Token Radar
Token Radar
Markets
Top 100
Growth leaders
Leaders of fall
Blockchains
Tags
Crypto data
News
Exchanges
Funds
ICO/IDO
Tools
Converter
BTC Unit converter
ETH Unit converter
Cryptocurrency news

Veridise: Critical errors are twice as likely to be detected in zero-knowledge protocols

Bits.media / 22.07.2024 / 12:27
Veridise: Critical errors are twice as likely to be detected in zero-knowledge protocols
Veridise, a company working in the field of blockchain security, reported that when auditing zero-disclosure (ZK) projects, critical problems are identified twice as often as in conventional protocols.

ZK protocols are becoming popular due to increased privacy and scalability of transactions on the blockchain. They allow one party to prove to the other that the statement is true, without disclosing information.

During the last 100 checks, Veridise analyzed 1,605 discovered vulnerabilities. On average, the researchers managed to find about 16 problems per check, while the average audit rates of protocols using ZK are slightly higher — about 18 problems. 55% (11 out of 20) of the audits of the ZK protocols contained a critical problem, whereas during the checks of smart contracts, wallet integration, implementation of blockchain and repeaters, this figure was 27.5% (22 out of 80). Analysts attributed this to the complex cryptographic designs of the ZK protocols and their innovative nature.

According to Veridise, the most common vulnerabilities in the DeFi sector were logical errors (385), the probability of system recovery (355) and data validation (304), which in total accounts for 65% of all problems detected during audits. These three problems also dominated among the 360 vulnerabilities found related to the ZK audit.

Of the 223 critical vulnerabilities found, logical errors (91) and data validation problems (35), insufficient restrictions (19), denial of service (16) and access control problems (13) prevailed. About 78% of high-severity problems (174) in all checks are attributed to these five types of errors. In general, critical errors account for 10% to 30% of vulnerabilities, analysts said.

John Stephens, CEO and co-founder of Veridise, explained that the development of ZK protocols requires precise semantics of operations. When it is incorrectly encoded in the constraints, errors occur. A large number of identified errors arise due to the fact that ZK is very different from the usual programming paradigm. He fears that attackers may create evidence that will trick the verifier into mistaking a false statement for a true one, and this will seriously undermine the integrity of the protocol.

Recall that last year, the decentralized OKX exchange was subjected to a hacker attack, as a result of which the site lost more than $ 2.7 million due to a security breach in a smart contract. In March, the Curio crypto project lost $16 million. The reason was a critical vulnerability related to voting rights.

Source
Recently News
See all news
  • Token Radar
© Token Radar 2024. All Rights Reserved.
IMPORTANT DISCLAIMER: All content provided herein our website, hyperlinked sites, associated applications, forums, blogs, social media accounts and other platforms (“Site”) is for your general information only, procured from third party sources. We make no warranties of any kind in relation to our content, including but not limited to accuracy and updatedness. No part of the content that we provide constitutes financial advice, legal advice or any other form of advice meant for your specific reliance for any purpose. Any use or reliance on our content is solely at your own risk and discretion. You should conduct your own research, review, analyse and verify our content before relying on them. Trading is a highly risky activity that can lead to major losses, please therefore consult your financial advisor before making any decision. No content on our Site is meant to be a solicitation or offer.