Diff between f6cb63a2 (main) and 07c56820 (PR)

• openvmprover +1 -1 Viewed

  • milestones +1 -1 Viewed

    [
      {
        "title": "Plonky3 final polynomial degree check vulnerability",
        "title": "[Disclosed vulnerability] Plonky3 final polynomial degree check vulnerability",
        "url": "https://forum.scroll.io/t/security-council-report-scroll-mainnet-emergency-upgrade-on-2025-05-26/810",
        "date": "2025-05-26T00:00:00Z",
        "description": "Fix of a bug in OpenVM that was analogous to an identified vulnerability in Plonky3 library.",
        "type": "incident"
      }
    ]

• risc0 +9 -2 Viewed

  • milestones +9 -2 Viewed

    [
      {
        "title": "rv32im circuit soundness vulnerability",
        "title": "[Disclosed vulnerability] rv32im circuit soundness vulnerability",
        "url": "https://x.com/RiscZero/status/1935404812146725042",
        "date": "2025-06-18T00:00:00Z",
        "description": "Release of risc0-zkVM 2.1.0 with a fix of a missing constraint in rv32im circuit that affected any 3-register RISC-V instruction.",
        "type": "incident"
      },
      {
        "title": "Underconstrained division vulnerability",
        "title": "[Disclosed vulnerability] Underconstrained division vulnerability",
        "url": "https://x.com/RiscZero/status/1952503598056882225",
        "date": "2025-08-05T00:00:00Z",
        "description": "Release of risc0-zkVM 2.2.0 with a fix of a signed integer division soundness vulnerability.",
        "type": "incident"
      },
      {
        "title": "[Disclosed vulnerability] Critical malicious host vulnerability",
        "url": "https://x.com/RiscZero/status/1973490104883990791",
        "date": "2025-10-02T00:00:00Z",
        "description": "Release of risc0-zkvm versions 2.3.2 and 3.0.3 with a fix of critical vulnerability where a malicious host can write to an arbitrary memory location in the guest.",
        "type": "incident"
      }
    ]

• sp1 +2 -2 Viewed

  • milestones +2 -2 Viewed

    [
      {
        "title": "Plonky3 FRI size check vulnerability",
        "title": "[Disclosed vulnerability] Plonky3 FRI size check vulnerability",
        "url": "https://x.com/SuccinctLabs/status/1905818676848406801",
        "date": "2025-03-28T00:00:00Z",
        "description": "Fix of a Plonky3 library soundness issue that affected the security of SP1 zkVM.",
        "type": "incident"
      },
      {
        "title": "Plonky3 final polynomial degree check vulnerability",
        "title": "[Disclosed vulnerability] Plonky3 final polynomial degree check vulnerability",
        "url": "https://x.com/SuccinctLabs/status/1929773028034204121",
        "date": "2025-06-03T00:00:00Z",
        "description": "Release of SP1 V5.0.0 with a fix of a Plonky3 library issue that affected the security of SP1 zkVM.",
        "type": "incident"
      }
    ]