https://muellerberndt.medium.com/finding-soundness-bugs-in-zk-circuits-ea23387a0e1e
#zk #security 安全研究和案例
#zk #security 安全研究和案例
Medium
A Practical Guide to Finding Soundness Bugs in ZK Circuits.
Zero-knowledge proofs are a core building block for blockchain scaling and privacy. In real-world deployments, the fragile part is usually…
❤1
Web3ReadList
https://github.com/lambdaclass/ethrex 一个以简化为工程哲学的使用 Rust 编写的 #ethereum 客户端
LambdaClass Blog
How We Made an Ethereum Rust Execution Engine 20x Faster: Profiling-Driven Optimization
Over the past months, the ethrex team has been relentlessly focused on performance optimization. Through systematic profiling, targeted improvements, and architectural changes, we've achieved a 20x improvement in block execution throughput.
❤1
https://www.ammchallenge.com/
AMM 挑战赛,目标是利用手续费机制平衡套利交易与非套利交易
AMM 挑战赛,目标是利用手续费机制平衡套利交易与非套利交易
Optimizationarena
Optimization Arena
Compete in optimization challenges across trading, gaming, and more.
👍9
https://blog.lambdaclass.com/building-a-minimalist-post-quantum-ethereum-client-ethlambdas-architecture/
构建最小的 #pq 以太坊客户端
构建最小的 #pq 以太坊客户端
LambdaClass Blog
Building a Minimalist Post-Quantum Ethereum Client: ethlambda's Architecture
This is a follow-up to our post on building a post-quantum Ethereum client. Here we detail ethlambda's minimalist architecture.
https://blog.lambdaclass.com/amo-lean-towards-formally-verified-optimization-via-equality-saturation-in-lean-4/
形式化证明 #formalVerify 密码学优化
形式化证明 #formalVerify 密码学优化
LambdaClass Blog
Verified Code Optimization in Lean 4: How Equality Saturation Generates Proven-Correct C Code with Truth Research ZK
Our experiments with Lean and formal verification continue to bear fruit.
To further our knowhow and experience, we set out to see if we could apply Lean's strengths to a more advanced topic: compiler optimizations.
Traditional verified compilers focus…
To further our knowhow and experience, we set out to see if we could apply Lean's strengths to a more advanced topic: compiler optimizations.
Traditional verified compilers focus…
Forwarded from Remedy
First high-severity Solidity compiler bug since 2016 — identified by Hexens
Hexens has identified a HIGH severity vulnerability in the Solidity compiler itself.
Not in a specific project. In Solidity.
The issue, TSTORE Poison, can silently corrupt contract storage and introduce critical vulnerabilities without obvious indicators. This makes it particularly dangerous for developers and auditors who rely on compiler-level guarantees.
To assess the ecosystem-wide impact, we used Glider to scan integrated chains and evaluate the potential blast radius. Cross-chain impact analysis at this scale is exactly what Glider is designed for.
🔎 Technical write-up:
https://hexens.io/research/solidity-compiler-bug-tstore-poison
📢 Official announcement:
https://x.com/solidity_lang/status/2024181697168945228?s=46
If you develop or audit Solidity smart contracts, we strongly recommend reviewing the report
Hexens has identified a HIGH severity vulnerability in the Solidity compiler itself.
Not in a specific project. In Solidity.
The issue, TSTORE Poison, can silently corrupt contract storage and introduce critical vulnerabilities without obvious indicators. This makes it particularly dangerous for developers and auditors who rely on compiler-level guarantees.
To assess the ecosystem-wide impact, we used Glider to scan integrated chains and evaluate the potential blast radius. Cross-chain impact analysis at this scale is exactly what Glider is designed for.
🔎 Technical write-up:
https://hexens.io/research/solidity-compiler-bug-tstore-poison
📢 Official announcement:
https://x.com/solidity_lang/status/2024181697168945228?s=46
If you develop or audit Solidity smart contracts, we strongly recommend reviewing the report
X (formerly Twitter)
Solidity (@solidity_lang) on X
Full bug explainer: https://t.co/vHHui8jAZF
Thanks to @hexens for the discovery and thorough report, @_SEAL_Org and @dedaub for their swift response and help in identifying affected contracts.
Thanks to @hexens for the discovery and thorough report, @_SEAL_Org and @dedaub for their swift response and help in identifying affected contracts.
🔥1