From February 20th to February 27th, two cases of weak code exploitation occurred in zero-knowledge proofs (ZK Proof). The first involved an outflow of five Ethereum coins from Veil Cash, a project that provides liquidity pools on the Base network, and the second affected $1.5 million in Foom contracts. Exploitation of this code took the developer community by surprise. The developer community considered the code implemented by ZK Proofs to be difficult, mathematically sound, and free of known critical vulnerabilities.
According to a report by ethical hacker Beacon302, a vulnerability in the code allowed Veil Cash attackers to “forge a valid zero-knowledge proof for any public input and deplete the entire 0.1 ETH privacy pool in 29 fraudulent withdrawals in a single transaction, without ever making a deposit.”
Veil is a protocol that uses zk-SNARKs to generate valid proof of deposits and protect transaction privacy without exposing data. For the mentioned hackers, running this exploit “It completely destroys the robustness of the test system.”
The same hackers report that Foom Protocol, a lottery and gaming dApp that uses ZK proofs to withdraw privately deposited funds, has been leaked. Due to a bug in the ZK validator contract, both the Base network and Ethereum mainnetHowever, this attack was carried out by an ethical hacker for security and code testability purposes. The reason for the exploitation was to secure Foom funds before a malicious actor could obtain them.
Zero-knowledge proof is a method of cryptography that allows one party to prove to another party that a transaction is valid without revealing sensitive information about the party performing the transaction.
According to figures such as Vitalik Buterin and previously Hal Finney, these tests are considered important for the future of crypto assets. Fully transparent public records violate financial privacy.
Two Hacks, Two Motivations, One Root Cause
A subsequent summary of events reveals that both exploits stem from the same root cause. «They are not subtle unrestricted bugs, the Groth16 checker (generated by snarkjs) was configured incorrectly (just the last step is missing). One was misused by white hat hackers for around $1.5 million, and the other was leaked for 5 ETH,” zksecurity.xyz researchers Stefanos Chariasos and Hao Pham commented, hinting that one of the “leaks” was a theft.
This means that white hackers are paid a lot of bug bounties for bugs in ZK, and many protocols operate with large amounts of total value locks (TVLs), but no exploits have been reported on the ZK protocol to date. This may have given us a little peace of mind compared to the smart contract space, where devastating exploits occur every few months. Maybe we were just lucky? Maybe there isn’t enough ROI for hackers?
Stefanos Chaliasos and Hao Pham, researchers at zksecurity.xyz
In response to Ledger Chief Technology Officer Charles Guillemet, several users have pointed out that recent exploits are human error in building and running the code. This is not an inherent flaw in zero-knowledge cryptography.
Researchers at zksecurity.xyz agree, saying they always require developers to review deployment code and programming language instructions (scripts).
Additionally, it says it will add detection for exactly this class of vulnerabilities to ZKAO, its AI-powered continuous security scanner.
