Content pfp
Content
@
0 reply
0 recast
0 reaction
Vitalik Buterin pfp
Vitalik Buterin
@vitalik.eth
When debugging a ZKP verifier, make sure to keep checking not just that the proof verifies on valid inputs, but also that the proof verification returns an error on invalid inputs (or with nonsensical tweaks to the verification mechanism).
77 replies
1847 recasts
7355 reactions
EulerLagrange.eth pfp
EulerLagrange.eth
@eulerlagrange.eth
Hey Vitalik would you like to do an AMA on here sometime?
4 replies
85 recasts
697 reactions
Emmanuel Awosika pfp
Emmanuel Awosika
@eawosika
I guess this is how you catch unconstrained circuit bugs? I can imagine there's some proof circuit that checks that the square of a number is 9, but doesn’t check if it should be 3 or -3. What you're suggesting here should catch the bug if we only want it to be 3, no?
1 reply
0 recast
15 reactions
0xqeew pfp
0xqeew
@0xqeew
In zk proofs, there are (2) actors : prover and a verifier. The prover convince the verifier without revealing any information. The verifier verify that the prover is telling the truth. A ZKP verifier must reject both invalid proofs and those with tampered verification.
0 reply
4 recasts
37 reactions
jenny.degen 🎩🟣 pfp
jenny.degen 🎩🟣
@cryptojenny
Great point, @vitalik.eth! Ensuring that a ZKP verifier properly rejects invalid inputs is crucial for maintaining security and integrity. It's not just about accepting the right proofs, but also about robustly identifying the wrong ones. 🔍🛡️
5 replies
4 recasts
22 reactions
Majid pfp
Majid
@0xmajidx0
true
0 reply
1 recast
14 reactions
non 🐹 pfp
non 🐹
@non07777.eth
Yes, sir, I will🫡
0 reply
1 recast
13 reactions
WOO🎩 pfp
WOO🎩
@woo-x
Yes sir thx Legend 🙇‍♂️
0 reply
1 recast
12 reactions
Giancarlo🎩 pfp
Giancarlo🎩
@giancarlodc.eth
Good unit tests should be able to take care of that or am I missing something? Still, ensuring to cover all these use cases is what I am calling “good” unit tests.
0 reply
0 recast
7 reactions
pgpg pfp
pgpg
@pgpg.eth
I mean. That's just general testing advice sir.
0 reply
0 recast
6 reactions
Dan Robert🎩 pfp
Dan Robert🎩
@drrallycat
Nice dick bro
1 reply
0 recast
3 reactions
sirlupinwatson.degen pfp
sirlupinwatson.degen
@sirlupinwatson.eth
So in theory could you for example instead of validating it, you would overflow not bytes but let's say for: 32-bits max -2³¹...2³¹ 64 bits max -2^63...2^63 double precision floating point 1.8 x 10^308 Could you overflow (not sure if this is the right term) with a constructor and use yobibyte or bs, from there you could technically infinitely drain a process?
1 reply
0 recast
0 reaction
ap9671 pfp
ap9671
@ap9671
Insightful as always!
0 reply
0 recast
0 reaction
elysiagh pfp
elysiagh
@elysiadfg
breathtaking
0 reply
0 recast
0 reaction
Crypto幣池叔叔 pfp
Crypto幣池叔叔
@cryptouncle99
I like Vitalik
0 reply
0 recast
0 reaction
barnabyye pfp
barnabyye
@barnabyye
splendid
0 reply
0 recast
0 reaction
Ben Green pfp
Ben Green
@numtel
I feel like this message is a direct response to snarkjs and its lack of testing. This pr is in the new 0.7.4 and it has no test that fails before the patch. https://github.com/iden3/snarkjs/pull/480
1 reply
0 recast
0 reaction
genevieveo pfp
genevieveo
@genevieveo
majestic
0 reply
0 recast
0 reaction
Pouria pfp
Pouria
@pouria98
Ye…
0 reply
0 recast
0 reaction
milesss pfp
milesss
@milessss
nice
0 reply
0 recast
0 reaction