0xparc / zk-bug-tracker Goto Github PK
View Code? Open in Web Editor NEWA community-maintained collection of bugs, vulnerabilities, and exploits in apps using ZK crypto.
License: MIT License
A community-maintained collection of bugs, vulnerabilities, and exploits in apps using ZK crypto.
License: MIT License
Great project, thank you!
I dont think these are listed (found while preparing my talks on ZKP security by asking friends and "doing my own research"):
Missing overflow check of a nullifier
a16z/zkdrops#2
Overflow again
ethereum-oasis-op/baseline#34
Field element inverse property not enforced
arkworks-rs/r1cs-std#70
Missing public input -> replay
https://starli.medium.com/filecoin-one-porep-vulnerability-found-by-trapdoor-tech-7fc7beb4557b
Timing attacks
https://eprint.iacr.org/2020/627.pdf
Missing (randomized) blinding to hide private inputs โ not clear if really exploitable though
dusk-network/plonk#651
This one turned out to be non-exploitable (as clarified privately by the StarkWare team), but a similar behavior may be a problem in some cases
starkware-libs/cairo-lang#39
There are some other interesting ZK circuit bug types I've seen (concrete cases cant be disclosed yet):
Failing to enforce that a given constant is effectively the said constant value.
Failing to enforce constraints of correct padding in hash functions.
Failing to enforce soundness of a tree's structure or size.
Leakage on the witness from the proof's size.
Hope this helps, feel free to only include what you think is the most relevant/original.
Hi, thanks for making this resource!
I noticed one of the explanations ends in the middle of the sentence at the word 'prevent'
Lines 144 to 146 in 8ad1386
https://medium.com/veridise/circom-pairing-a-million-dollar-zk-bug-caught-early-c5624b278f25
should be in the category of under-constrained circuits
Just came across this bug tracker, very cool :)
I found a bug in the Polygon zkEVM which allows a malicious prover to return "0" when reading any storage slot (and possibly also exploit other CRUD operations). Sounds like it fits in well here! All the details are in the blog post.
The original Plonk paper's implementation section was missing randomization for some of the polynomials.
The detailed description of the bug can be found here - https://twitter.com/rel_Aztec/status/1542474186664210432
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.