Fun With Zero Knowledge Execution Environments

[Music] my my name is Dean Pierce I'm going to be talking about zero knowledge execution environments uh I have a background currently working at a company called polygon Labs uh anybody anybody heard of it yay people okay it's some some blockchain thing don't worry about it um background a lot of uh red team penetration testing uh did some other smart contract auditing when I worked at consensus for a while and then I worked at Intel for a long time doing well medical devices and open source stuff and then Intel red team for a couple years so good things uh I'm interested in offensive security research uh Key Driving factor of that I think is to make crime economically

uninteresting it's a thing uh I want to make it very clear this is a z knowledge talk which is typically like a very academic uh sort of topic I do not have a PhD I just like weird stuff um and nothing I talk about here is on behalf of my company even though I do somewhat kind of side mention some of the things that my company is working on so uh wh what's a zero knowledge execution environment so this is a term I just kind of that I made up by myself uh it's what I call uh an environment where you have uh provs that are executing arbitrary programs and what they can do by using these like

zero knowledge virtual machines is you run an arbitrary program then you get back a proof and then the verifier is some other entity somewhere in the world and they can check that proof very quickly it's almost like you know checking a like a hash when you're comparing two files so they they check that proof and can determine that you executed everything correctly as described in your program which is a very cool kind of I feel like a very new fundamental thing in Computing that like hasn't really uh existed before uh and a lot of really interesting applications that I want to talk about today so it's kind of been around for a while and it's

sort of my way of framing uh you know some Z ZK stuff so uh yeah a lot of implications for privacy scalability and the term verifiable Computing has been getting a lot of traction stuff uh lately a lot of verifiable computing is more simple I think than this this is sort of um being able to operate in like arbitrary code which is like way interesting I think anyway part one I'm going to talk about some history uh think things are going to get handw wavy uh who here has seen this diagram before yeah yeah so this is this is the cave of Alibaba uh it's from a paper called how how to explain zero knowledge

protocols to your children was written in 1990 uh the general concept of this is you have um you know based on the Alison Bob of uh the wait where am I go yeah it's similar to like Alice and Bob and like some of the schneer stuff but now you have uh Victor who is the verifier and Peggy is the prover so that the names match the first letters that's pretty fancy but uh in general uh you know you have Victor he's there he looks away Peggy runs into the cave and uh what is it uh V Victor wants to determine if Peggy has a magical key that can unlock this door in the middle here and so she runs into the cave uh

and then Victor says like okay now come out of side a and then she goes through the door and then comes out with side a and then that proves that maybe she has the key or maybe she was in side a the whole time and then uh if he tells her to do it like a thousand more times each time it gets you know a one half power of two whatever uh the it gets more and more likely that she does actually have the key but she never has to disclose any information about the key so cuz B uh not uh Victor can't see her like you know unlocking the door or anything but anyway it's just classic

picture diagram you're going to if if you search zero knowledge like on Wikipedia this is the first thing that pops up and it's like the classic diagram that everybody sees but um question are you saying this running somewhere of okay so this is an example of an interactive proof I'm glad you you ask cuz that's interactive all the cool stuff is non- interactive and that's sort of a a little bit newer and I'm not going to talk about that as much quite today but like all the stuff past this is all going to be non-interactive proofs and so this is kind of a silly example but this was like a very early example of like early zero knowledge

stuff and this is kind of what we had very early on the the magical key door lock people figured out a way to do non-interactive proofs for saying like first of all range proofs being like that uh I am possessing a number that's within a certain range and basically you you started getting uh core components of mathematics like you know multiplication and addition that you started being able to get out of uh these proofs and we ended up with zero knowledge gadgets um and so this is kind of a new cool concept uh yeah TW 2019 is when I saw this talk and it was very neat uh but they came up with this fun

system where they were doing uh you know Gadget programming using these tiny zero knowledge proof things that like we know how to build these little kind of pieces and the cool thing you can do with gadgets like very similar to like R gadgets if you've done any sort of like exploitation you build up R gadgets you have these like you know fundamental little chunks that you can break things into and once you have that you get circuitry right uh and you can lay these out uh you know like a circuit so you have your inputs then you can throw your your Gadgets in the thingy and these start looking a lot like components on say like a circuit board like a circuit

