00:05: Anna Rose: Welcome to Zero Knowledge. I'm your host, Anna Rose. In this podcast, we will be exploring the latest in zero knowledge research and the decentralized web, as well as new paradigms that promise to change the way we interact and transact online. 00:28: This week I'm doing an episode all about ZK Hack, another project that I'm involved in. You've definitely heard me mention it on the show before, and we wanted to share a little bit more about what it is. So ZK Hack is a project we kicked off in 2021. It's separate from this podcast. It's got a different company and partially a different team, and it started as an online event, but has since become an educational hub. For the first part of this episode, Kobi and I share more details about the history of ZK Hack, how it evolved, and what kinds of things are happening in the ZK Hack ecosystem today. We just recently wrapped up ZK Hack IV online, our four-week event, and so we also share a little bit about how that went. In the second half of the episode, Nico and I do mini-interviews with our top three ZK hackers, the folks who competed in our puzzle hacking competition and won. We've always heard that our ZK Hack puzzles are pretty challenging, but according to these winners, it seems they were easier than we thought. And this is really surprising to hear. We did also learn that all of our winners are experts in CTFs, so maybe there's a connection there. Anyway, it was really fun to hear from them about what it was like to hack on our puzzles, what their favorite puzzles were, and how we could make these even better next time. So yeah, join us as we dive into the ZK Hack world. Now, before we kick off, I would love to point you to the ZK Jobs Board. We are getting amazing job postings there from top teams working in ZK. So if you're looking for a new job and want to work with the best in the field, be sure to check it out. Also, if you're a company looking to hire, you can post your jobs on the ZK Jobs Board as well. I've added the link in the show notes. Be sure to check it out. Now, Tanya will share a little bit about this week's sponsor. 02:08: Tanya: Aleo is a new Layer 1 blockchain that achieves the programmability of Ethereum, the privacy of Zcash, and the scalability of a rollup. Driven by a mission for a truly secure internet, Aleo has interwoven zero-knowledge proofs into every facet of their stack, resulting in a vertically integrated Layer 1 blockchain that's unparalleled in its approach. Aleo is ZK by design. Dive into their programming language, Leo, and see what permissionless development looks like, offering boundless opportunities for developers and innovators to build ZK apps. This is an invitation to be part of a transformational ZK journey. Dive deeper and discover more about Aleo at aleo.org. And now, here's our episode. 02:51: Anna Rose: So to start this episode off, I'm here with Kobi Gurkan. Hey, Kobi, how's it going? 02:57: Kobi Gurkan: Hello, I'm good. 02:59: Anna Rose: Our goal with this episode is really to revisit the ZK Hack project and focus in on ZK Hack IV, an event we just recently wrapped up. And we're going to be later on in the episode interviewing the winners of the ZK Hack puzzle hacking competition. But yeah, I think what we wanted to do to start it off was just to give a bit of a framing for this project, for ZK Hack and also the puzzles. Often people kind of confuse this podcast, the Zero Knowledge podcast with ZK Hack, but they're two different companies. And actually I'd say they're really developing as two different teams, two different communities. And I want to do a little sort of revisit of what we had come up with originally. You and me, Kobi, we first developed ZK Hack in 2021. And yeah, I want to talk a little bit about how that's evolved. Do you remember when we first kicked this off? 03:54: Kobi Gurkan: Yeah. So I remember we were talking about doing some kind of hackathon or in-person event that would be around people using ZK. But back then, we had global challenges. 04:11: Anna Rose: True. We couldn't travel. 04:12: Kobi Gurkan: Yeah, and that wasn't really an option, or maybe not a favorable option. Yeah, and I shared with you that I had this desire to do online hacking competitions around cryptography and ZK with the goal of having people learning. And I think that's when we started thinking about ZK Hack seriously. 04:40: Anna Rose: And yeah, back then, I don't even think it was only the fact that we couldn't travel to do an IRL hackathon. I always think of it like even though there were tools, I really don't think a hackathon would have been that productive at that point. Like, I don't know if people could have really built that much. 04:56: Kobi Gurkan: Yeah, the tooling has evolved very significantly since then, I agree. 05:01: Anna Rose: Yeah. So back then we started off with a seven-week event. Kobi, you had this idea of doing these puzzle competitions a bit CTF-like, and the way we mapped out the event was to have one workshop every week. So like every Tuesday we were meeting for workshop and then in between that we would run this puzzle hacking competition for one puzzle. And so overall we did seven weeks of workshops and in between six puzzles and it was quite a feat. It was pretty intense. And I know that at the end of that, our team was pretty tired. We actually recorded an episode so that I'm going to find this, dig this up and add it in the show notes, but that was after the first ZK Hack event. The reason we wanted to do an event, like a podcast at the time was, this was the first time we had done it. It gave us a chance to showcase some of the winners and say thanks to the team. Since then, I don't think I've really covered ZK Hack on the show when I think about it. So this is a bit of a revisit to the project. And because we just wrapped up our fourth online event, I thought it would be kind of a good time to do that. 06:15: Kobi Gurkan: I completely agree. 06:16: Anna Rose: So I want to talk a bit about what ZK Hack has evolved into. People might know it as a hackathon series, or they might know it as an online puzzle hacking competition, but it's actually like a full ecosystem of things, channels. We do all sorts of things over at ZK Hack. I know that in the first kind of intro talk for ZK Hack IV, I actually shared a graphic, which was like a map of all of the different things. And I'll try to dig that up and obviously add a link to those videos, to the show notes. But I also wanted to just cover it here because I think people might have heard about some sort of content with ZK Hack in the title, and so I just want to kind of map it out for everyone. So the way we think of ZK Hack is almost like a website as a hub. So if you go to the zkhack.dev website, you can see a lot of the things that we're doing. We also have a Discord that's super active. 07:13: So from the website, you can find links to the YouTube playlist, to our Twitter account, to the blog. You can see previous puzzles, ZK Mesh, which is a monthly newsletter, something that I think that started like over two years ago, that is now under the ZK Hack umbrella. So if you're looking for a place to just get updates about the latest research, we send this out once a month. You can find that over on the zkhack.dev website. You can find the link to sign up for ZK Mesh. ZK Hack is also the team that built the ZK Whiteboard Sessions. So this was this educational multi-part video series. And so I don't know if you've heard me mention that on the show. I think probably I have over the years mentioned that. I think that series really helped me to understand the actual fundamental building blocks of ZKPs, even though I had been talking about them for years and interviewing these researchers, I never really got a real sense for it until I watched those ZK Whiteboard Sessions closely. 08:15: And then on the Discord side of ZK Hack, like over in the Discord, we do things like we have study groups about all sorts of different content pieces. So for example, there is a study group running right now looking at the ZK Whiteboard Sessions. So what they do is they watch a video, and then every week there's a small group of people who get together and meet and talk about it and figure out what did they understand well? What did they not understand well? And then they'll bring in kind of more expert people to help them navigate that. Justin Thaler has been running a study group over in the ZK Hack Discord since the end of 2021, at least. And he's run through three cohorts of the study group. And so in that, he goes over the book that he had written, and it's kind of a living document that he updates and he runs these study groups. And then kind of from the feedback of the people doing these study groups has changed and evolved the content. 09:13: Just recently a team, like a group of people, wrapped up the MoonMath Manual study group, which was the longest single one, I think. It was like over six months. That was very cool. Yeah. And we've done some other ones as well. That's actually a place anyone listening, if you're interested in joining a study group, definitely head over to the ZK Hack Discord. But also, you might want to run your own study group. If you have a piece of content you're really into, you think people would like to learn along with you and it's on topic, this is something you could bring up in there too. 09:43: Kobi Gurkan: So I would like to add a few words on the study groups. I think that's one of the coolest things that came out of ZK Hack. They cover both fundamental topics and pretty advanced topics as well. The Thaler book is very extensive and goes into details that you don't usually see in the industry. So it's really cool to learn all of that. And maybe to clarify to people that hasn't seen how a study group is run, it's run pretty professionally, even though it's run by volunteers and people that are around in Discord. You have weekly sessions sometimes, and you run through a series of some kind of structured program. And people are very welcoming and collaborative and there are exercises. It's really worth the effort if you want to get much more into ZK or advanced cryptography, I would definitely recommend it. And yeah, I'm also pretty happy about the ZK Whiteboard Sessions that you led because I've seen people refer to it as one of their favorite resources to catch up on the most interesting and fundamental parts of the SNARK world. So yeah, I would recommend anyone to at least check them out. 11:12: Anna Rose: Yeah, maybe some context on that too. I know I already mentioned the ZK Whiteboard Sessions, but I forgot to mention that the first three modules, so the first three videos are actually... They're from Dan Boneh from Stanford. And he created this sort of mini course on what a ZKP is, sort of on the computer science level. I think what we found in this whole space is that you have these very high level explanations. So you have like the Where's Waldo or billiard ball explanations of zero knowledge proofs. And then you have the papers, which are super dense and hard to follow. And I feel like slowly and surely the middle is being filled in with new pieces of content, courses. I know like, there's been lots of teams that have tried to get some sort of cohort to onboard more people. And I think we're getting there. But yes, ZK Whiteboard Sessions is one of those. Yeah, just to continue on that study group topic, though, those are also, they are run by volunteers in the community, like you mentioned. And what we find with those is often there's like kind of a pile on at the beginning, like you'll have like 100 people be like, yes, I want to be in the study group. And then it definitely goes down over time. But what's cool is the people who are there at the end often really know each other. Like they've been meeting weekly, they might then get to meet up in person sometime, and I think it's a cool way to find obviously fellow learners to learn along with you, but also maybe future collaborators, co-founders, something like that. 12:41: Kobi Gurkan: Yeah. 12:42: Anna Rose: And the last thing I wanna cover though on ZK Hack, sort of the larger ecosystem is the events. As part of ZK Hack, we've done two hackathons. Those are IRL hackathons. So this was ZK Hack Lisbon and ZK Hack Istanbul. Anyone who was at those events or around those events maybe heard about them. So those were our first foray into the actual IRL hackathon land. But before we did the IRL hackathons, we'd actually been running these online events. And as mentioned earlier, that was what first started the ZK Hack project, this online event, it's a very unique format, and we've actually done four of them now. So the one we did back in 2021, end of 2021, ZK Hack ran seven weeks. ZK Hack II or ZKHack Mini ran, I think, in March 2022. And that was a really short one. I think we only did three weeks. And then we found our sweet spot with ZK Hack III, which we ran in November 2022. And for that one, we did four weeks with three puzzles. And I think that's now kind of our format because it's perfect... It's a really good amount of time for people to get to know each other in the community, but not so long that there's like an exhaustion. I think our team also really likes that it's four weeks and we can keep the energy up, I think, if it's just four weeks. And so what we wanted to talk about even in more depth today is ZK Hack IV, which was our most recent online event. 14:18: So we ran this from January 16th until February 6th. We were meeting weekly. The way we would do this is often we have our kickoff at the very beginning, and after that first session, we kick off Puzzle 1. One week goes by, we have one of our partners do their workshop presentation. And this time around, our partners were RISC Zero and Polygon. So that second week session was with RISC Zero. They did their workshop, and then at the end of that workshop, we kicked off Puzzle 2. Polygon presented the week after. After that, we kicked off Puzzle 3. And then our final session was a panel, at which point we kind of concluded the event and shared all of the winners and prizes. And yeah, kind of we could see then how the hackers had performed. So yeah, now I want to talk a bit about this because, Kobi, for this time, you've actually been behind most of the puzzles for most of ZK Hack, I would say, at least in terms of the vision for what it's going to be. We've had sort of partners to build them at times. This time around, though, we wanted to do it with Geometry Research. So maybe can you share a little bit about what your thinking was for ZK Hack IV, maybe how that compares to the previous puzzles, and what it was like to build them? 15:33: Kobi Gurkan: Yeah, for sure, happily. So for ZK Hack IV, the theme that we had in mind was what can go wrong when you try to write security proofs by hand-waving it and just kind of collect references and say, this was done there a bit differently, this was done here a bit differently, and if you take all of this together and write it very convincingly, maybe you have a secure system. But that doesn't always work. And that was the theme that we had. 16:10: Anna Rose: Is this kind of like... I'm trying to imagine how this happens. So you have these different pieces, each have been proven, have been, like there's some security proof, everyone feels confident about using them, but is it in the gluing them together that you make the mistakes? 16:25: Kobi Gurkan: So it might be in the gluing them together. That was one of the puzzles that we had. And other cases would be that you don't really look into the properties that you really need from the primitives that you're using, for example, elliptic curves. And just saying, okay, I have an elliptic curve here, and I have an elliptic curve here, so they're interchangeable., but that's not always true. And that's another puzzle that we had. 16:53: Anna Rose: Nice. 16:54: Kobi Gurkan: If you look at previous ZK Hack puzzles, you might notice that they were also touching around these kind of topics. So we had this hash to curve puzzle where the random oracle wasn't good, and so on. But in previous puzzles, we didn't focus very heavily on the security proof part, where you were just presented with some implementation and a broken protocol, and you would have to hack it and create false proofs and so on. But here we really try to make it convincing that these protocols are secure, but they are not. So that was kind of a change in the theme. And I think it was pretty fun to create those. It's pretty fun to see how to do proof by convincing and how it doesn't really work all the time. 17:51: Anna Rose: This time around, you used Arkworks as kind of the language of the puzzle, but I know there was a time where you used a different language, I think, right? It hasn't always been Arkworks. 