Project Information

CATEGORY

Zero-Knowledge Virtual Machines (ZK-VM)

NETWORK

RISC Zero ZKVM

WEBSITE

https://risczero.com/

DESCRIPTION

From Jan. 29, 2025 to Feb. 17, 2025, RISC Zero engaged Veridise to conduct a security assessment of their Keccak precompile. The security assessment covered the implementation of RISC Zero’s Keccak Accelerator zero-knowledge circuits and the accompanying prover-side code. Veridise conducted the assessment over 4 person-weeks, with 2 security analysts reviewing the project over 2 weeks. The review strategy involved a thorough source code review performed by Veridise security analysts.

Audit Report

DURATION

4 person-weeks

COMPLETED

March 24, 2025

View Audit Report

SCOPE

The scope of this security assessment is limited to the following files from the zirgen and risc0 repositories, which contain the zero-knowledge circuits and the prover-side code, respectively. Additionally, in the risc0 repository, the scope was further restricted to only the parts of the listed files that were relevant to integrating the keccak accelerator into the ZKVM.

Total Findings
0
Mitigated
0
Critical Severity
0
High Severity
0
Medium Severity
0
Low Severity
0

Considering an audit?
Contact us today!

Contact Us