The chapter explores the middle ground between fuzzer and form of verification, focusing on static analyzers and their utility in the security industry. It discusses the use of static analysis tools like linters and the value of gaining insights into the protocol being developed. The chapter also mentions the potential and current friction in using static analysis to find bugs in under constraint programs.
This week, Anna and Guillermo chat with David Wong, author of the Real-World Cryptography book, and a cofounder [zksecurity.xyz]((https://www.zksecurity.xyz/) - an auditing firm focused on Zero Knowledge technology.
They chat about what first got him interested in cryptography, his early work as a security consultant, his work on the Facebook crypto project and the Mina project, zksecurity.xyz, auditing techniques and their efficacy in a ZK context, what common bugs are found in ZK code, and much more.
Here’s some additional links for this episode:
Check out the ZK Jobs Board for new job opportunities in the run up to the zkSummit 10!
Aleo is a new Layer-1 blockchain that achieves the programmability of Ethereum, the privacy of Zcash, and the scalability of a rollup.
For questions, join their Discord at aleo.org/discord.
If you like what we do: