Inside Ethereum's Engine: How the Execution Layer Actually Works
Scalability, Privacy, and Security
A rapidly changing landscape: new proof systems, cryptographic components, unaudited ZKP libraries and implementations arriving monthly.
Fertile ground doubling as a security minefield. Our team can help you.
Trusted by the world’s leading projects
The Challenges
Secure circuit design
Our circuit-security team collaborates to validate the security of your implementation by:
- Ensuring the functionality of your circuit matches the documented behavior of your application.
- Uncovering under-constrained signals in your circuit that could allow malicious proofs.
- Finding security vulnerabilities in your circuit implementation that threaten the soundness or completeness of your ZK system.
Our offering is language-agnostic.
Feel free to approach us with circuits written in Circom, ZoKrates, Noir, Cairo, o1js, Leo and more.
Security of prover and verifier
Our combined cryptography and security team secure ZK systems by:
- Verifying the cryptographic soundness of any changes made to peer-reviewed ZK proof systems.
- Investigating the correctness of the implementation of your ZK system.
- Validating the correctness of L1 ↔ L2 interactions for Rollups.
- Ensuring systems conform with EVM rules, opcodes and functionalities for zkEVMs.
Our expertise lies in analysing SNARKs and their building blocks including PLONK-ish systems, KZG, FRI, the Fiat-Shamir transform, recursive proofs and more.
The Approach
At every stage, OpenZeppelin is pleased to provide research papers and publishable security assessments. We seek to instill confidence and transparency in clients' specific implementations, thereby promoting the industry as a whole.
Our team excels in ZK cryptography
Widely-used implementations of open-source libraries, and securing L1/L2 systems.
Co-author of several cryptographic designs.
PLONK >
A next-generation zk-SNARK proof system widely used in ZK Rollups,
Anemoi >
A family of ZK-friendly hash functions.
Libsnark >
An open-source C++ library for constructing and verifying zk-SNARKs.
More than
6+
Years in cryptographic &
Blockchain Security Research experience
More than
1400+
Citations span more than 50
published papers' impact
"The cryptographers at OpenZeppelin are extremely proficient. We designed a modification that was not easy to grasp, and it was understood quite quickly and thoroughly. The discussions led to some upgrade not only in the solidity code but in gnark-crypto and gnark, especially KZG related operations."
Applied Cryptographer
The Notorious Bug Digest #5: Post EIP-7702 Pitfalls, JIT Penalty Rebates, and Manipulation of Recursive Functions
Beyond Zero Knowledge: How Fully Homomorphic Encryption Enables Private Shared State
The Notorious Bug Digest #4
Testing Arbitrum Stylus Smart Contracts with Motsu
Six Questions To Ask Before Writing a Uniswap v4 Hook
The Notorious Bug Digest #3
Beyond Smart Contracts: A Deep Dive into Blockchain Infrastructure Security Auditing
ERC-4626 Tokens in DeFi: Exchange Rate Manipulation Risks
The Notorious Bug Digest #2
The Notorious Bug Digest #1
From Stage 0 to Stage 1: Security Council Best Practices in Rollup Governance
Poseidon go brr with Stylus: Cryptographic functions are 18x more gas-efficient via Rust on Arbitrum
Web3 Security Auditor's 2024 Rewind
What is a Smart Contract Audit: Lessons from OpenZeppelin’s 700+ Audits
Add Tests To Your Stylus Contracts