Zero-knowledge (ZK) protocols have recently found numerous practical applications, such as in authentication, online-voting, and blockchain systems. These protocols are powered by highly complex pipelines that process deterministic programs, called circuits, written in one of many domain-specific programming languages, e.g., Circom, Noir, and others. Logic bugs in circuit-processing pipelines could have catastrophic consequences and cause significant financial and reputational damage. As an example, consider that a logic bug in a ZK pipeline could result in attackers stealing identities or assets. It is, therefore, critical to develop effective techniques for checking their correctness. In this paper, we present the first systematic fuzzing technique for ZK pipelines, which uses metamorphic test oracles to detect critical logic bugs. We have implemented our technique in an open-source tool called Circuzz. We used Circuzz to test four significantly different ZK pipelines and found a total of 16 logic bugs in all pipelines. Due to their critical nature, 15 of our bugs have already been fixed by the pipeline developers.

翻译：零知识（ZK）协议近年来在身份验证、在线投票和区块链系统等领域获得了广泛的实际应用。这些协议依赖于高度复杂的处理管道，这些管道处理由特定领域编程语言（如Circom、Noir等）编写的确定性程序（称为电路）。电路处理管道中的逻辑缺陷可能引发灾难性后果，造成重大的财务和声誉损失。例如，ZK管道中的逻辑漏洞可能导致攻击者窃取身份或资产。因此，开发有效的技术来验证其正确性至关重要。本文提出了首个针对ZK管道的系统性模糊测试技术，该技术利用蜕变测试预言来检测关键逻辑缺陷。我们已将这项技术实现为开源工具Circuzz。通过使用Circuzz测试四个显著不同的ZK管道，我们在所有管道中累计发现了16个逻辑缺陷。鉴于这些缺陷的严重性，其中15个已获得管道开发者的修复。