18:02: Kobi Gurkan: True. Very true. We indeed used Arkworks for a lot of the ZK Hack puzzles, and also this time in ZK Hack IV, because it's pretty flexible, very configurable, you can use many different kinds of elliptic curves, and you can use it for SNARK work, you can use it for general advanced cryptography, so BLS signatures and stuff like that. But in ZK Hack Mini, we've used Winterfell, which is from the Polygon team, because there we wanted to focus on STARKs and FRI. And we had some broken errors and we had really explanatory puzzle around how to hack FRI if you have too few queries. So that's why we used Winterfell that time. And, but still I believe that almost every puzzle, if not all of them, used Rust. So that's something that we didn't change. 19:05: Anna Rose: But I wonder, would it be possible to do puzzles with the other ZK DSLs? Or is there certain characteristics that you kind of need in this language to be able to showcase the problems with the SNARKs? Basically, the bugs. 19:19: Kobi Gurkan: That's a great question. Yeah, so I believe that you could make interesting puzzles even with DSLs. So you can make broken circuits in Circom, Noir and so on. But what you might not be able to do easily is change the internals. So what we're trying to do in ZK Hack usually is some self-contained piece of advanced cryptography. And a broken circuit is one kind, which is cool, but it's also something that people may encounter in their day to day, but encountering the deeper parts that usually don't think about in cryptographic primitives and what's behind the ZK DSLs, that might be hard if you want to do it with an existing DSL. That's my intuition. 20:17: Anna Rose: Yeah. I almost wonder if you were to use a ZK DSL too, aren't you like creating the bug? I almost start to think it borders on like a bounty for the ZK DSL itself. Like, what if you find a problem in the... 20:32: Kobi Gurkan: Yeah, that's a problem. 20:32: Anna Rose: I guess you could find that anywhere, but yeah. 20:36: Kobi Gurkan: Yeah. Yeah, for example, one thing that we published a while ago in the Geometry blog was around Groth16 malleability. And there, in order to showcase the kind of problem that you can have, where we focused on public inputs that are not really used in the circuits and how you can change them and so on. There we really had to go into snark.js and change its internals in order to show some problem. 21:07: Anna Rose: Oh, wow. 21:07: Kobi Gurkan: And that feels like not the best fit in ZK Hack, because it wants something that is self-contained and educational. 21:17: Anna Rose: That makes sense. So you just kind of mentioned, though, this work at Geometry Research. I feel like Nico came on the show a few weeks ago and we did the ZK Jargon Decoder and he kind of mentioned Geometry Research. But I know we've been wanting to introduce it. It's kind of a new player somewhat. Like it's sort of like a new player in the field. And Kobi, you're an often co-host on this show, people know you really well, so why don't we do... Like take a minute just to talk about Geometry Research, who were for this edition of ZK Hack IV, the partner. 21:49: Kobi Gurkan: Yeah, let's do it. Okay. So Geometry Research is a company that works on interesting cryptography projects in general, if I could put it in the way that is most exciting. Maybe a bit of history around Geometry, which was a combination of an investor and a research group. What we did three months ago, we spun off the research group into its own thing. And that's what Geometry Research is. And so together with Nico, Andrija, Wei Jie, and Ying Tong, we created Geometry Research. We have a few themes that we really like, that we think will be important for the industry either in 2024 or moving forward. And we collaborate with companies and projects that are also aligned with the topics that we like. And so a couple of topics that we really like are around identity and cryptographic primitive acceleration, and we engage with these companies to build meaningful projects around these topics and release them to the public and create something that is unique and utilizes what we can do best at Geometry Research. 23:18: Anna Rose: I know when you were developing Geometry Research, you were talking about potentially doing audits. Do you guys also do that? Do you do security checks on some of the stuff that exists? Or are you mostly building? 23:31: Kobi Gurkan: No, yeah, completely. We also have some good expertise in looking into the internals of protocols. So we also do security audits. We just finished one a couple of weeks ago, by the way. 23:46: Anna Rose: Cool. 23:47: Kobi Gurkan: And yes, so we collaborate with projects in different ways. Either we do these bigger projects that the result of them is something new and unique that you can deploy, or that we do research that gets published as papers or technical reports, or that we also do security audits and make sure that things are working well. 24:17: Anna Rose: Are there any teams you can already mention you work with? 24:20: Kobi Gurkan: Not yet publicly, but soon. I promise that we will share much more soon. But yeah, if anyone wants to learn more or see what are the things that we're interested in or see how to collaborate, I'll be more than happy to talk to anyone that wants to. 24:40: Anna Rose: Cool. How then do the puzzles fit in? We're partnering on this. You're one of the co-creators of ZK Hack, generally, but how does Geometry working on puzzles for ZK Hack? How is that part of this? 24:53: Kobi Gurkan: Yeah, so I think it fits very nicely into both the fact that we're building new protocols. And so what happens in ZK Hack puzzles is people sometimes building new protocols that are broken. So we're trying to, or this is a way to show maybe what is the wrong way to build new protocols. And that, yeah, we don't do it like that in Geometry Research, but also it ties into the fact that we're rethinking about the internals of cryptography a lot of time. Like that's something that all of the team enjoys that also ties in into us sharing some of the insights that we had when we're working on projects, when we're learning about protocols. And we feel like we sometimes try to change stuff and see how it would affect the project and so on. And we then have some learnings there as to how things can go horribly wrong when you do that. And that's something that we like to share. Like we do that even beyond the puzzles, we write posts and all that. So that's also something that kind of ties in very nicely. 26:15: Anna Rose: That's cool. I was just thinking as you're saying this too, like in ZK Hack, we have these two events that we're doing, right? We do the online events, which are about the bugs in the protocols, and you're supposed to break ZK. And then we have the ZK Hack IRL hackathons, which are about building with ZK. It's not like the hackathons aren't really about building protocol level stuff, although there's always teams that do, where they're doing an implementation, they're actually adding to the libraries that power ZK. Could we ever do a puzzle that is actually about the application level of ZK? 26:53: Kobi Gurkan: Yeah, I think in some sense we already do that, but that's true that it's rare that the puzzle is really about an end-to-end application. 27:05: Anna Rose: Oh, but one of the puzzles did do that? 27:07: Kobi Gurkan: Yeah. I think in some of the puzzles, for example, in puzzle 1, in ZK Hack IV, you were already talking about a potential private transfer or private payment application. And we showed how to break something that is more... It's still at the protocol level, but it's something that is tied very completely to the application and how it's deployed. But yeah, it would be interesting to also see how the environment affects the security of the application. So not only the circuit, not only the cryptography, but also the way that it integrates maybe into the blockchain verifier or even the JavaScript library that communicates with it. That could be really interesting, actually. 