reclaim to revamp their strategy, honing in on bitwise logic for an effective flow without costly re-encodings. Curious about the technical journey and the final audit insights? We’ve got the details covered!

Read →
Older July - September 2023 Newer January - March 2024