zkVM application auditing
Comprehensive security analysis of your zkVM application—including both the ZK circuits and smart contract components—to identify vulnerabilities and provide clear guidance on how to remediate them.
zkVM application auditing involves experienced security analysts manually examining your circuits and smart contracts, supported by our in-house security tools to facilitate effective vulnerability discovery. The end result is a thorough security review that our team assists you to implement.
TRUSTED BY:
TRUSTED BY:
Jeremy Bruestle
CEO & Co-Founder of RISC Zero
Olivier Bégassat
Arithmetization Lead at Linea
I was surprised by the thoroughness of the audits and the really meticulous attention to detail. I initially thought the project would be impossible due to its size (800 pages of docs), and I’m really glad Veridise successfully completed it. It was a pleasure working with Veridise.
Uma Roy
CEO and Co-Founder of Succinct
We are super happy to have worked with Veridise. It’s clear they looked into our circuits in great detail. One of the bugs they found was critical and quite subtle, so we were impressed with their work.
Barron Caster
CEO at Demox Labs
Veridise has been incredibly helpful auditing all of our ZK technology, which requires deep domain expertise. We trust them, and have worked with them on a number of different projects—and will continue to.
Trusted partner for several leading ZK projects
EigenDA engaged Veridise to audit Hokulea, a zkVM-based system that verifies EigenDA data availability certificates on-chain. The assessment focused on the correctness of the zkVM logic and its integration with on-chain verification.
Wormhole engaged Veridise to audit the Boundless Receiver and Transceiver contracts used to verify Ethereum beacon chain data in cross-chain workflows. The review focused on the correctness and safety of the zkVM-backed verification logic and cross-chain state handling.
vLayer engaged Veridise to audit their zkVM application, covering both the Rust guest logic and the associated smart contract components. The review focused on correctness and security of the application’s zkVM execution and proof verification flow.
In addition to zkVM application audits, we’ve audited the core zkVM implementations themselves, including RISC Zero, Succinct SP1, Linea , and Ziren.
Why ZK circuits and zkVM applications are uniquely hard to secure?
The Veridise difference: Why us?
Seasoned professionals
Veridise’s ZK audit team is composed of seasoned professionals with several PhDs in formal methods, software security and blockchain.
In-house tooling
In addition to rigorous human auditing, our in-house tools detect bugs that the human eye has a difficult time finding. This enhances the quality and effectiveness of our audits.
Confidentiality and ownership
We uphold the confidentiality of the report, although many of our clients find value in publishing it. Additionally, our reports become fully yours upon completion of the audit, unlike with some other providers.
Veridise’s edge: our in-house ZK audit tools
Veridise combines professionals who manually review code with our in-house tools.
Our in-house tools enable Veridise to detect hard-to-find bugs that are difficult for the human eye to identify, leading to comprehensive audit reports. With Veridise, your codebase is in the hands of industry-leading detection methods.
OrCa
Specification-guided fuzzer
Vanguard
Static analysis tool for smart contracts and ZK circuits
Picus
Zero-Knowledge Proof auditing tool finding bugs in arithmetic circuits
Special considerations with zkVM application audits
zkVM applications introduce a fundamentally different security model, where trust is derived from cryptographic proofs rather than direct execution.
Correctness depends not only on whether the code runs, but on whether the zkVM is actually proving the right properties about that execution. Seemingly small mistakes in proof boundaries, input validation, or execution assumptions can result in proofs that verify correctly while attesting to incorrect or incomplete behavior.
Read more
These risks are easy to miss because zkVM applications span multiple layers: guest code, host logic, proof generation, and on-chain verification. Security issues often arise at the boundaries between these layers, such as mismatches between what the prover assumes and what the verifier enforces, or logic that executes outside the proven context. Traditional smart contract audits do not cover these failure modes.
Veridise’s zkVM application audits are designed specifically to address these challenges.
We perform a comprehensive review of your zkVM application, including the ZK execution logic, proof semantics, state commitments, smart contract verification, and all interfaces between them. Our auditors combine deep zero-knowledge expertise with manual review and specialized tooling to identify vulnerabilities that could undermine correctness, soundness, or security guarantees.
The result is a clear, actionable security assessment that helps your team understand not only what is wrong, but why it matters in a zkVM context. We work closely with your engineers to validate fixes and ensure that your application’s proofs enforce the guarantees your users and protocol depend on.