27:55: Anna Rose: Yeah, maybe for the next one. 27:57: Kobi Gurkan: Yeah. 27:58: Anna Rose: I think the current cadence for the online event seems to be one a year. It is quite a lot of work for our team to produce it because it's this multi-week event. We often like to do it in the winter, at least in the Northern Hemisphere, because a lot of people are traveling less, a lot of people are sitting at their desk and so they can join us for this online thing. But I think, yeah, look out for next year. We'll probably do it again. And it will either be late this year or early next year where we do another one. I want to just sort of wrap up on ZK Hack IV. We're going to be hearing from some of the winners who actually went through the process of trying to break these things that Kobi had set up and solve these problems. 28:38: Kobi Gurkan: Well, it wasn't only me. We had a bunch of people helping. So Andrija has been very pivotal in making the puzzles and also thinking about the potential hacks. And the rest of the team also helped with some advice or ideas. And in one of the puzzles, we also got help from Mary Maller, which was... She can come up with very devious convincing protocols. And yeah, she did, and that helped us design one of the puzzles. So that was really cool. 29:13: Anna Rose: That's awesome. Yeah, when we wrapped up, so our last session was February 6th, we did the wrap up. We kind of announced all the prize winners. What was kind of nice there was a lot of the top 10 or top 15, there's like familiar faces in there. There's people who've been coming back every single year to do these ZK Hacks. But there was also some new folks. So congrats to everybody who tried their hand at this. And obviously, especially congrats to those who ranked. Usually, those who ranked would have had to have done all three puzzles in a pretty timely fashion. I think this time around, we had almost 60 participants in the puzzle hacking. And the thing is, this is hard, this is very advanced. A lot of those people who are ranking are people who work in ZK companies. You know, like they're not really so much armchair enthusiasts, but really kind of already working in the field. But I know every once in a while we also get folks who are new to the space trying out these puzzles. So it's very cool. 30:16: Kobi Gurkan: Yeah, we meet really good people or yeah, really smart people through this competition. So that's cool. 30:24: Anna Rose: Yeah. So just I want to kind of do a quick roundup of everyone who made this happen. On our team, on the ZK Hack side, we had Agni who's running events, we had Gaylord who's recently joined the ZK Hack team, and he was really helpful behind the scenes with the website and tracking all of these winners. Kobi, your team. Hector helped us on marketing for the event, and Rachel also helped us with some of the admin behind the scenes. So thanks to the whole ZK Hack team. It was so great to get a chance to do this again with everyone. So I think this gives everyone a good description of this event and the whole ZK Hack ecosystem. I do want to shout out two upcoming things that are happening in the ZK Hack world to look out for. There is a new series of ZK Hack Meetups. So these are short one, two-hour meetups in pretty casual, small settings. We've hosted two so far. We've done ZK Hack Lisbon and ZK Hack London. And we're going to be hosting one in Athens around ZK Summit, and we have one planned for Berlin later this year as well. So we're looking to kind of move ZK Hack all around the world to actually get to meet fellow hackers in different cities. 31:35: And we also have our upcoming IRL Hackathon, ZK Hack Kraków. So we announced this in the event. That's going to be happening May 17th through 19th in Kraków. And that's the week before ETH Berlin and the Berlin Blockchain Week. And even though Kraków and Berlin are not that close to each other. They're not that far either. So if you're planning on coming over for Berlin, you might want to also check out ZK Kraków the week before. Yeah, I think that's a pretty good summary of the things going on in ZK Hack. 32:03: Kobi Gurkan: Cool. 32:04: Anna Rose: Thanks, Kobi, for sharing with us the story of Geometry and also all of your thinking around how to develop these puzzles. 32:09: Kobi Gurkan: A pleasure always. 32:11: Anna Rose: Cool. All right, next up, we're going to be hearing from the winners of ZK Hack IV. And yeah, who are the hackers who were able to figure out these incredibly challenging puzzles so fast. 32:26: Nico and I are here with our third place winner of ZK Hack 4, Priyansh. Welcome to the show, Priyansh. 32:32: Priyansh: Hi Anna, thank you for inviting me. It's my first podcast. I'm kind of nervous, but yeah. 32:38: Anna Rose: Oh, don't be nervous. I mean, you're here because you won something, so yeah. 32:44: Priyansh: Yeah. 32:45: Anna Rose: Hey Nico. 32:45: Nico Mohnblatt: Hey Anna, hey Priyansh. 32:47: Anna Rose: So Priyansh, tell us a little bit about yourself. Who are you? What have you been working on? 32:52: Priyansh: Yeah, so hi everybody. I am Priyansh. I'm an undergraduate engineering student from India. And I'm currently in my final year and I'm just working on my bachelor's thesis right now, and the thesis that I'm working on focuses on applying zero knowledge to the domain of electronics. So yeah, that's what I'm doing right now. 33:13: Anna Rose: Cool. I have a question for you. Was this the first time you participated in the ZK Hack Online competition? 33:20: Priyansh: Yes. 33:21: Anna Rose: Really? 33:22: Priyansh: Yeah. 33:22: Nico Mohnblatt: Wow. 33:23: Anna Rose: That's amazing. How did you find out about it? 33:26: Priyansh: Yeah. So actually like before this, I was kind of doing a bootcamp. So there was a zero knowledge cryptography bootcamp by Lambda class. And I think there's somebody like told us that ZK Hack is going to start in like two weeks. So you guys can go and register. So I just found out about ZK Hack from there. Yeah. 33:46: Anna Rose: Nice. 33:47: Nico Mohnblatt: Was that your first contact with cryptography and zero knowledge? 33:51: Priyansh: Yeah, not really. So actually I've been interested in cryptography since my freshman year in college and then I've been pursuing cryptographic primitives and then just like the previous year I came to know about zero knowledge and I've been just diving into it from then, yeah. 34:08: Anna Rose: Amazing. I want to know if you've done CTFs in your past because this is... 34:12: Priyansh: Yes, I've done. 34:13: Anna Rose: You have, okay. 34:14: Priyansh: Yeah, I've done a lot of them. 34:15: Anna Rose: How did ZK Hack puzzles actually compare to the CTFs you did in the past? Like are they similar? I know we say like, oh, they're like CTF like puzzle hacking competition, but yeah, I'm just kind of curious if you would put it in the same category if you see it quite different. 34:31: Priyansh: Yeah, I'd say they're quite similar, but the only difference is in CTFs, you have to get this flag. Now here there's no flag, you just have to kind of crack the problem, hack the challenge, right? And another difference I'd say is at least like I thought like these were problems for speed running, right? So they were... I thought they were kind of easy, right? They're not that complicated. And in CTFs, you usually have really complicated problems. You spend three to five hours on each of the problems. So yeah, these were fun little speedrunnable problems, and they were also fun. Doing them was fun, right? 35:10: Anna Rose: Nice. 35:11: Nico Mohnblatt: Wow. 35:11: Anna Rose: It's pretty funny to hear that you found them easy, because I've always been told by people trying to do this that it's very, very hard. Maybe, do you think what made it easy was that you'd been studying ZK specifically? Or something similar to what we kind of covered in these puzzles? 35:28: Priyansh: So I guess I found them easy because I had all my cryptographic primitives already. And I'd say I also had experience playing CTF. So, yeah, that's why I kind of found them easy. And a lot of the times people just get lost in these concepts. So for example, in the first problem, they mentioned Zcash and cycles of elliptic curves, but if you actually just open up the problem and look at the source code, you'd find that you only need to know how the Arkworks library is like what's the syntax in Arkworks? How to understand the circuits? You don't really need to know all these things, you just need to have some basic cryptography knowledge, like basic elliptic curve knowledge at least to solve the first question. So again, I guess some people would... Even including me, I wasted first 20 or 15 to 20 minutes just searching around like cycles of elliptic curves and Zcash. I pulled up the Zcash specification and then I was like, let's wait a second, let's just look at the problem. And when I looked at it, I found that, yeah, I could just understand what the problem was and I spotted the vulnerability and I was able to exploit it, yeah. 36:39: Nico Mohnblatt: Yeah, that was very quick. I guess the difficulty with that puzzle was working with these cycles and confusing people with different fields and it's impressive to figure that out so quickly. 