Public report of Reclaim protocol's ChaCha20 circuit

We have audited the ChaCha20 circuits of the Reclaim protocol. You can find the report here as well as Reclaim’s own announcement here. Through two audit iterations, it became evident that the word-based circuit approach still posed challenges, as several bit-level operations could not be efficiently constrained. This realization led us to revisit the initial individual-bits approach, optimize it, and undergo the audit for the third, final, time. The outcome of this comprehensive audit was a significant performance improvement.

→ Read more
Watch what we have to say about ZK security in the Node Guardians season 2 episode 1

Check out the latest episode of Node Guardians to see our cofounder David Wong talk about ZK security and the future of ZK with Sam. In this episode, David discusses the different workflows that can be used for blockchain auditing, the importance of math in auditing, and the scope of work that blockchain auditors typically perform. He also talks about the challenges of working in different contexts, how vulnerabilities are rated, and the usefulness of formal verification.

→ Read more
Listen to us on the latest episode of zeroknowledge.fm

Our cofounder David Wong was this week’s guest on the zk podcast. Listen to him talk about crypto and zksecurity here. This week, Anna and Guillermo chat with David Wong, author of the Real-World Cryptography book, and a cofounder zksecurity.xyz – an auditing firm focused on Zero Knowledge technology. They chat about what first got him interested in cryptography, his early work as a security consultant, his work on the Facebook crypto project and the Mina project, zksecurity.

→ Read more
zkSecurity partners with ZPrize to make you win hundreds of thousands of dollars!

There’s one big competition in ZK, and it is called ZPrize. Every year, ZPrize rewards contestants who come up with the most performant implementations for a series of challenges. The goal is to push the limits of what’s possible with ZK, and to make sure that the best implementations are open-source and available to everyone. This year, zkSecurity is proud to announce it’ll play the role of one of the three external architects for the competition, hosting the High Throughput Signature Verification ZPrize category.

→ Read more
You like Circom but you find it confusing? Introducing Circomscribe

If you’ve been working in the field of zero-knowledge in the last few years you must have heard of Circom, a tool to write zero-knowledge applications in the form of circuits. Many projects have used Circom, that is the least one could say, as perhaps most ZK projects that have been built as smart contracts directly on Ethereum have been built using Circom; the most infamous project probably being TornadoCash.

→ Read more
Detecting boomerang values in zero-knowledge circuits using tag analysis

zkApps (zero-knowledge applications) are meant to be provable translations of computer programs. That is, they should behave like the computer programs they are intending to represent, while also providing proofs of correct execution that can accompany program outputs. But as we’ve talked about before, translating programs into provable programs is not a straight forward process. To prove executions, zkApps attempt to “witness” all the important parts of an execution trace. They seek to assert every nook and corner specified (explicitly or implicitly) in the original application.

→ Read more
Public report of auditing Penumbra's circuits

We have audited Penumbra’s main circuits, and published a report of the findings. You can read about it on Penumbra’s blog post here, or read the report directly here. Of those 8 issues found, the Penumbra Labs team considered the two highest impact bugs to be the “double spend” and “double vote” bugs (rated high by zkSecurity, see report items #0 and #1), each with clear paths to exploitation. As of time of publication, the Penumbra Labs team has resolved all issues higher than “informational” identified by either of the audit teams, and confirmed these fixes by subsequent follow-up review with both original audit performers.

→ Read more
The zero-knowledge attack of the year might just have happened, or how Nova got broken

Last week, a strange paper (by Wilson Nguyen et al.) came out: Revisiting the Nova Proof System on a Cycle of Curves. Its benign title might have escaped the attention of many, but within its pages lied one of the most impressive and devastating attack on a zero-knowledge proof (ZKP) system that we’ve ever seen. As the purpose of a ZKP system is to create a cryptographic proof certifying the result of a computation, the paper demonstrated a false computation result accompanied with a valid proof.

→ Read more
noname: ZK app developers should be able to see down to the constraints

As we’ve explained before, zero-knowledge apps (or ZK apps) will come in two different shapes: VM instructions and arithmetic circuits. VM instructions should sound familiar. Reading them is like reading assembly, and they’re a level of abstraction higher than arithmetic circuits (as pointed out by this post). Whatever they’re writing, real programmers need to see what their programs compile down to (according to John Carmack). That’s how you find unoptimized bits as a low-level code monkey, but it’s also how you find some security issues and bugs.

→ Read more
wasmati: You should write your WebAssembly in TypeScript

If you know about WebAssembly or Wasm, you might have heard a few different pitches for why you need it: It’s a low level language for the web. So, it’s faster than JS. Use it to speed up things. It’s a build target. As such, it enables you to use languages other than JS on the web. You could write a web library in Rust or Go! You actually don’t use it on the web, but on the backend!

→ Read more
← Previous
1 2 3 4 5 6 7
Next →