SoK: What don’t we know? Understanding Security Vulnerabilities in SNARKs

We just released a systemization of knowledge (SoK) whitepaper in collaboration with the Imperial College London, the Technical University of Munich, the Ethereum Foundation, the Scroll Foundation, and Matter Labs.

The study goes through hundreds of ZK vulnerabilities to categorize them and understand the root causes of these vulnerabilities. We also provide a comprehensive list of mitigation strategies and best practices to avoid these vulnerabilities.

The paper is currently available on arxiv.

Here is the abstract:

Zero-knowledge proofs (ZKPs) have evolved from being a theoretical concept providing privacy and verifiability to having practical, real-world implementations, with SNARKs (Succinct Non-Interactive Argument of Knowledge) emerging as one of the most significant innovations. Prior work has mainly focused on designing more efficient SNARK systems and providing security proofs for them. Many think of SNARKs as “just math,” implying that what is proven to be correct and secure is correct in practice. In contrast, this paper focuses on assessing end-to-end security properties of real-life SNARK implementations. We start by building foundations with a system model and by establishing threat models and defining adversarial roles for systems that use SNARKs. Our study encompasses an extensive analysis of 141 actual vulnerabilities in SNARK implementations, providing a detailed taxonomy to aid developers and security researchers in understanding the security threats in systems employing SNARKs. Finally, we evaluate existing defense mechanisms and offer recommendations for enhancing the security of SNARK-based systems, paving the way for more robust and reliable implementations in the future.