SP1 Recursive Shard Verifier Soundness Vulnerability
Vulnerability
A soundness vulnerability has been identified in the SP1 zero-knowledge virtual machine, specifically in versions 6.0.0 prior to 6.0.2. This vulnerability allows a malicious prover to create a recursive proof from a shard proof that would normally be rejected by the native verifier. The issue arises in the V6 recursive shard verifier, where the consistency check between commitment binding and polynomial evaluation is missing. This gap can lead to misrepresentation of the circuit structure and potential data forgery.
Impact
Exploitation of this vulnerability creates a soundness violation in the SP1 V6 recursive shard verifier, allowing for the construction of misleading proofs that could be accepted as valid, thereby undermining the integrity of the verification process.
Remediation
Users can upgrade to SP1 version 6.1.0, which addresses this vulnerability by adding a consistency constraint that ensures both commitment and evaluation witnesses describe the same trace geometry, preventing the exploitation of the soundness gap.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.