diagram kind of thing right and that that's pretty cool uh there's this programming language called circom uh circom is a very neat language and basically what you're doing is uh it's it's very similar to like verilog or like a lot of the other like the circuit description languages you're you're creating a net you're creating this uh zero knowledge circuit to do a thing and uh it sort of very much follows the history of computing uh whereas the next step is we get things it turns out that like if you cram enough circuits together and then you have like a program counter and like a concept of state and like a tape or whatever you get a turning machine right

and then you have State machines and then full-on like virtual machines that can do all sorts of crazy stuff and so this is one of the things that I kind of do at work uh the polygon UK evm it's a it's the ethereum virtual machine implemented in the form of zero knowledge proofs and it's very cool it can let you do all sorts of stuff but it's basically those same circuit diagrams all kind of crammed into one giant State machine uh yeah and things get crazy but uh the funny thing is at the end of the day it's actually just you know this big giant Prime field like this big Matrix that you generate and then you multiply

a polinomial by it and you get an output so the saying like you've seen like a truth table with a circuit like you know you have ones and zeros like for a and b and then you get like a and b a or like what like for any given operation you're trying to do you can build these truth tables and literally what you're doing like when you're writing some of this code is it's um a a massive truth table which actually ends up being backed by a a virtual machine it's I don't know I think it's pretty neat um there's this other group mostly in Seattle called risk zero and I'm not associated with them in any way uh but

they what they did is they did the crazy thing of building a zero knowledge circuit for risk 5 and who here is familiar with risk 5 right that's like that's a real thing that there's like you can compile code to and it runs in this uh virtual machine and that was kind of their big dream right where you can write code in whatever language you want to write to and you compile it and you end up with a program that's uh able to operate in the zero knowledge environment and the cool thing like you can have like Linux binaries things like that like you can do all sorts of crazy stuff and uh what you end up doing is

you're you're running a program and this program can be like arbitrary Linux programs and then at the end it generates that proof that little receipt that you have and that can then be verified by a verifier to show that the execution happened correctly um and it's very neat and I'll I'll get into some applications here we're going to part two applications uh and uh one thing to keep your eye on down here is this uh yeah proof of exploitability is what I'm going to talk about the and I think that's going to interest a lot of the more uh security minded people because I think it's a very cool application but I'll talk about a few of the simpler ones that

have been done in the past five to six years or so um zero knowledge identity uh this slide wasn't originally in here and then I was talking about zero knowledge identity to somebody yesterday and they're like you should put that in your slides uh but uh and this is actually a product that my company works on the uh polygon ID and what and so sorry this is kind of a blurry screenshot but you have an identity holder is somebody with a phone that has like a wallet that kind of operates like a normal like cryptocurrency wallet kind of a thing and you have issuers and the issuer can be like the DMV or it can be Reddit or

it can be whatever and the issuer issues credentials to the identity holder and the identity holder has all these credentials in their phone [Music] and what's really cool is that the verifier being like anybody that you'd want to demonstrate your identity to uh they can make a QR code and you and the QR code kind of resolves into this it's it's almost like a sequel statement but it's a um prove to me that you are a US citizen who is at least the age of 18 uh that you know lives you know west of the Mississippi or something like that and you can make arbitrary queries with QR codes as a verifier and then uh somebody

comes along and they scan the QR code with their phone their phone uses the credentials in the phone to generate the proof of identity and then they send the proof back to the verifier and the verifier knows that this person is you know the the right age the right whatever Place whatever whatever the intention is without disclosing any information about the user or about the the person to the verifier which is super cool in a lot of ways because right now you know you go to a bar and you show your ID it's got you know your home address and like everything on it and that's that's kind of sketchy and we don't need to live in that world there's

a lot of cool stuff here uh tornado cach is a anonymity protocol built into ethereum maybe launched what I think five or six years ago uh it's a very interesting system where you put in money and then you get back this receipt or it's um basically like it's it's a nullifier that you get back and then what you can do later is you prove that uh I am a person who Once Upon a Time put money into this thing and I've never withdrawn it before and that's the proof that you generate in the browser and then you also say send that money to this address over here and then that uh uses the nullifier to then cancel out any future attempts

