zkDaily - 2026-02-03

零知识证明 zkDaily

ZKP Frontier Tracker 🎯

Tue

02.03

2026

Paper

zkCraft: Prompt-Guided LLM as a Zero-Shot Mutation Pattern Oracle for TCCT-Powered ZK Fuzzing https://arxiv.org/abs/2602.00667

Rong Fu Fuzzing Automated Debugging

Fu et al. proposed the zkCraft framework in their paper, combining deterministic localization with proof search to detect semantic inconsistencies in ZK circuits, using LLM-guided mutation templates to improve edge-case coverage and reduce solver interaction costs.

Notes

ZK circuits are tricky due to tight witness-constraint coupling, causing subtle bugs.
zkCraft uses R1CS-aware localization and proof search to catch under/over-constrained issues.
Row-Vortex polynomials encode edits; Violation IOP replaces repeated solver checks with a proof.
LLM-guided mutations target edge cases, keeping algebraic verification auditable.
Tested on Circom, zkCraft finds diverse bugs, lowers false positives and solver costs.
Links formal verification with automated debugging for scalable ZK circuit development.

Collected by @icerdesign

零知识证明 zkDaily

Q&A Deep Dive 💬

Tue

02.03

2026

Why are semantic bugs in ZK circuits hard to detect with conventional testing?

In ZK circuits, witness computation is tightly coupled with constraints, so many bugs do not immediately violate constraints. Instead, they silently widen or restrict the solution space. Standard testing covers limited inputs and often misses such under- or over-constrained cases.

What key bottleneck does the Row-Vortex polynomial address in zkCraft?

The Row-Vortex polynomial encodes many candidate constraint edits into a single algebraic object. This allows zkCraft to check many potential violations at once, avoiding per-edit solver calls and greatly improving search efficiency.

How does the Violation IOP replace repeated satisfiability checks in zkCraft?

The Violation IOP turns constraint violations into succinct algebraic proofs. A verifier checks a single proof to confirm the existence of a bug, replacing interactive and repeated satisfiability queries with one proof verification.

Prompted by @icerdesign