Our zkVM application audit process
1. Assessment
Our experts assess the scope of the audit: We check the source repository and set key requirements to be verified.
2. Review
At the next step, our team formalizes key properties of your project and utilizes our proprietary analysis tools to check for common vulnerabilities and deeper logical bugs.
3. Report
At the end of the audit, we deliver a detailed audit report summarizing our findings and recommendations. Our reports include any uncovered vulnerabilities, their potential impact, and mitigation strategies.
4. Fixes & Fixes Review
Our clients’ teams fix discovered bugs and vulnerabilities. The Veridise team then verifies the new code to ensure it is secure.
5. Final Report
Once all bug fixes are verified, we issue a final audit report and it is up to our clients whether to make the final report public or not.
Explore our zkVM audit reports
| Protocol | Resource | Start Date | Company | Language(s) | Tag(s) |
|---|---|---|---|---|---|
| Boundless: Kailua | Report | Feb 2026 | Boundless | Solidity | Smart Contracts, zkVM Application, Solidity, OP-Stack Dispute Game, risc0 |
| Boundless: Kailua | Report | Oct 2025 | Boundless | Rust | zkVM Application, Risc0, Rust, OP-Stack Dispute Game, Kona |
| EigenDA: Hokulea | Report | Oct 2025 | EigenDA | Rust | zkVM Application, Rust, SP1, Rollup, Risc0 |
| ZKM: Ziren zkVM | Report | Oct 2025 | ZKM | Rust | zkVM Application, ZK Circuits, starky, plonky3, Rust, zkVM, Precompile / Accelerator, SHA2, Poseidon, Elliptic Curve Operations, SP1, sp1 |
| Wormhole: Boundless Transceiver | Report | Sep 2025 | Wormhole | Solidity, Rust | Smart Contracts, zkVM Application, Solidity, Risc0, Rust, OpenZeppelin, wormhole |
| Boundless: Fulfilment Data | Report | Sep 2025 | Boundless | Rust, Solidity | Smart Contracts, zkVM Application, Risc0, Solidity, Rust, Auction |
| Succinct: SP1 Call Contract | Report | Jun 2025 | Succinct | Solidity, Rust | SP1, Solidity, zkVM Application |
| RISC Zero: Kailua Protocol | Report | May 2025 | Risc Zero | Rust | zkVM Application, Risc0, Rust, OP-Stack Dispute Game, Kona, Alloy |
| RISC Zero: Kailua Protocol | Report | May 2025 | Risc Zero | Rust, Solidity | Smart Contracts, zkVM Application, Solidity, Risc0, Rust, OP-Stack Dispute Game, Optimism, Alloy, risc0 |
| RiscZero: steel | Report | Apr 2025 | Risc Zero | Rust | Relayer/Off-Chain Backend Service, zkVM Application, Risc0, Rust, Library/Infrastructure, Alloy |
| vlayer | Report | Feb 2025 | vlayer | Solidity, Rust | Smart Contracts, Solidity, ZK Circuits, zkVM Application |
| Malda: zk-coprocessor | Report | Jan 2025 | Malda | Rust | Smart Contracts, Solidity, ZK Circuits, zkVM Application |
| Malda: Lending | Report | Jan 2025 | Malda | Solidity | Smart Contracts, Solidity, ZK Circuits, zkVM Application |
| RISC Zero: Kailua | Report | Jan 2025 | Risc Zero | Rust,Solidity | zkVM Application, Risc0, FaultProofs |
| RiscZero: Steel | Report | Sep 2024 | Risc Zero | Rust | Relayer/Off-Chain Backend Service, zkVM Application, Risc0, Library/Infrastructure |
| RiscZero: Blobstream Zero | Report | Sep 2024 | Risc Zero | Rust,Solidity | Relayer/Off-Chain Backend Service, Smart Contracts, zkVM Application, Risc0 |
Designing Secure zkVM applications
Veridise CEO Jon Stephens speaks with Rami Khalil (RISC Zero) about how to build secure zkVM applications.
Articles on Zero Knowledge
Veridise has developed industry-leading expertise in auditing Zero Knowledge Proof related applications. We have extensively written about Zero Knowledge related topics.
9 min read
Zero-knowledge security related videos
Watch Veridise engineers and cryptographers explain real-world zkVM application security challenges, vulnerabilities, and audit insights in their own words.
What are some typical zero-knowledge ...
2min | Jon Stephens
Zero-Knowledge security auditing
5min | Alp Bassa
How did RISC Zero achieved continous ...
32min | Shankara Pailoor, Jacob Weightman
Formal methods for ZK circuits
54min | Isil Dillig | a16z crypto
Uncovering hidden security risks in ...
20min | Jon Stephens | Modular & L2 Day
Pushing the limits in the automated ..
71min | A. Bassa, D. Dominguez, J. Stephens
Lessons from the auditing trenches
15min | Kostas Ferles | L2con Brussels
Security in the ZK domains
19min | Alp Bassa | ZK Accelerate Athens
Practical security analysis of ZK ...
21min | Kostas Ferles | Carnegie Mellon University
Are your ZK Proofs Correct?
25min | Jon Stephens | Devcon Bogotá
Automatic detection of ZK Bugs
13min | Jon Stephens | IOSG OFP Denver
Zeroday: Why ZK Security is Important?
45min | Kostas Ferles | Nil Foundation
Picus: Push button ZK circuit verification
17min | Shankara Pailoor | EthCC 2023
Automated detection of ZKP vulnerabilities
16min | Alp Bassa | Secureum TrustX
Picus: Automated verification of ZKP...
15min | Andreea Buterchi | TrustX
Practical Security Analysis of ZKP...
21min | Kostas Ferles
Common Vulnerability Patterns in Aleo
29min | Jon Stephens and Kostas Ferles
ZK Circuits in dApps: Common Bugs to...
22min | Jon Stephens
Academic work on Zero-Knowledge security research
Certifying Zero-Knowledge Circuits with Refinement Types
Veridise ZK Team
IEEE Security & Privacy Conference
Oakland Security
Automated Detection of Under-constrained Circuits in Zero-Knowledge Proofs
Veridise ZK Team
Academic Paper
PLDI 2023
Practical Security Analysis of Zero-Knowledge Proof Circuits
Veridise ZK Team
USENIX Security Conference
Demystifying Loops in Smart Contracts
Veridise ZK team
CAV 2024
Computer Aided Verification conference
Veridise is the choice of industry leaders
We have audited some of the most critical protocols in the blockchain space, with billions of dollars in Total Value Locked
Considering a zkVM app audit?
Don’t leave your project’s security to chance.
Get verified by Veridise and secure your zkVM application.
Frequently asked questions
What is a zkVM application?
A zkVM application is software that runs inside a zkVM (zero-knowledge virtual machine) and produces a cryptographic proof of correct execution. The proof attests that a specific program ran on specific inputs and produced a specific output, without revealing private data. zkVMs allow developers to write verifiable programs in general-purpose languages like Rust.
What does a zkVM application do?
A zkVM application performs computation and outputs a zero-knowledge proof that the computation followed the intended logic. This proof can be verified on-chain or off-chain without re-executing the computation. zkVM applications are commonly used for verifiable off-chain compute, privacy-preserving logic, and trust-minimized protocol components.
What does a zkVM application audit usually include?
A zkVM application audit reviews application logic, proof boundaries, and the correctness of what is actually being proven. This includes validating inputs, state commitments, host–guest interactions, and ensuring no under-constrained or unintended execution paths exist. Audits often combine manual review with automated and formal verification techniques to catch subtle ZK-specific issues.
What makes a zkVM application audit different from a smart contract audit?
Smart contract audits focus on state transitions and on-chain execution, while zkVM audits focus on verifiable execution semantics. In zkVM systems, a bug may not appear on-chain but can still allow incorrect proofs to verify. This requires reasoning about execution traces, proof soundness, and cryptographic assumptions—not just contract logic.
Why Veridise is the industry’s leading choice for zkVM application audits?
Veridise’s approach emphasizes provable correctness, not just best-effort review. Veridise has deep expertise in zero-knowledge systems and has worked directly on zkVM security research and a number of real-world deployments. Veridise combines manual auditing with formal method tools to provide mathematical guarantees that certain classes of bugs cannot exist in your codebase.
When should teams get a zkVM application audit?
Teams should get a zkVM audit before any production deployment or reliance on ZK proofs for security or value transfer. Audits are also critical after major logic changes, new host–guest interfaces, or dependency upgrades. Early audits reduce design risk, while follow-up audits help preserve correctness as systems evolve.
How much does a zkVM application audit cost?
The cost depends on the size (lines of code) of the codebase and general complexity. Veridise scopes and quotes each engagement individually to balance assurance, timeline, and cost.