to claim anything that's in there so what you end up with is a smart contract that you can put money into and then at any point anybody who's ever put money into it can then move money to somewhere else uh with no mathematical way to connect the deposit and the withdrawal which is kind of a cool system um yeah they they got in trouble recently it's the whole thing uh you can talk to me about it lately uh turns out North Korea started using it like four years after it launched and uh a lot of crime and yeah anyway it's it's a whole thing um who who here has uh read or is aware of

the three body problem books yeah so there's this concept called uh the Dark Forest in those books which yeah basically um it's a solution to the firmy Paradox of like you know why we don't see any aliens and the idea is that uh it's very d dangerous out there and if you're caught yelling loudly you will be immediately destroyed uh and so what some people did is they created this um Galactic simulation game and it's a it's a real-time strategy game but they built it entirely using zero knowledge proofs for everything and so it's kind of cool that it's all on chain and if you actually uh watch the history I think they've done maybe four

or five rounds and they they update it every time but you have an entire simulated Galaxy and every time that like a spaceship moves or resources are claimed every action that's done by every user is a transaction on the network but the only thing the transaction says is I am performing a valid State transition and so no information about who is moving to where is lost and the the cool thing about this is like if you know where somebody is you um it is not difficult to destroy them um and that's sort of the theory behind the dark the dark for Theory from the books and then they put it in a game but one of the really cool aspects about

this is they have this uh zero knowledge fog of War concept and so you when you drop into the Galaxy like you're on a planet you don't see anything around you and then you have this little probe that slowly exploring the space around you and the cool thing is you have thousands of other players that are all dropped into other random parts of the Galaxy and they can all they're all uh expanding out and there's no way that they can that any of them can know what the rest of the Galaxy looks like uh but they're all generating the same galaxy um it's using something that they called zero knowledge pearlin noise has anyone played Minecraft Minecraft so uh in

Minecraft you know you start running into the distance and like the landscape uh kind of creates itself it's using uh a really cool math trick called plin noise and based on a given seed it then generates you know everything that you can see out there and what they did in Dark Forest is they basically made a zero knowledge plin noise generator that is generating the Galaxy uh but it's such that you can only know what's next to you if uh you already you can only know what's in a certain quadrant or a certain Square um if you're already sitting next to it and you spend the compute resources to brute force and to figure out what the next spot is and

it's it's very cool to have this fully transparent online thing where you can see all the transactions and you see all the code everything's open source um and there's no way to know where people are even what this area looks like uh it's very interesting I think uh zkl is this whole it's a very trendy buzz word that's been happening a lot lately uh zero knowledge machine learning uh there's a this cool chain called like a zal they do a lot of cool stuff uh worth looking into um one thing that's going to become increasingly difficult is you know you say you pay for like a you know gp4 subscription and you want to do uh a

prompt and you you say something and then you get back a response and the response seems kind of dumb and you don't really know if you're getting the one that you paid for or if you know they're just kind of making it up or they're throwing it to a cheaper model or they're doing whatever but one of the cool things about this is um you can have a if it comes with a proof you can have a 100% guarantee that the query was executed uh appropriately uh in this so so that's kind of neat I think that's going to become increasingly important as uh you know access to machine learning models is likely going to

increase over time and more and more people want to access it and it's going to become more and more in tempting for service providers to cheap out and have you know smaller models and give giving results that are like cash and different things and uh you're you're going to want to know that the the resources that are put into it are actually the the ones that you're paying for so it'll be interesting blockchain scaling here's this post from uh vitalic is the person who created ethereum a million years ago and in 2020 he laid out this road road map for what he called a a rollup Centric ethereum road map there's a concept of recursive

proofs uh and the idea is you know so you've done a piece of compute you have the proof 10 other people have done a piece of compute they've got you know 10 proofs also you take those 11 proofs you bundle them up you do a little computation that says okay these 11 proofs are legit and then that pops out of proof and then so that one person only needs to now verify that one proof and then recursively uh they have all the um the rest of the information they need need and the cool thing about this is it starts to look a little uh blockchain and the thing is uh you no longer need to track the entire state of

the network to verify that something's legitimate because you know that instead of keeping the entire history of the chain around and carrying it everywhere uh you have the rollup that knows all the previous transactions are legitimate and the one before it is legitimate therefore all these State transitions are legitimate and the current state of the network is a legitimate State uh which is kind of cool these are called rollups so anyway the thing that I think gets the attention of a lot of security people is uh proof of exploitability um I talked about being able to do computation in such a way that uh it pops out a little proof that you did it correctly and one of the cool things

