From 393cbaef258a86cec27494ea39243fc5f6c992a4 Mon Sep 17 00:00:00 2001 From: nullity00 Date: Wed, 20 Sep 2023 13:03:40 +0530 Subject: [PATCH] fix format --- README.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index df861e3..657c258 100644 --- a/README.md +++ b/README.md @@ -1360,10 +1360,10 @@ This repo was inspired by a few other github repos that also document common vul # Zk Security Resources 1. ["Security of ZKP projects: same but different"](https://www.aumasson.jp/data/talks/zksec_zk7.pdf) by JP Aumasson @ [Taurus](https://www.taurushq.com/). Great slides outlining the different types of zk security vulnerabilities along with examples. -2. [Security Reviews of ZK Protocols](https://github.com/nullity00/zk-security-reviews) - Consists of Security Reports of 20+ Protocols which use Zero Knowledge Proofs. +2. [Security Reviews of ZK Protocols](https://github.com/nullity00/zk-security-reviews) by [nullity](https://github.com/nullity00). Consists of Security Reports of 20+ ZK Protocols. 3. [Circomspect](https://github.com/trailofbits/circomspect) by [TrailOfBits](https://www.trailofbits.com/). A static analyzer for circom code to help detect vulnerabilities. The TrailOfBits [introduction post](https://blog.trailofbits.com/2022/09/15/it-pays-to-be-circomspect/) for this tool is a great read. -4. [Picus](https://github.com/Veridise/Picus) - A static analysis tool for ZKP circuits implemented in Circom (or anything that compiles to R1CS). [Lecture on Picus](https://www.youtube.com/watch?v=av7Wq742GIA) & formal verification by Yu Feng from MOOC 2023. -5. [Ecne](https://github.com/franklynwang/EcneProject) - Automated Verification of ZK Circuit, good for finding uniqueness/under-constraint bugs in circuit to QAP/R1CS conversion -6. [Coda](https://github.com/Veridise/Coda) is an Interactive Theorem prover. -7. [Korrekt](https://github.com/quantstamp/halo2-analyzer) is Quantstamp's proof of concept for checking correctness of Halo2 circuits as described in this [paper](https://ceur-ws.org/Vol-3429/paper3.pdf). Talks on linting Halo2 circuits at [ZKSummit9](https://www.youtube.com/watch?v=4KyjBlHBmI0) & [ETHDenver](https://www.youtube.com/watch?v=66gtzO-G1IA). +4. [Picus](https://github.com/Veridise/Picus) by [Veridise](https://github.com/Veridise). A static analysis tool for ZKP circuits implemented in Circom (or anything that compiles to R1CS). [Lecture on Picus](https://www.youtube.com/watch?v=av7Wq742GIA) & formal verification by Yu Feng from MOOC 2023. +5. [Ecne](https://github.com/franklynwang/EcneProject). Automated Verification of ZK Circuit, good for finding uniqueness/under-constraint bugs in circuit to QAP/R1CS conversion. A good explanation of Ecne & under constrained circuits is given in this [0xPARC's blog](https://0xparc.org/blog/ecne). +6. [Coda](https://github.com/Veridise/Coda) by [Veridise](https://github.com/Veridise). As per the [CODA paper](https://eprint.iacr.org/2023/547.pdf), Coda makes it possible to formally specify and statically check properties of a ZK application through a rich refinement type system. +7. [Korrekt](https://github.com/quantstamp/halo2-analyzer) by [Quantstamp](https://github.com/quantstamp) is a proof of concept for checking correctness of Halo2 circuits as described in this [paper](https://ceur-ws.org/Vol-3429/paper3.pdf). Talks on linting Halo2 circuits at [ZKSummit9](https://www.youtube.com/watch?v=4KyjBlHBmI0) & [ETHDenver](https://www.youtube.com/watch?v=66gtzO-G1IA). 8. [ZK-EVM Audit education sessions](https://www.notion.so/zkEVM-Audit-Education-Session-11-15-11-22-86d60daceadb438f85908817f7082611) by Scroll & Polygon.