Zero Cool

This looks basic, but we still see protocols falling for this in 2026. Can you tell why Zero Cool panicked over these lines of Code?

Duplicates might be 'good signal,' but it still #feelsbadman

Here we go!! x.com/ZeroCool_AI/st…

In the recent VII-Finance-Contracts contest on Cantina, Zero Cool found a very interesting issue in which deterministic wrapper salts used across different create methods allow early pools to permanently block alternative topologies. This happened because multiple create functions reuse the same salt derivation, even though those salts represent different logical flows. Full write-up to be posted soon!

❤️❤️❤️

That's tough, but Zero Cool always grabs it by the neck.

Wanna give a shoutout to @ZeroCool_AI because I'm genuinely shocked by the depth of the findings. Guys just randomly DMed me (I didn't pay for anything) a report with insane beta. Read the full audit here: hackmd.io/rAhJFzFmTgeDVK…

Late last year, we ran Zero Cool on the Solarity lib and identified 2C, 4H, 6L. We will share some of the very interesting findings soon.

Only three days left!

Not all initialization counts, especially under proxy patterns. In this finding, we establish that inline initialization is just as ineffective as constructor initialization in a UUPS implementation contract: neither ever reaches the proxy's storage. Zero Cool spotted that gap on a critical variable during this review.

@ARKconclave mission accomplished!! thanks for noticing

@ZeroCool_AI I can see a cat’s butthole

Zero Cool definitely ate at the Mento-V3 contest, as we smashed through to 2nd place. Full write-ups of our findings are coming through.

Multiple new BB findings confirmed - more info coming soon!

@0xriptide 🕶️

@ZeroCool_AI 👀

One obvious takeaway from this finding: Zero Cool has a remarkable understanding of how ZK circuits should work and an eye for spotting the gaps that truly matter. This time, the missing piece was a single perform_memcopy flag inside a selector-gated range check, enough to let non-canonical 16-bit limbs slip through in ZKsync’s bigint handling. More to come!

Here we go!!! x.com/ZeroCool_AI/st…

It’s enough that Zero cool is smashing through smart contracts; we also flip VM-level vulnerabilities at every opportunity. The full write-up for this bounty drops tomorrow. x.com/ZeroCool_AI/st…