about that is that you don't need to disclose all of the inputs or all of the outputs you can disclose some of the inputs or some of the outputs but you can choose which inputs or outputs you want to disclose and you know that uh you have a a 100% guarantee that things are executed correctly and so what you can do is you create a program and that program is basically some sort of say like a virtual machine running a piece of software and it can even be like an entire Linux environment it can be whatever you want uh anything that can run inside of a you know a state machine or whatever uh and you have a set of inputs and one of

the inputs can be the exploit payload right and then you run it and then it does some sort of either like a memory corruption it touches a file it does a thing it has some sort of effect and that can be the output and so what you can then do is you can say hey here's this program that is this uh like a test harness for this piece of software here's what I can do to it uh here's like you know a hash of my input and you don't have to disclose the actual exploit to be able to prove 100% that you have the capability to perform this capability like on on this piece of

software so you can uh you can you can plug this in not not necessarily like through aover but you can plug this VM into say your fuzzing environment throw it on a bunch of servers have it fuzzing for whatever months or something and then it pops out an exploit and then you can feed that exploit into the prover and then you can use that proof to show people like hey I can do this thing um which is very interesting I think and I think that starts to blow a lot of people's minds of like what what that's actually capable of because then that means uh you know triage like you don't have to argue about impact or you don't have to

argue about uh you know is this a real bug is this not a real bug like what's the thing because you have the exact situation in which this bug Works um but then also it doesn't need to disclose so you can uh yeah you can prove it without having to necessarily uh yes yes question so I have a critical bug against a fairly commonly used bit of Open Source where where I make an uncredentialed request it will tell me effect effectively how to make a credential request M and I can demonstrate that works but I can't contact them they don't reply to their you know registered email addresses I don't want to open a public issue where I go hey here's a

proof of concept uh this is broken um Can is this accessible enough that I could use this to kind of give that to them today not likely today uh because this this little program this VM is something that would need to be created um I do sort of Envision this could be a thing that gets automatically generated by build systems um and then that would be kind of cool uh and then it would be very easy for somebody to just you know once they have an exploit they can just plug it in do a thing do the thing with theover get the thing out and then that would be a lot easier uh there is work

that needs to be done to get this uh I guess production ready or something uh so yeah uh and there's a really good blog from trail of bits wait another question so the VM that I would use to run uh my proof through is that something that the project that I'm auditing would have to create and release or is that something I could create independently and say hey I found this vulnerability and here's this proof and here's some documentation even if that team has never encountered this system before it would be ideal if uh projects created their own you almost call them like you know zero knowledge puzzles or whatever things that uh and these are actually these can be done in

the form of security claims these are basically they're very specific security claims that you know this operation this thing is secure and any piece of software I I would love to live in a world where every piece of software is actually generating these like security claims then anybody can take one of those claims put it in their fuzzer see if it breaks and if it does break they can then take the exploit take the claim run it through this and then be able to prove like okay I actually have this bug and then they can uh get paid for it through whatever bounty system or whatever else um you can do it on your own it you don't need to uh like it

doesn't need to be created by the people that make it um anybody so risk zero the company that I mentioned earlier has uh the has all the libraries has everything in place where you can write uh code to basically Implement uh you know a VM to to do a lot of this but then there's a lot of manual work that needs to be done for that to happen so uh trailer vits in 2020 did this blog post talking about uh using this proof of exploitability the same kind of General concept here and like I I have heard that like in some of the like higher end like intelligence whatever bug markets where if somebody selling like you know a $5 million zero

day or like a $10 million zero day exploit uh that there there exists buyers that are maybe like expecting this sort of thing and I don't know I don't know how much how mature that is uh but it has definitely gained a lot of interest in people that regularly are trying to buy these sorts of exploits because you know when your contact is like some kid from some country that you don't know or whatever and you're offering like you know a 5 million 10 0 million for an exploit um are they screwing with you are they whatever like how do you know this kid is legit or whatever and you could give them the challenge and says like okay use your

exploit in this environment and then give us the proof that it generates and then they can check to make sure that it's legit and that's all kind of a very manual process um I think it could be automated it'd be fun um yeah this is definitely a blog post worth reading uh there was a hack at the uh ethereum Denver conf uh conference that happened in what March this year and or E eth Denver and they did this uh zero knowledge proof of exploitability and they fully built the tool chain out for doing this exact sort of thing with uh solidity smart contracts and it's a little bit easier because um the ethereum virtual machine uh is much simpler uh you can do

