Audit Timeline

Audit Timeline

ZK-Specific Audit Firms Engaged • Attack Surfaces Reviewed: Relayer + Verifier + UTXO Store

SnarkSide’s audit plan reflects the protocol’s cryptographic depth and modular execution. Unlike conventional dApps, where auditing focuses primarily on Solidity contract logic, SnarkSide operates across three highly specialized layers—each with its own attack surface and verification methodology:

  1. ZK Circuits: Enforced constraints that govern trade validity, liquidation conditions, and vault transitions.

  2. Verifier Layer: On-chain Groth16 verifiers that confirm the correctness of off-chain state transitions.

  3. Encrypted Off-chain Infra: Including relayers, MPC batchers, and the vault UTXO model.

Each component requires tailored audit strategies, many of which demand advanced knowledge of zero-knowledge proof systems, witness generation, and cross-domain relay logic.

Timeline & Milestones

Q1: Internal Proving Tests + Circuit Hardening

  • 100% coverage achieved on:

    • Intent circuit (Groth16, Circom v2)

    • Liquidation circuit (oracle-bound margin constraints)

    • Vault update constraints (UTXO Merkle tree transitions)

  • Field boundary tests applied:

    • Poseidon preimage collisions

    • Salt reuse entropy thresholds

    • MiMC fallback resistance cases

Q2: External ZK Audit Firm Engagements

SnarkSide initiated parallel audit engagements with two leading cryptographic firms:

✅ ZK Labs (Q2–Q3 2025)

  • Scope: Full circuit constraint verification

  • Deliverables:

    • Constraint logic report (intent, match, liquidation)

    • Witness poisoning risk analysis

    • Attack simulation: leveraged position injection, replay windows, ghost nullifiers

✅ Veridise (Scoped)

  • Scope: Solidity Verifier & Vault Store Contracts

  • Deliverables:

    • Nullifier replay rejection proofs

    • Vault settlement determinism tests

    • ZK calldata encoding validation

Q3: Relayer & MPC Layer Review

  • Internal penetration testing of encrypted relay mesh

  • Simulated bundle-injection and rank-ordering MEV attempts

  • MPC handshake replay detection implemented

  • Logged observable fields for batch compression verified to be zero-leakage

Future Audit Target:

  • Trail of Bits (Tentative) – Full relayer/matcher isolation modeling

    • Private handshake node fuzzing

    • Edge-case bundle overflow evaluation

    • Shared intent pool desynchronization fault tests

Reviewed Attack Surfaces

Surface
Attack Vector
Status

Intent Replay

Salted nonce bypass

Hardened

Vault Overwrite

Ghost commitment injection

Rejected at root inclusion check

UTXO Double-Spend

Nullifier reuse with modified intent

SNARK-rejected

Relayer Spoofing

Bundle mutation / batch injection

MPC-isolated, timestamp locked

Verifier Subversion

Alternate circuit hash injection

Public input hash enforced

Liquidation Spoof

Oracle mismatch in ZK circuit

Oracle circuit finality constraint active

Audit Pipeline (2025–2026)

Stage
Firm / Internal
Target Area
Status

Circuit Constraint Audit

ZK Labs

Circom + SNARK boundary

✅ Ongoing

Solidity Verifier Review

Veridise

VaultStore + ZKVerifier

✅ Scoped

Relay Mesh Pen Testing

Internal

MPC & Batching Logic

✅ Complete

Intent Replay Scenarios

Internal

UX entropy + salt security

✅ Hardened

Oracle Timing Constraints

TBD

Delay enforcement / finality

⏳ Planned

zkBridge & Rollup Layer

TBD (Sovereign)

Future Sovereign L2 zkStack

🔜 Q4/Q1 2026

Conclusion

SnarkSide’s audit strategy reflects its layered, opaque-by-design architecture. The goal isn’t to secure surface-level Solidity. It’s to mathematically constrain what’s even possible, through formalized zero-knowledge boundaries, input hashing determinism, and encrypted state transitions.

Each proof is a contract. Each batch is a promise. Auditable not by inspection—but by the impossibility of contradiction.

PreviousSecurity ModelNextFormal Methods

Last updated