36:52: Priyansh: Yeah, even I was like looking down papers and then I just said, okay, let's first look at the problem. Then if I need to know something, I'll dive deep into it. But yeah, I didn't need to. 37:03: Anna Rose: You came in second on that first puzzle. The first puzzle's name was called Gamma Ray. I do think like looking at your rankings, you came in second on the first puzzle, 11th on the second puzzle and seventh on the third puzzle. But that first puzzle, it was like, I think the first two, so you yourself and the top were so close, and that the way we weighted it based on how quickly you solved it from when the first person solved it, right. And I think that made the big difference. So that first puzzle got you over the line. 37:38: Priyansh: Yeah. All right. And like, that's the thing. Because like for the next two problems, I had to look things up, right? 37:45: Nico Mohnblatt: You mentioned that the puzzles were fun of the three. Which one would you say was like the most fun for you? 37:51: Priyansh: The most fun... If I talk about fun, I'd say the last puzzle was really quick and for me it was the most fun. 38:02: Nico Mohnblatt: And was one of them the most challenging or were they all easy and breeze run through them? 38:06: Priyansh: Yes, they were all easy but from like... I'd say for speed running from the perspective of speed running, I'd say like the second one was kind of the toughest for me because it involved a first of all aggregate signatures, which I hadn't read about. So if you already knew about it, you had a head start there. So I had to kind of read a bit about it and then come up with the solution. So yeah. 38:33: Anna Rose: What do you think we should do next time that we host an online ZK Hack? Is there anything you think we could do better? 38:41: Priyansh: I mean, I think the problems are fun, and like from a speed running perspective, they were kind of good. But I guess maybe we could have more complex problems because these were like just one single vulnerability and you exploit it, you're done. So maybe we can have some problems that are really close to actually auditing some systems, some real systems. So yeah, that'd be cool. 39:04: Nico Mohnblatt: So chaining different vulnerabilities and getting something more complex out of that. Okay, that's a good idea. 39:10: Anna Rose: Thanks. Priyansh, I want to hear a little bit about what you have planned career wise. So you're now a winner of ZK Hack and this in our community means people kind of know who you are. Yeah, what are you what are you thinking of doing next? Are you going to join a team? Are you going to work in this space? 39:26: Priyansh: Yeah, so I definitely want to work on applied cryptography because that's what I've been pursuing from the last three years. But for now, I'm also open to, maybe found a startup in the ZK space. I'm like, maybe I can apply ZK and do cool stuff with it. It's like ZK is pretty cool, I think. 39:46: Anna Rose: Cool. Do you think you might join us for the in-person IRL hackathons at some point? 39:51: Priyansh: Yes, I definitely would at some point. I wanted to do the Krakow one, but actually my semester is ending on 16th and the event starts from 17, so that's kind of the problem. 40:01: Anna Rose: Oh no, shoot. 40:05: Priyansh: Yeah. Otherwise, I was going to attend. 40:08: Nico Mohnblatt: What is your advice or what would you want to say to the folks who are going to compete next time? 40:13: Priyansh: So first of all, look at the problem first, right? Don't like jump into looking... Like there are many things that they put in the problem to kind of throw you off, right? Well, it's not really throwing you off, it's good to read all these things. But if you're seriously thinking of speed running the problems, you should just first look at the problems. You should follow the top-down approach. So try to figure out what the code is doing, and then if you don't know something, then kind of read about it. So yeah, do top-down, I'd say. Yeah, and that'd be fast, if you're thinking of speed running it. Otherwise, it's good to do bottom-up too, so you first learn about all the systems. And I guess that's a nice learning experience, yeah. 40:56: Anna Rose: Is there a way for people to prepare? 40:59: Priyansh: Okay, to prepare, I guess like most of what you need is the primitives, right? All the primitives that you kind of use in ZK and most of them basically are your like elliptic curves, I guess, and other cryptographic primitives. And if you kind of know them, you are, I guess, good to go. But maybe you also need to have some experience with the system that they have written the code. And so for example, this year they focused on Arkworks, right? So if you already had experience writing circuits or comprehending circuits, which are written in Arkworks, that'd be a good head start. Yeah. 41:36: Anna Rose: Nice. I know that in our, just previously with Kobi, we were talking about potentially trying it out with different languages in the future, but I do know that we always announce early which language or which libraries were kind of like using. So that's a good piece of advice, though, for people to maybe read up on that before it all starts. Awesome. Thanks, Priyansh. Thanks for coming on. 41:58: Priyansh: Thank you so much. Thanks for having me. 41:59: Anna Rose: And congrats again for ranking. 42:02: Nico Mohnblatt: Yeah, congratulations. 42:03: Priyansh: Thank you. 42:07: Anna Rose: So now we're here with our second place winner for ZK Hack IV, Sampriti. Welcome Sampriti. 42:14: Sampriti Panda: Hello. 42:15: Anna Rose: And congratulations on coming in second. 42:17: Sampriti Panda: Thank you. 42:18: Anna Rose: I know that you participated actually as a team. I think you're the only team in the top three. Tell us a little bit about yourself, maybe a little bit about your team. 42:27: Sampriti Panda: Okay. Hi. So I'm Sampriti again. I like to call myself a security researcher interested in a wide variety of things. So I like low level things, like the security of operating systems and mobile apps things like that and then over the last two years I've been getting into zero knowledge cryptography, of course. I started getting into it like just focusing on learning about ZK and then I realized, well, there's a good space for getting into security here, like security is a really important thing here. I mean, so over the last two years, I've been getting into zero knowledge cryptography and I realized security is really important here because we have all this complicated math protecting maybe like, I don't know, billions of dollars. So it was really fun to try to apply to my skills here. And yeah, as my team at Zellic, so Zellic is a smart contract security auditing company, and over the last year, we've been also getting into zero knowledge security. Earlier they were mostly focused on like blockchain. So like Solidity, Solana, things like that. So yeah, as part of Zellic, we do circuit audits. So things like the Scroll zkEVM, for example, I was part of the audits for the circuits for the zkEVM and also Axiom's ZK coprocessor. So those were some really interesting audits and we found a lot of cool bugs there. And yeah, that's my background. 43:48: Anna Rose: Nice. Sounds like a very good position to be coming into ZK Hack with because the ZK Hack Online, because in these competitions, you're looking for the bug, and I guess that's what you do kind of every day. Is this the first time you participated in ZK Hack? 44:05: Sampriti Panda: I think last year, I looked at the challenges, but I didn't have time to do it at that time. So I think this is the first time I'm properly coming in at 11 a.m. PST when the challenges are released. Like everything's blocked out and trying to get it solved as quickly as possible. So yeah, I guess this is the first time I'm actually trying to win. 44:26: Anna Rose: Nice. 44:26: Nico Mohnblatt: Did you find it to be very time consuming? 