proofs pretty easily but it's and this is all on GitHub and so for any given explo you can prove that uh it works for a given thing and it was a very quick like two-day kind of thing but it's a I don't know it's very interesting I think um so sort of the vision here is automated bug markets and the the problems that we Face typically is uh you know bug bug triage is hard um sometimes it's hard to reproduce bugs uh you have to have a pretty knowledgeable group of uh people that both understand the software and then understand um you know security impacts and security things uh and then you know impact is subjective a lot of

researchers will say you know I've got this bug it sets everything on fire you know everything everything is doomed uh but then maybe they don't necessarily understand that the impact you know somewhat limited there or maybe you know maybe it is a big deal and then the researcher can use something like this to prove that they have the capability uh to do something unexpected uh that's very interesting and also you know paying and getting paid is hard too uh we have this whole like industry building up of like you know bug Bounty programs like the the hacker ones and the bug crowds and you have immuni is a is a big more crypto e friendly one but

uh there's all these companies out there that help connect the researchers to the companies and wouldn't it be cool if that was a little bit more you know short circuited and interesting uh and I feel like this is a sort of thing that could be built into Global software supply chain like you could have a build system where people are putting out their security claims or the security claims are automatically generated and then it spits out maybe you know 20 or so different of these like you know ZK puzzles which are like virtual machines that prove the capability to exploit some given issue that they care about question uh it seems to me the challenge

is you have to anticipate all the claims like you know I run a bug I administrate a bug Bounty and a bug bug Bounty program and I couldn't imagine conceiving of all the different claims because some of them I haven't even thought of like how do you solve that problem yeah I mean that that's a really good General security question to is figuring out you know what are the parts of the attack path cuz uh you know very generally you could say um you know people who have access to this interface this API this this open port should not be able to write a file to disk uh or to write a file in this

certain location or something and you can make more General claims and the claims can actually be you know as general as you want them to be uh in the situation too um and say like you have this piece of software it should not be able to like Fork into a shell or something uh and yeah figuring out security claims is difficult does this imply you the researcher has to have your entire software stack in order to do the proof like when you say the call this API it doesn't write to dis does that mean if I'm a SAS vendor I have to give you my entire teex stack to prove that the API doesn't write to a file

yeah so it's definitely more complicated if uh you have a closed source application that's only visible from the internet with like a port kind of a thing uh it works a lot nicer with open source stuff especially well and um with locally running things it runs a lot better so you have like a browser a browser in uh malicious JavaScript should not be able to perform memory corruption operations uh things like that uh things that are local I think make a lot more sense in some of this context so we're not going to see Cloud vendors like Microsoft with their Azure implementation that has issues just being able to publish hey here are the the claims we'd like to see you

prove uh I mean they could like and the cool thing is like they can um yeah you can you don't have to publish the entire stack you could just distill the attack path like typically when you're making a fuzzing harness right like you're pulling out all the useless code you're trying to optimize exactly down to the code you're trying to test and you're cutting everything out and making like the minimal little chunk of a fuzz harness to when you're trying to fuzz just like one component and it would be kind of similar to that I think is um distilling software down into uh the core security claims that you know given this input you can't get

to this state uh so yeah uh what else here um oh yeah it is kind of a cool world where you can have a system where the people that are actually using the software um are contributing uh maybe like if it's software that's purchased if it's software that's you know whatever uh they they could be paying into um into the bounty system like they could have a a smart contract that sits just on the internet that uh you know if you can prove that you have a bug in this thing then you get to take some money and it's neat that you can build a system like that where anyone in the world can just uh you know if if I'm

using events a lot or like some other like piece of software like a PDF reader then I can say uh you know especially if I'm a big company or whatever ever that like I want to know that there's at least you know $100,000 backing this piece of software and so for any given security claim that's been generated you can very visibly see exactly how much money has been put on it to see uh you know how much money uh exists that shows that nobody has decided to take this this bounty yet and it could be because it's more profitable to exploit it in the wild if somebody has a zero day exploit or whatever maybe

