After a fun collaboration with @SuccinctLabs and @OPLabsPBC, I'm excited to share OP Succinct — our minimal diff to upgrade an OP Stack chain to a full ZK rollup.
Come inside and look around... 🧵
OP Stack chains (like most rollups) work by posting compressed tx data to L1 as blobs. Independent nodes read this data to derive the state.
At some frequency, a hash representing the state of L2 is also posted to L1, allowing users to prove withdrawals & claim their L1 funds.
Mar 9, 2023 • 15 tweets • 5 min read
I was recently working on an audit that used Solady FixedPointMathLib by @optimizoor.
@daejunpark had some concerns with the square root function. What if there were edge cases where the Yul didn’t behave?
Fuzzing didn’t find any, but we couldn’t know for sure.
…or could we?
Enter HALMOS.
It's a symbolic bounded model checker.
What this means is that it takes in EVM bytecode, converts it to a series of equations, and uses the Z3 Theorem Prover to verify the assertion (or find counterexamples).
Since the @optimismFND contest rewards were announced, a bunch of people have asked me about the logistics of working with @trust__90.
How did we share information? How did we support each other?
I've experimented with this a lot so figured it might be useful to share publicly.
The first thing to note is that contests / bug hunting requires different communication than traditional audits.
For collaboration on traditional audits, I really like the way @SpearbitDAO sets things up:
- shared repo
- comments of findings on PRs
- communication channel for Qs
Dec 23, 2022 • 14 tweets • 3 min read
One of the hardest things for new auditors is getting your head around a code base.
I remember feeling like I was aimlessly jumping in circles. Based on the DMs I've been getting, seems like this is a common experience.
Here's the process I now use for every audit...
1) QUICK SKIM OF DOCUMENTATION
- What is this supposed to do?
- Who are the main actors?
- Is there anything it's explicitly not supposed to do?
You'll be surprised how often exploit ideas start forming just based on the high level explanation.
Dec 6, 2022 • 9 tweets • 7 min read
Inspired by @pashov and @sjkelleyjr to share more behind the scenes of getting into smart contract auditing.
In March, I tried my first C4 contest. I sucked :)
As of last week, I've placed Top 3 in 7 audit contests and earned $100k+ from auditing.
Here’s the journey so far…
First, a quick disclaimer:
I had a lot of experience as a Solidity dev before getting into security, so this stuff clicked pretty quickly.
If you're learning all this from scratch, it will probably take longer. But you can get there.
Mar 10, 2022 • 26 tweets • 7 min read
SNARKS FOR NON-CRYPTOGRAPHERS
ZK tech is looking like the holy grail for Ethereum scalability and privacy.
But how does it actually work? What kinds of things are provable?
And if it’s working, what’s the barrier to full zkEVMs?
I spent the past few weeks diving in… (1/n)
At this point, it’s clear that Ethereum can’t scale without L2s.
While optimistic rollups (like @arbitrum) and side chains (like @0xPolygon PoS chain) are incredible advances, it seems clear that the optimal mix of security and scalability will come from ZK rollups.
