SoK: What don't we know? Understanding Security Vulnerabilities in SNARKs
CoRR(2024)
摘要
Zero-knowledge proofs (ZKPs) have evolved from being a theoretical concept
providing privacy and verifiability to having practical, real-world
implementations, with SNARKs (Succinct Non-Interactive Argument of Knowledge)
emerging as one of the most significant innovations. Prior work has mainly
focused on designing more efficient SNARK systems and providing security proofs
for them. Many think of SNARKs as "just math," implying that what is proven to
be correct and secure is correct in practice. In contrast, this paper focuses
on assessing end-to-end security properties of real-life SNARK implementations.
We start by building foundations with a system model and by establishing threat
models and defining adversarial roles for systems that use SNARKs. Our study
encompasses an extensive analysis of 141 actual vulnerabilities in SNARK
implementations, providing a detailed taxonomy to aid developers and security
researchers in understanding the security threats in systems employing SNARKs.
Finally, we evaluate existing defense mechanisms and offer recommendations for
enhancing the security of SNARK-based systems, paving the way for more robust
and reliable implementations in the future.
更多查看译文
AI 理解论文
溯源树
样例
![](https://originalfileserver.aminer.cn/sys/aminer/pubs/mrt_preview.jpeg)
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要