Stefanos Chaliasos

Excited to share our latest work on ZKPs security: "SoK: What don’t we know? Understanding Security Vulnerabilities in SNARKs" (w/ @0xSerious, @infosecual, @cryptodavidw, @MMJahanara, @convoluted_code). URL: arxiv.org/pdf/2402.15293…

Confidential Assets v1.1 is now open-source: the first Move smart contract that lets you confidentially transfer your assets from your encrypted balance. Here's what it does 🧵👇 github.com/aptos-labs/apt…

overdue, feels like "we forgot you all these years sry" rwc.iacr.org/LevchinPrize/

@cryptodavidw Do you want to buy a car??

Why can't I buy a BYD car in the US

Read our Blog on the two ZK exploits that happened this week. If I'm not wrong, those were the first exploits of zk protocols. blog.zksecurity.xyz/posts/groth16-…

The first two known exploits against live ZK circuits just happened, and they weren't subtle underconstrained bugs. They were Groth16 verifiers deployed without completing the trusted setup ceremony. One was white-hat rescued for ~$1.5M, the other drained for 5 ETH. 🧵

@Elliot0x @FOOMCASH @_SEAL_Org x.com/foomcash/statu…

You can't even make the eth security stuff up it's so absurd. The @FOOMCASH hacker publicly posts in the EthSecurity telegram defending themselves and asking @_SEAL_Org to get involved in negotiating their defense.

@moo9000 Publishing a blog post tomorrow, but this wasn't a deep cryptography bug. This was not following a quick start guide thoroughly (with a bit of a conducted API, to be frank)

Zero knowledge opens a new class of bugs. I'd recommend you not to tip toes into it unless you have serious cryptographic expertise.

Not a blackhat exploit :D The bug is really sad though, will share a blog later

Is this the first blackhat ZK exploit?

@0xalpo @paradigm @OpenAI @code4rena What puzzles me about agents on public datasets is not that the bug could be in the training dataset (I think that is fine), but the case where the agent does web searches and finds the bug report. Did you handle that? I feel turning off websearches is very restrictive

new collab from @paradigm and @OpenAI: evmbench is a benchmark and agent harness for exploiting smart contract bugs a few months ago, the best models found <20% of critical, fund-draining @Code4rena bugs in our benchmark. today they find > 70%

Geth's pure-go secp256k1, btcec and dcrec all have the same bug in the addition function, it doesn't dispatch to doubling when equal points have different unreduced (bigint) coordinates. Unreported and unfixed. Old bugs and nobody noticed before. Co-Authored-By: libFuzzer.a

@lonelysloth_sec @hrkrshnn Do they mention in the paper whether web search is permitted or not, or if it is constrained in some way? Anecdotally, in similar experiments, I noticed the agents looking for the audit of the bug and then claiming they found it themselves

While the benchmark is interesting I think it’s essentially useless in practice. It’s based on publicly disclosed vulnerabilities which were likely in the training set of models. It’s a very easy test. We’d need something more like ARC-AGI semi private. But that isn’t easy at all to create.

If you are curious about this direction and want to integrate our autonomous bug hunter that has found live critical issues putting over $25B at risk, reach out using the link below or in DMs.

@YourBuddyConner @VictorTaelin claude.com/plugins/ralph-…

@VictorTaelin Dude I was literally raging about this exact thing this morning, I feel like Claude gets me but gives up and I feel like Codex doesnt get me at all and will spin for an hour writing something I didnt even want.

The two facets of 5.3: - it will NOT introduce bugs - it will NOT understand your intent Always expect the dumbest interpretation of anything you write. It doesn't struggle to write right code, it struggles to write *the* right code. It is the most facepalmeable model on Earth.

@RAILGUN_Project Where is this figure from? Can you share the raw data?

More volume = more privacy

Google recently released a report on using Gemini in academic research. Turns out one of the case studies concerns a recent SNARG paper! It found a bug that humans had missed so far! 👇🏼is our summary of what happened and a reflection on using LLMs in paper reviews and audits

AI vulnerability research is non-deterministic. The same model looking at the same code won't take the same reasoning path every time. Some paths find nothing. Some paths find the bug. A single scan is a coin flip. But what if you keep flipping? Introducing zkao.

We just announced zkao, been working on it for the last few months full time, it's our response to "auditors might go extinct in a few years". After all, if we do go extinct, might as well be part of the problem. Let's be reassuring though, the tool is not here yet. As we wrote in the past, we test it after every audit, and it constantly doesn't find (important) bugs we find in audits, and sometimes find really good bugs BUT thinks they're not impactful. Every time we try to fix that to improve the tool :) It's been getting better and better so quickly! It also finds a lot of false positives, and this is where we think we can bring a lot of value: we're not just another per-PR/commit review bot, we are trying to only surface important bugs that we can confirm. This is an uphill battle from our side BUT we firmly believe this is how we provide true value to developers (instead of having them click through warnings). Anyway, the tool is going to get better every week, because we will improve it, or because the models will get better. It's truly amazing to work on a product that improves for free due to research from the big LLMs :D We're focusing on Circom for now, and we're onboarding early-access users. If you're interested in trying the tool, let me know!

We formalized FRI soundness in Lean, using @HarmonicMath and Claude Code. - FRI analysis by @nico_mnbl and collaborators - turned into a Lean proof by @pirapira 🔥

@nethoxa Is there any way that, with the noir fuzzer, you can then get the constraints of the generated program in any format? Similar to how we get R1CS constraints in Circom

I just published some of the work I have been doing at the EF, including: - Transaction fuzzer and Noir fuzzer (having found lots of bugs 😉) - Blazingly fast structure-aware-fuzzing framework github.com/protocol-secur…

Amazing blogpost outline potential attack vectors for zkEVMs