Blockchain Audits Reveal High Frequency of Logic Errors and ZK Vulnerabilities

July 22, 2024July 22, 2024

Read Time:1 Minute, 27 Second

QUICK BITE

Blockchain security firm Veridise found an average of 16.1 issues per audit, with ZK audits revealing more at 18.0 per audit and twice the likelihood of critical issues.
Logic errors are the most common bug type, accounting for 41% of severe issues across all audits.
ZK protocols, while popular for enhancing privacy and scalability in blockchain, pose significant security challenges due to their complex cryptographic structures and innovative nature.

Veridise, a blockchain security firm, conducted an analysis of 100 audit projects from its database, encompassing various smart contracts, blockchain implementations, and zero-knowledge solutions. The data set revealed a total of 1605 issues, with 1533 issues having identifiable types.

Its security audits typically identify an average of 16.1 issues per audit. Specifically, Zero-Knowledge (ZK) audits tend to uncover slightly more issues, averaging 18.0 per audit. Notably, ZK audits have twice the likelihood of encountering critical issues compared to other audits.

Across all audits, the most prevalent type of bug is Logic error, which also accounts for the highest number of severe issues. Logic errors constitute 41% of severe issues (including critical and high severity).

Moreover, 78% of high-severity issues across all audits stem from just five types: Logic Error, Data Validation, Underconstrained Circuit, Denial of Service, and Access Control.

ZK protocols are increasingly popular in cryptocurrency for their ability to improve privacy and scalability in blockchain transactions. They allow one party to prove the truth of a statement to another without disclosing any additional information.

However, according to Veridise, ensuring ZK security is notably difficult. Audits frequently uncover critical vulnerabilities because of the intricate cryptographic structures and the innovative aspects of ZK protocols, which often extend beyond traditional cryptographic methods.

CIM Editorial

CIM Editorial is the official voice of Crypto India Magazine. We bring you the latest news, analysis, and insights on Web3 and AI in India and beyond.

InBlockchain, Blockchain security, Zero-Knowledge

Akash Partners with HackIndia to Empower Indian Students with Web3 Education

Polygon Executive Colin Butler Touts RWA Tokenization as Crypto’s Killer App

AppliedXL, AP to Deliver AI-powered News Tips to Local Newsrooms

AI Companions (AIC): Revolutionizing digital relationships with AI, blockchain, and VR

MicroStrategy Plans $700M Note Sale, Doubles Down on Bitcoin Strategy

Meta India VP Sandhya Devanathan Sees AI Creating New Job Opportunities Despite Changing Roles

Government of India Launches Vishvasya-Blockchain Technology Stack To offer Blockchain-as-a-Service

Huma Raises $38M to Hyper-scale its Payment Financing (PayFi) Network

Alchemy Partners with Cross Finance to Power dApp Development

Blockchain Audits Reveal High Frequency of Logic Errors and ZK Vulnerabilities

CIM Editorial

Leave a Reply Cancel reply