they're just using it if it's a PDF zero day and it's only like $100 to claim uh the thing like maybe they can steal more money as a criminal than you know cashing in the Bounty uh but I think it's kind of cool that you can have the sort of global software ecosystem where you could see you know here's all the software that I'm using in my stack I know that all of it has generated these security claims I feel good about the fact that you know an attack is going to have a hard time getting from point A to point B uh and when you have an attack path uh you know somebody can you know drop a PDF

and then get like a shell on a thing over here and you can chain together security claims so you have like maybe like you know three or four different security claims and you know that you know here's like there's like a million dollar Bounty here so you know that's going to be difficult and then uh you know you can you can calculate the exact cost that it would take for an attacker to go from point A to point B uh for any given any given exposure to a capability and you know like maybe they're going to go this path or whatever but this path has you know a million dollar million dollar whatever then uh but you know

down here there's a little place that lets them skip it and there's only like maybe like a $50 bounty on that and that lets them skip you know the million dollar bug to get to the next component and so you very quickly get to see that like oh this is this is the weak point this is where attackers are going to go for and that's generally what you know what criminals are doing it's what uh you know bug Bounty researchers are doing they're trying to find the cheap ways that they can research uh to to build these paths to get you know the Maximum Impact uh for Min minimal effort or whatever right like you're you're not

trying to uh you know spend much cuz there's always going to be these little Pathways that are kind of unanticipated or whatever so it's very interesting and the cool thing is um you know I want to emphasize that it's it's not even limited purely to software you can build a network diagram of say like an active directory tree or whatever like we have an active directory tree this is our setup we think that uh somebody who gets into this machine over here is going to have a hard time getting domain admin uh and you can actually build that into one of these systems such that if somebody is able to uh figure out a path to it then they

can make the claim and then cash in the claim and get the prize for it and it's can happen in a very public and transparent way which is I think very cool so yay I'm going to talk a little bit about uh that have actually been built in the world uh so a lot of the stuff is happening in sort of the ethereum space and I don't want to go to too blockchain uh but basically um some what what these Technologies let you do is you can have uh new arbitrary virtual machines that are running arbitrary code and the state is managed on the ethereum network which is something that anybody can query anybody can see the current state anybody can

see information about the stuff um and if you want to like move money or resources between things uh it's super easy to do there's all these projects that have ethereum virtual machines and this new project popped up very recently um called eclipse and one of the cool things they're doing uh if people have heard of Solana Solana is like a competing blockchain kind of thing to ethereum uh they implemented the Solana virtual machine uh on ethereum so you can run uh anything that you can run on salana now you can move over to this salana virtual machine that does the same kind of State updates and does all the same kind of code development environment and

everything except the state is now being tracked by like a single state route sitting on the ethereum network which is very cool so for any given Computing environment that you can imagine uh you can have you know zero knowledge x86 zero knowledge whatever uh if you can build the circuit that does the zero knowledge virtual machine thing and to you know track state in various different ways uh you can build these sort of systems that uh can do some very fun applications uh what what I see moving towards this sort of ecosystem is you know a lot of financial transactions there's a lot that goes on today uh it's like a you know trillion dollar kind of Market kind

of thing and uh I think towards the future we're gonna have a lot of uh identity and reputation management uh there some somebody made a a zero knowledge uh Reddit it's called uni unir rep which is a a reputation protocol and so it's very cool that you can have this um it's like you have to own like an nft to be able to view a certain like basically subreddit and then once you can view it you can vote on things and then you know that everybody's votes vote counts are accurate but you don't know who voted for what and all the votes uh you know everything happens publicly there's no private backend database that like has the information

it's all just happening and I don't know that's kind of a cool thing um there's a lot that I could see happening with the you know personal data management backup stuff uh like I was saying about the global software supply chain I think it would be very cool if uh a lot of these the the zero knowledge like Puzzles and the security claims are actually built into you know the build environments so somebody you know when somebody builds a browser maybe it pops out you know 40 or 50 of these little puzzles or whatever that uh people can then try to solve and if they solve them that means that they have a an exploit

or some sort of capability and uh it it doesn't even need to be you know fully from you know zero click whatever to a shell or whatever it's going to be much smaller little security gaps which is typically how a lot of say like browser exploits happen is you're chaining together you know four or five vulnerabilities or whatever and each one of those four or five vulnerabilities could have been broken into a separate uh you know security claim that you can't go from this input to get this corruption and go from this corruption to get this whatever uh and so I don't know so it it also gives like economic value to bugs that actually can't really do much today like

