Daily Digest 每日摘要 View All 查看全部

Key Points: 要点：

• • Both exploits stem from Groth16 verifier setup errors in snarkjs, where missing Phase 2 contributions leave γ and δ parameters identical. 两起攻击均因snarkjs生成的Groth16验证器设置错误，缺少第二阶段贡献，使γ和δ参数相同
• • Losses: ~$1.5M and 5 ETH, discovered by white-hat hackers to prevent malicious attacks. 攻击导致约150万美元和5 ETH损失，由白帽黑客发现
• • Root cause: snarkjs sets γ and δ to the same generator point when initializing zkey 根源：snarkjs在初始化zkey时设置γ和δ为相同生成点
• • Phase 2 contribution is required to randomize δ 需通过第二阶段贡献随机化δ
• • Developers often overlook simple mistakes while focusing on complex parts 开发者常因关注复杂部分而忽略简单错误，
• • ZK DSLs are easy to misuse and lack foundational tooling support ZK DSL易误用且缺乏基础工具支持