ZK/SEC Quarterly

Back to all posts

Archetype X zkSecurity - Proof Is in the Pudding: the Other Dark Forest (Offchain Public Keys)

ZK/SEC October 21, 2025 2 min read
educative zk

pudding 7

For the 7th session of Proof is in the Pudding, we teamed up with Archetype to explore the fascinating realm of offchain public keys—what we call "the other dark forest."

In this session, we examined how protocols like zkLogin, ZK Email, and ZKPassport handle authentication using offchain cryptographic keys. We explored the fundamental challenge of unlinkability in privacy-preserving protocols and discussed how replacing traditional signature verifications with zero-knowledge proofs can enable more powerful and interesting ZK applications.

We covered:

This session provides a comprehensive look at how zero-knowledge proofs are transforming authentication and identity systems by enabling privacy-preserving verification of offchain credentials.

If you enjoy this video, check out our previous episodes:

zkSecurity offers auditing, research, and development services for cryptographic systems including zero-knowledge proofs, MPCs, FHE, and consensus protocols.

Learn more →

Share This Article

Latest Posts

New Challenge Alert: Complete Both to Join zkSecurity

ZK/SEC December 01, 2025

Think you have what it takes to join zkSecurity? We're raising the bar with a second challenge! Now candidates must complete both zkBank and our new Curve Machine challenge to prove their skills across the full spectrum of ZK security. Are you ready to take on both challenges?

Learn Sumcheck, MLE, and HyperPlonk: an Interactive Tutorial with SageMath

Marco Gaglianese November 22, 2025
educative zk sumcheck hyperplonk sagemath

A new interactive tutorial on Sumcheck, Multilinear Extensions, and HyperPlonk with complete SageMath implementations and exercises. Go beyond the theory and understand how these protocols actually work by implementing them yourself.

Faster Sumchecks: Part I

Jason Park November 21, 2025
educative zk sumcheck

In this blog post, we explore how to optimize the sumcheck protocol, particularly when working with values in a small field and randomness from a large field, as often needed in zkVMs. We introduce various algorithms aimed at reducing expensive operations, focusing on minimizing large multiplications. Starting from using simple evaluation tables to more sophisticated techniques like precomputing accumulators and leveraging Lagrange interpolation, we demonstrate how to efficiently organize computations to speed up proving times. Readers will gain insights into handling arithmetic operations within the sumcheck protocol and learn about optimizing specific cases in zero-knowledge proofs.

Recommended Reading

Archetype X zkSecurity (Whiteboard Session) - Proof Is in the Pudding: How to Prove False Statements

ZK/SEC February 25, 2025
educative security zk gkr

In our third whiteboard session with Archetype, we dive into the fascinating world of cryptographic protocols by breaking down the intricacies of the Fiat-Shamir security model and the GKR protocol. Whether you're a cryptography enthusiast or just curious about how these complex mechanisms enhance security, this is a chance to explore the theories with us in a friendly and digestible way. Don't miss the opportunity to expand your understanding of this cutting-edge topic!

Public Report of Reclaim Protocol's ChaCha20 Circuit

ZK/SEC October 02, 2023
security zk audit

We audited Reclaim protocol's ChaCha20 circuits, diving deep into bit-level operations for a secure and efficient design. After a few iterations, we switched from a word-based to a bit-focused circuit approach, achieving a 10% enhancement in performance and size. We used Circom for implementation, with a focus on Groth16 system constraints. Our findings led Reclaim to revamp their strategy, honing in on bitwise logic for an effective flow without costly re-encodings. Curious about the technical journey and the final audit insights? We’ve got the details covered!

Renegade Audit: When ZK Meets MPC

ZK/SEC July 22, 2024
security zk MPC audit

We recently had the pleasure of auditing Renegade's circuits and smart contracts, and it was a great experience. Over three weeks, our team explored their top-notch code and documentation, with the Renegade team providing awesome support throughout. Curious how it all went? Dive into our full report for the inside scoop!

More to Explore

Unfolding the Bulletproofs Magic: a SageMath Deep Dive

teddav October 27, 2025
educative zk ipa bulletproofs

In this post, we dive deep into the Inner Product Argument (IPA), the mathematical core of Bulletproofs. Starting from simple vector folding, we build up to a full zero-knowledge proof with Pedersen commitments, explore how the mysterious `L` and `R` terms appear, and finish with smart verifier optimizations. All illustrated with clear, runnable SageMath code.

Common Circom Pitfalls and How to Dodge Them — Part 2

Marco Besier November 10, 2025
educative security zk tools circom

This post is the second part of our series on Circom pitfalls. While part 1 covered issues with assertions, hints, and aliasing, this one explores unsafe component usage and the subtle fact that Circom’s comparison operators work over signed integers.

Public Report of Aleo's Consensus (Bullshark)

ZK/SEC January 02, 2024
security consensus zk audit aleo

We recently audited Aleo's blockchain consensus and found it to be impressively well-documented and high-quality. Our collaboration with Aleo's cooperative team helped us uncover several key issues, and the insights from this audit were well-received. In the blog, we dive into Aleo's Bullshark consensus protocol, explaining its step-by-step process and unique pipelining techniques. We also explore how leaders ensure commitments in even rounds and discuss essential aspects like quorum intersection and garbage collection. Whether you're a blockchain enthusiast or just curious about cutting-edge consensus protocols, this post has got some fascinating details to offer!
View all articles