44:30: Sampriti Panda: I think we solved most of the challenges under like one and a half hour. I think all three of the challenges we solved under one and a half hours. So I guess it wasn't too time consuming in that way, at least compared to, for example, I do these Capture The Flag competitions in general. And sometimes the cryptography challenges there might take like the entire day, like 24 hours, because there's like... I don't know, you have to read like three, four papers and try to understand attacks and implement them. So compared to that, I think these challenges were much more self contained. So it wasn't too bad. 45:06: Anna Rose: You're the second person to mention that having done a lot of CTFs, that these were kind of faster. You are also the winners though. So we know that there's a lot of people that did take a few days to actually solve these puzzles. But yeah, that's cool to hear. 45:23: Nico Mohnblatt: How would you compare these ZK Hack puzzles to CTFs? 45:28: Sampriti Panda: I think the ZK Hack puzzles, I feel like the bug was sometimes more in the code, if that makes sense. A lot of the cryptographic CTF puzzles that we look at, for example, they might be some custom scheme, and you kind of have to figure out issue with... It's more in the math, is kind of what I'm trying to say. And I think those might be a little bit more math-heavy sometimes, and require a knowledge of a lot of the existing attacks that you've done... That have been performed on those crypto systems before. So as an example, a very common type of challenge in CTFs is you have to break some insecure RSA scheme, right? Like, let's say the key is generated in an insecure way, and a lot of the background knowledge you need to know about of LLL attacks. So these are lattice reduction algorithms that are used to solve these kind of challenges. So I think there's a lot of background knowledge of what has happened in the past that you need to know to solve those challenges. On the other hand, for ZK Hack challenges, I felt like If you had a basic understanding of elliptic curve cryptography and pairings, you could kind of just look at it self-contained and try to solve that. I think which was somewhat nicer in a way, like it's better for someone who is maybe beginner to approach these challenges. 46:51: Anna Rose: Nice. I checked out your rankings over the three puzzles. So Zellic as a team came in first on puzzle 1, sixth on puzzle 2, and then second on puzzle 3. Yeah, just looking back over those, what was the puzzle that stands out to you? 47:08: Sampriti Panda: I think the second puzzle was definitely my favorite. Two reasons for that. One was it was like you had to kind of understand this these two kind of schemes. So obviously the BLS signatures and the security properties and then also the proof of knowledge paper. So I had to actually go and read and understand the security properties of proof of knowledge scheme and try to figure out like, okay, what is this scheme doing that maybe a good proof of knowledge scheme should not be doing and something like that. So I think that was definitely a standout. And also the solution was kind of you had the proof of knowledge of all the other participants and you were supposed to combine them in a way to get a new proof of knowledge proof for your invalid key, right? And it was kind of staring at our eyes, but we didn't realize it for a while, like we're just looking like, how do we get this new information that we don't have? And it's like, oh, we already have all of these other proofs. We just need to combine them in a particular way. So I think that was definitely one of my favorites. It was also kind of fun because we were challenging to like use Arkworks in that. Like all of us in our team, a lot of the time was spent trying to struggle with Rust and Arkworks. I remember I spent 10 minutes trying to figure out how to do the inverse mod in one challenge, and it was like, oh, I just didn't do a user trait. And like I was calling the inverse mod function, but it says.. The compiler said it didn't work and it turned out like, oh, I just had to user trait. So that was kind of a challenging part of doing ZK Hack, I think for me. 48:43: Nico Mohnblatt: Did you do everything in Rust or... So I know with some of the earlier puzzles, people used to print out stuff from Rust, do some calculations in Sage and bring it back to Rust and use that as their attack. 48:54: Sampriti Panda: So I would actually verify my attack in Sage first to make sure it works. And once it did work, I was like, well, I have to implement this in Rust now, because I have to send the code to you. 49:05: Nico Mohnblatt: Yeah. So I guess troubleshooting, right? Make sure your solution works, and then it's just about Rust. 49:10: Sampriti Panda: Yeah. 49:11: Nico Mohnblatt: Fair. 49:12: Sampriti Panda: I would say one of our team members is a Rust expert. So I think we just ask him, oh, what's going wrong here, or how to do this? And he would be pretty helpful. So I think that's one good thing about being in a team. I would definitely, if I was solo, I would spend more time just struggling on those things. 49:32: Anna Rose: Yeah. Actually I wanted to ask you a bit about the team setup. Were you all trying to hack on the puzzle at the same time, or was it sort of you were taking the lead and then relying on the others to just kind of help you out? 49:43: Sampriti Panda: So the team was four of us. So it was me, Sampriti, and then Avi, Malte, and Mohith. So there were four of us. I think we would start on the puzzle just like we'd spend maybe like 10, 15 minutes trying to read it on our own. And then we would start bouncing off ideas of each other for a while. And then at some point, one of us would realize the solution. For some of these, it wasn't as obvious. Like the second challenge, it's like you have two stages, right? First you try to break the BLS signature and then second you try to break the proof of knowledge scheme. So yeah, we would slowly get to the attack, and then once it's the implementation stage, I guess all of us would just try to be the fastest to submit. Because of the time constraint, I think it doesn't make sense to try to share code. It's like, well, good luck. Whoever finishes first just submit on your GitHub account. 50:33: Anna Rose: Nice. What do you think we should do different for the future ZK Hack online puzzles? 50:39: Sampriti Panda: I think the number one thing all of us wanted was more puzzles. 50:43: Anna Rose: More puzzles. Okay. 50:46: Sampriti Panda: The other thing was we would have liked the puzzles to be a little bit more time taking and more challenging, I think. I think they were challenging, but because I'm guessing you tried to keep the puzzle self contained, it was like you couldn't make them as hard as you'd wanted to. I'm going back to one of the things I brought up in the CTF point is like we would look at attacks from the past, like some common attacks, maybe attacks on elliptical pairings, those kind of things. So I'm sure that increases the difficulty a lot, but I think it also increases how much you learn from doing these challenges to try to understand the academics behind these. So I think that is something we would definitely appreciate more if that happened in the future. I haven't done the previous challenges, so I don't know how much this existed in the past, but this was just going off the challenges from this year. 51:35: Anna Rose: I was about to ask you that, because we have this page full of the previous puzzles, and Kobi's not on here. Kobi was designing basically all of those. But I'll add this in the show notes for anyone who wants to take a peek and also use MPT if you want to have a look at the previous ones. But this is great feedback for us. You know, we're always trying to kind of make ZK Hack better. So this is great. 52:01: Nico Mohnblatt: It's funny because ZK Hack also has this... So it is kind of Kobi's brainchild in some way, like these puzzles. The spirit behind the early ZK Hack puzzles, at least, were to be very practical. So a bit further away from papers and like, oh yes, these classic crypto attacks and more into like, hey, here is a subtle mistake that's kind of hard to find, but also you'll learn from if you find it. I'm sure we can find a way to marry both of these. 