Public Report – Solana Program Library ZK-Token Security Assessment
2023-4-14 00:0:16 Author: research.nccgroup.com(查看原文) 阅读量:10 收藏

In August 2022, Solana Foundation engaged NCC Group to conduct a security assessment of the ZK-Token SDK, a collection of open-source functions and types that implement the core cryptographic functionalities of the Solana Program Library (SPL) Confidential Token extension. These functionalities are homomorphic encryption and associated proofs used to demonstrate the consistency of elementary instructions that move tokens between accounts while keeping the involved amounts in an encrypted format that ensures that only the sender and recipient may learn any information about these amounts.

Here are some related articles you may find interesting

Public Report – Kubernetes 1.24 Security Audit

NCC Group was selected to perform a security evaluation of Kubernetes 1.24.0 release in response to Kubernetes SIG Security’s Third-Party Security Audit Request for Proposals. The testing portion of the audit took place in May and June 2022. The global project team performed a security architectural design review that resulted…

Stepping Insyde System Management Mode

In October of 2022, Intel’s Alder Lake BIOS source code was leaked online. The leaked code was comprised of firmware components that originated from three sources: I obtained a copy of the leaked code and began to hunt for vulnerabilities. This writeup focuses on the vulnerabilities that I found and…

Breaking Pedersen Hashes in Practice

The Pedersen hash function has gained popularity due to its efficiency in the arithmetic circuits used in zero-knowledge proof systems. Hash functions are a crucial primitive in cryptography, and zero-knowledge proof systems often make heavy use of them, for example when computing Merkle tree roots and paths. Instead of being…

View articles by category

Call us before you need us.

Our experts will help you.

Get in touch


文章来源: https://research.nccgroup.com/2023/04/13/public-report-solana-program-library-zk-token-security-assessment/
如有侵权请联系:admin#unsafe.sh