if you only have you know piece number three in like a four-piece puzzle that you would normally need for code execution uh maybe that's a big deal maybe that's not a big deal but like uh with this sort of financial when you can see how much is backing the different claims then it gives I think a much better impression of you know what is the actual security model for this piece of software uh also homomorphic encryption is a thing uh which lets people compute on data that they can't see and that is uh there's some really cool stuff coming out in 2024 that's going to uh focus on a lot of homomorphic encryption so that

might be uh the the new buzzword because that's been around for a while but uh applications have been lacking question coming out

for uh I inur yeah a lot of people are like oh why can't you just like so many reasons but yeah I I forgot the name of the project uh but it was I'll look it up and I can get back to you but uh yeah that that's that's my last slide uh call to action learn cool um [Applause] that's so yeah uh wait microphones water uh this all says zero knowledge stuff this is clearly some knowledge to be had here it happens it happens did everyone acquire zero knowledge of I don't know there there there's there exist puns and I didn't spend enough time thinking about them I think but any more we got

yeah

so you talked a lot about ethereum and blockchain being the backbone of these Technologies which I think is really uh has a lot of potential it's great but in my experience if you're underlying medium is worth thousands of dollars the gas fees in dust alone could be like hundreds of dollars for a single transaction which could be something like a move in a game of chess like are you going to pay $200 to move your night um what it seems to me like it would be better if the system was worthless right like I mean I there there gets to be some uh the tra tragedy the commons type incentive issues uh when you have things

completely worthless or free or any uh but there is um one of the cool things about these rollups is you no longer have a world where every single state transition needs to be verified by every note in the network work any given State transition now only needs to be verified by one person somewhere anywhere ever uh which allows a lot of the current computation a lot of the load on the the nodes that are running to be reduced and uh it's going to reduce fees so the project that I work on like we there there are new technologies that get rolled out and I feel like every time that there's a new roll out of a a

new proving system or a new whatever uh it's always like a 10 to 100x order of magnitude uh you know there like multiple orders of magnitude uh cheaper fees cheaper uh proving systems and like Computing systems are getting better and there's a lot of uh like Silicon is being adapted to be good at zero knowledge proofs now so uh it's that's pretty neat uh it it should not be expensive to do something like you know logging into a website or like updating your preferences to dark mode or something like that yeah I definitely agree that it shouldn't cost like $10 to like update a setting or something um that doesn't make sense but I think as scalability improves I think

there's um some cool stuff there yeah I guess I'm saying it shouldn't be like a attached to a volatile commodity that goes up and down it should be more related to like what you're saying compute cost right yeah yeah and yeah that's the whole thing yeah um oh sorry so is this meant as a replacement for like the um like amds like uh svm uh where instead of a instead of like having a hardware root of trust which can attest like State um you you don't have a hardware root of trust at all yeah there there's this really funny um was it like par Parallax kind of thing with the you have like trusted Computing right and then a lot of this

is like trustless Computing like not needing to trust any specific uh you know root of trust like you trust the math you trust the code math has bugs code has bugs we got to fix we got to fix the bugs um but you for this sort of thing you don't need to have uh that sort of root of trust and there there is is still a lot of utility in a lot of those you know secure Enclave kind of environments uh and so it's not necessarily trying to compete or like OB obsolete that stuff um there have been a lot of people who have built apps inside of these kind of trusted environments and then if the thing

computes and it comes out the other side they figure it's good because it's in the trusted environment um I think that is a sort of thing that will be replaced um but yeah it relying on something sitting on on the machine to to do that sort of stuff is kind of scary uh there have been attacks there was the the secrets network uh situation where they were doing some of their transaction validation in a I think like an sgx container and basically an academic group they spun up a node they became an active validator and then they cracked open their sgx container and then like pulled out the secret keys and could steal all the money right and so that's

not it's not great when your network fully relies on you know some little piece of Hardware that somebody can dip into um it makes things more expensive which is good uh but if an attacker can get you know $100 million by spending you know a million on like a fib and different Hardware to like to extract keys or whatever then that that's what's going to happen my question was can we talk to you later which I'm going to do now yeah I'll I'll be here all day [Applause] [Music] something