Featured
Giorgio Dell'Immagine
September 24, 2024
10 min read
announcement
security
zk
zkvm
Last weekend, we had a blast crafting challenges for a CTF event at the MOCA Italian hacker camp. One cryptography challenge, "2+2=5," involved the Jolt zkVM and a RISC-V program. In this post, we share the ins and outs of the challenge, the clever use of a modified Jolt library, and how we managed to prove an invalid execution without triggering verification alarms. Get ready to dive into the world of Jolt and pick up some nifty insights on exploiting cryptographic systems like a true hacker.
Read →
ZK/SEC
September 02, 2024
1 min read
announcement
security
zk
We recently had the thrill of judging the latest zkHack competition in Montreal, where developers, researchers, and enthusiasts dove into the world of zero-knowledge proofs and privacy tech. The projects were incredibly innovative, featuring creative applications like ZK breathalyzers and ZK & GPS solutions. Check out the exciting results and insights from this year's event—you won't want to miss what these brilliant minds are bringing to the table!
Read →
Stefanos Chaliasos, Chenyang Yu
August 09, 2024
3 min read
announcement
security
zk
Check out our latest blog post where we dive into the world of Zero-Knowledge Proof (ZKP) vulnerabilities, sharing our insights from replicating known ZK circuit weaknesses. We’ve launched a GitHub repo with detailed scripts to help you understand, reproduce, and learn from these vulnerabilities. Discover how this hands-on approach aids in grasping attack vectors, testing fixes, and enriching educational resources. Whether you're a researcher or a developer, this post is packed with info to enhance your knowledge and skills in ZKP security. Plus, find out how you can contribute to expanding this invaluable resource!
Read →
ZK/SEC
August 08, 2024
8 min read
announcement
tools
zk
We're excited to introduce the preview of noname 2.0, packed with features that make developing advanced ZK circuits easier than ever. This update includes flexible generic-sized arrays, seamless integration with folding schemes for IVC, and an interactive online playground to test and share code. We've also optimized R1CS constraint generation to boost performance. Plus, there are numerous community-driven enhancements and bug fixes that make the language more robust and user-friendly. Dive in to explore the specifics of our journey, learn from the contributions of our vibrant open-source community, and see how noname is evolving into a more versatile tool for developers.
Read →
Suneal Gong
August 07, 2024
10 min read
security
zk
audit
aleo
In this blog post, we dive into Aleo, a blockchain platform that leverages zero-knowledge cryptography for creating private and scalable decentralized applications. You'll discover how Leo, its Rust-like programming language, simplifies app development by allowing developers to focus on robust privacy features without delving deep into cryptographic complexities. We also explore Leo's unique design, offering practical tips on avoiding common pitfalls and potential vulnerabilities like underflows and unauthorized access. Whether you're a developer curious about building privacy-focused solutions or just intrigued by blockchain innovation, you'll find valuable insights here.
Read →
Jason Park
August 06, 2024
4 min read
tools
zk
We've been teaming up with StarkWare to create the EVM adapter, and we're thrilled to say that we've recently verified Cairo proofs on the Ethereum mainnet! Building on the work of Andrew Milson and Aditya Bisht, we're making StarkWare’s technology more accessible to everyone. Our blog dives into how Cairo programs are verified on Ethereum and showcases our new library, `stark-evm-adapter`, which helps parse Cairo proofs for Ethereum. Interested in seeing how it works? Check out our demo and learn how to integrate this tech into your system. Plus, stay tuned for future updates as we refine and expand this exciting tool!
Read →
ZK/SEC
August 05, 2024
1 min read
educative
consensus
formal-verification
We’ve teamed up with Matter Labs and Sigma Zero to dive deep into the security of Byzantine Fault Tolerant (BFT) consensus protocols. In our new paper, we explore real-world vulnerabilities found in BFT systems, including popular algorithms like BA*, HotStuff, and Paxos. You'll discover insights into subtle bugs, cryptographic issues, and the challenges of translating theoretical models into secure, working code. Whether you’re designing or implementing these protocols, our findings offer valuable lessons and strategies for creating more secure and reliable distributed systems. Check it out—it’s a must-read for anyone working with BFT!
Read →
ZK/SEC
July 22, 2024
1 min read
security
zk
MPC
audit
We recently had the pleasure of auditing Renegade's circuits and smart contracts, and it was a great experience. Over three weeks, our team explored their top-notch code and documentation, with the Renegade team providing awesome support throughout. Curious how it all went? Dive into our full report for the inside scoop!
Read →