52:24: Anna Rose: Nice. 52:25: Sampriti Panda: Yeah, I was thinking of something like, oh, I implemented a new scheme similar to Plonk, but oh, we made a mistake in like the Fiat–Shamir process and try to break it. So it's kind of novel, but also somewhat similar to existing attacks. So it's not like you can just pull an attack from the frozen heart blog and just use it, but you still have to make it up on your own. 52:50: Anna Rose: I sort of wish Kobi was here too, because he might have had that thought or we may have already done that. But I don't know. 52:57: Nico Mohnblatt: So I know definitely Kobi has some stuff about, for example, trusted setups. What happens if someone keeps the toxic waste? And he has, I think, a whole article about how to make fake proofs in that case. I know that we discussed Fiat–Shamir because there are so many bugs that arise from Fiat–Shamir, but we almost felt like, is this too obvious? Are people going to find it too quickly? And that's why we didn't go for something like that. But yeah, maybe another time you can have Kobi and Andrija go through their process and explain how they came up with the puzzles. 53:29: Anna Rose: What's next for Zellic, the company? So you're doing audits and you're moving into the ZK space, or it sounds like you've moved into the ZK space. Are there any tools or anything that you'd be building on your side? Like I know there's other auditing firms that are exploring formal verification and stuff like that. 53:45: Sampriti Panda: So we have a couple of people who already work on formal verification on the Solidity side, for example, for smart contracts in variant testing, but also for ZK, we have an internal project where we are trying to understand how we can formally verify circuits, which are made in Halo2, for example, which might not be as straightforward because they're laid out on a table instead of a formal language like in Circom. So yeah, those are some of the things we're looking at. We're also looking into moving into new cryptographic algorithms. So a lot of companies are using MPC to build MPC wallets or other forms of technologies like machine learning using MPC. And often these are custom or novel cryptographic schemes, which might need closer inspection, obviously, because it's never good to roll your own crypto. So yeah, those are some of the other things we're also trying looking to move into. 54:35: Anna Rose: Nice. 54:36: Nico Mohnblatt: We asked this also to the previous participant, but what would your advice be to folks who want to compete in the next ZK Hack puzzles? 54:45: Sampriti Panda: I think I would say to go look at CTFs. That's how I got started, that's how a lot of my friends got started. In fact, there's this amazing website called CryptoHack, which has a lot of cryptographic puzzles starting from a very beginner level, like you start breaking Caesar ciphers and XOR ciphers and going all the way to you break Ring/LWE and lattice based schemes. So I think that's actually... If you try to solve the challenges from zero to 100, it's like a formal education in cryptography almost with all the papers you have to read and all the attacks you want to understand. And once you finish that, I feel like it's pretty easy to get into zero knowledge cryptography, read the papers, try to understand the attacks. On the other hand, if you're not too interested in the math side of it, of course, there's a lot of like, Cirom circuits where you can just think of it as like a programming language, right? It's just reading code. You don't really need to understand too much math beyond modular arithmetic. And I think that's another way to get into zero knowledge cryptography. So there's like two avenues. Either you go to the math side or you go to the programming side. 55:51: Anna Rose: But what about for the next ZK Hack participants, the puzzle hackers? 55:55: Sampriti Panda: Oh, the puzzle hackers. Yeah, I would say CryptoHack and because I think those CTF challenges are pretty similar. And yeah, like I guess I try the ZK Hack puzzles from the past, which I need to do because I haven't tried all of them yet. 56:09: Anna Rose: Sounds good. Cool. All right. Thank you so much, Sampriti for coming on and congratulations on being second at ZK Hack IV. 56:17: Nico Mohnblatt: Yeah, congrats. 56:18: Sampriti Panda: Thank you so much. 56:23: Anna Rose: We are now here with our first place winner for ZK Hack IV, Nicolas Iooss. He's also known as Niooss-ledger on our leaderboard. Welcome to the show, Nicolas. 56:34: Nicolas Iooss: Thank you. 56:35: Nico Mohnblatt: Welcome from one Nico to another. 56:37: Anna Rose: Yes, exactly. There's two Nico's on this one, so we'll have to clarify. Nicolas, this is your second time coming in first place on a ZK Hack competition.And I know you did at least one other ZK Hack, because I saw you came in second, I think on the first one we ever did. Did you also do the ZK Hack mini, or was that the one you skipped? 57:02: Nicolas Iooss: Yes, I also participated, but only with the first challenge, because actually with the second one, I had to travel to the other side of the world, so I wasn't able to compete. 57:16: Nico Mohnblatt: All right, to give people a chance, I understand. 57:20: Anna Rose: That's crazy. So you've done all four ZK Hacks? 57:25: Nicolas Iooss: Yeah, actually with the first one, it's thanks to the first one that I discovered the world of zero knowledge. At that time it was a colleague from my work who said, hey, there is this new CTF event with zero knowledge, it sounds amazing. So it was actually the first ZK Hack event. So I was like, oh, it sounds very interesting. It's new stuff and let's learn about this. 57:52 Anna Rose: Damn. You came in second on the overall picture, but I'm guessing like the first puzzle you would have had to do a lot of background reading to be able to get into it. 58:02: Nicolas Iooss: Well, I'm already quite knowledgeable about applied cryptography, so I already know a lot of things and I already wrote some Rust a lot. So I had a bit of background, but not in zero knowledge, but it was quite easy in a way to come in with puzzles, at least. Maybe easy is not the right word, but I don't come from nowhere. 58:30: Nico Mohnblatt: Actually, Nicolas, I'm curious about your background now that you mentioned it. And since we're both French and I know Anna speaks some French... 58:38: Anna Rose: I do. 58:39: Nico Mohnblatt: How about we conduct some of this in French? 58:42: Anna Rose: Yeah, we're going to switch. 58:44: Nico Mohnblatt: Amazing. Nicolas… [speaking French] 1:00:42: Anna Rose: Okay, to our listeners who don't speak French, we're going to switch back for you now. To anyone who speaks English and French, you've just gotten some insight into Nicolas's background working at Ledger. And so I guess this is the Ledger Ledger, like the Ledger we all know and love, right? Is Ledger going to use ZK on some level? 1:01:06: Nicolas Iooss: Actually, I don't know. There have been some projects, but it's like some proof of concept, so on and so on. So I'm pretty familiar with the concept. We're working with blockchains which are using zero knowledge, obviously. I don't have any idea if there are products who really use zero knowledge. 1:01:27: Anna Rose: Got it. So let's bring it back to the ZK Hack IV, and the actual event that we just wrapped up. So, as mentioned, you would come in first for ZK Hack III, and I think you got all the prizes for that, come ZK Hack IV, Puzzle 1, you actually came in third place for Puzzle 1. For Puzzle 2, you came in second place, and then for Puzzle 3, you came in first place. So it's just kind of like a steady stepward up, ramping up for you, yes. 1:02:03: Nicolas Iooss: The difficult part is that now I have a boy who was two months old. So in the evenings I also needed to take care of him. And that's why I needed more time in some challenges. 1:02:21: Nico Mohnblatt: Clearly it that didn't stop you. Clearly wasn't enough. 1:02:27: Anna Rose: So one hand you were holding a baby, the other hand you were breaking puzzles for ZK Hack, I'm guessing. 1:02:33: Nicolas Iooss: That's why in the third one, I think it took 15 minutes or something to write because it was like a break when my son was sleeping. 1:02:44: Anna Rose: It was just perfectly timed. Nice. 1:02:47: Nico Mohnblatt: So that's what happened. Over the course of three weeks, you changed your son's sleep schedule to be exactly at the time of the release. Anna, let's go. 1:02:56: Anna Rose: Nice. All right. We've actually just interviewed the other two winners in the third and second place. And one of the things we wanted to understand from them was like, how did you find each of the puzzles? Were any of them extra easy? Were any of them extra challenging? Yeah, how did you find these three? 1:03:14: Nicolas Iooss: From my perspective, they were easier than the previous ones. But at the same time, it's because I already have a background. For example, I already know what the BLS12-381 are. I already used Arkworks a lot. So I heard that some participants were struggling with a type system of Arkworks library. Well, I already used it in the previous editions, so it was easier for me, I guess. 1:03:49: Anna Rose; Nice. That's actually really good feedback, though, to hear that you found the previous ZK Hack puzzles harder. And you think part of it might be because you are familiar with the material now. What could we actually do for future ZK Hacks that you think could actually challenge you, like someone at your level? 1:04:08: Nicolas Iooss: That's a good question. In the ZK Hack Mini, I guess there was a really hard challenge which I didn't manage to solve about the Winterfell implementation where the aim was to reach it, the verifier, because the proving system was using very weak parameters. It was actually quite difficult to check in the right way the verifier. So this is the kind of things which is harder, I would say. 1:04:38: Anna Rose: Do you think using a different language would make this more challenging for you, actually? Like using Arkworks, we've used Arkworks for ZK Hack I and ZK Hack III and ZK Hack IV. And the one you said was really challenging was the one where we used Winterfell, I think. 1:04:53: Nicolas Iooss: Well, actually, I don't know. Because Arkworks, I'm really used to switching to different contexts to really discover new contexts in a fast way. So I don't know whether it will add some additional challenge or it will only make it harder for other participants. I don't know. 1:05:14: Anna Rose: True. All right. Maybe let's throw the question back to you then. So what should we do if not language? What would be another way? 1:05:23: Nicolas Iooss: Maybe something for just on implementation. For example, right now I'm participating in another CTF which is focused on post-quantum cryptography. And one of the challenges is to implement TLS extension to support post-quantum cryptography in TLS in a way which is easy... Which is doable, not easy but doable as a CTF challenge. And I found it quite different from the usual challenges which require breaking things. So maybe a challenge which focuses on implementing or adding some ZK things to an existing protocol or solution or software and evaluating that the integration of the ZK protocol was done right. Or maybe the solution is to instead of trying to break something, taking something which is broken and trying to fix it... 1:06:20: Nico Mohnblatt: Fix it. 1:06:21: Anna Rose: To fix it, yeah. 1:06:21: Nicolas Iooss: And ways to fix broken implementations. 1:06:26: Anna Rose: That's cool. That's a neat idea. 1:06:28: Nico Mohnblatt: So you mentioned you're participating in another CTF right now. Do you do a lot of those? 1:06:34: Nicolas Iooss: Not much now that I have a boy. Well, in the past I did several CTFs in several domains, I would say. For example, several years ago I participated in a CTF related to satellites, which was organized by the US Air Force called Hack-A-Sat. So it was a really nice CTF also to discover all the technologies around satellites, communications. The objective of this CTF was to make people from both the physics of making satellites actually work and people from cyber security work together. And I think it's the same thing with ZK Hack to make people from the zero-knowledge world and people from cyber security or whatever we call it meet to have systems which are more robust, more secure in the end. 1:07:39: Anna Rose: For sure. Have you ever designed a CTF? Like we heard from a previous interviewee that there's like a really awesome ledger CTF kind of going on. 1:07:51: Nicolas Iooss: Yes, I participated in the two last editions, because there were several editions. So, yes, for example, in one of them, there was a challenge focused on the EOS blockchain. EOS. 1:08:10: Anna Rose: Oh, EOS. 1:08:10: Nico Mohnblatt: Yeah, unrelated to your name. 1:08:13: Nicolas Iooss: Yeah. It's a natural blockchain. There was something interesting related to the way the smart contracts on EOS blockchain work. So I did a CTF challenge out of it. 1:08:25: Anna Rose: So you... But you didn't design the CTF for Ledger, did you? 1:08:28: Nicolas Iooss: I participated. It was a team effort. 1:08:32: Anna Rose: Okay. But wait, did you make it or did you hack it? That's what I'm trying to figure out. 1:08:37: Nicolas Iooss: I made it. 1:08:37: Anna Rose: You made it. Okay. 1:08:38: Nicolas Iooss: Yes. 1:08:39: Anna Rose: Okay. This is what I was thinking. 1:08:41: Nicolas Iooss: CTF is making challenges for others. 1:08:45: Anna Rose: Nice. That's cool. 1:08:48: Nicolas Iooss: Also in France, there is a famous security conference called the SSTIC, S-S-T-I-C, which is a cyber security conference, which is well known for ARB challenge, which is released ahead of the conference. Also participated in creating this challenge three times. 1:09:11: Anna Rose: So you're a hack builder almost. I wonder if we should at some point pick your mind for a new competitor, or maybe you want to maybe join the building team. You've won twice. I'm kind of like, do we try to create something that Nicolas finds hard or does Nicolas join us to make a harder puzzle? 1:09:33; Nicolas Iooss: Yeah, that's also a way of solving this issue. 1:09:39: Anna Rose: Amazing. 1:09:39: Nicolas Iooss: Actually, for the SSTIC competition, it's traditional that the winner makes the challenge the year after. 1:09:47: Anna Rose: Amazing! Hey, this is so cool. This is a great thing. I think we should bring all of this feedback back to Kobi and see what he thinks. Nicolas, what's next for you? Just in general? I know you're working at Ledger, but are you also... I mean, I guess you're gonna be doing more CTFs. Is there anything else that you're into? Would you eventually maybe work in ZK, you think? Is it interesting enough? 1:10:12: Nicolas Iooss: Maybe. I really don't know because right now I'm enjoying my work at Ledger. I can work on many different topics including ZK, but it's like right now, ZK is like a research field where there's not much in Ledger about ZK, but we are trying to see what we can build with it. And besides that, I don't really know what the future will be. 1:10:44: Anna Rose: Well, thank you so much for coming on and congratulations once again for coming in first place once again. And I really like your idea of potentially bringing you over to our side for the upcoming ones. Yeah, you might have some really good ideas here that we could implement. So before we wrap up this episode, I just want to say a massive thank you again to the ZK Hack team who put this event together. It was Kobi and Gaylord, Agni, Rachel, and Hector, who worked on this edition of ZK Hack IV. I also want to say a quick shout out to the runners up who didn't get a chance to come on the show to talk about their experience. But we had Rumata888, bkomuves, AllFi, baby step forward, giant step backward, and NicsTr. NicsTr I think had come in second last time. So anyway, thanks to all the participants, all the hackers, and all of the folks who also came out to our workshops, the partners that we had, RISC Zero and Polygon, Geometry as the puzzle builders, and ZKV who sponsored the prizes for this one. Yeah. Oh, I have one last thing I wanted to say before I sign off. I think I mentioned this earlier in the show. But there's an upcoming IRL ZK Hack Hackathon happening in Krakow on May 17th through 19th. Anyone who participated obviously in the online, please come check out our hackathon. It's very different. It's much more about building and less about breaking stuff. But yeah, I hope we get to see you again, Nicolas, at future events, and congrats again. 1:12:29: Nicolas Iooss: Thank you. 1:12:30: Anna Rose: Thanks, Nico. 1:12:31: Nico Mohnblatt: Pleasure. 1:12:32: Anna Rose: And I want to say thank you to the podcast team, Rachel, Henrik and Tanya and to our listeners, thanks for listening.