Devcon 2024 week recap: Veridise’s presentations in Bangkok
Devcon is the highlight of the year for us at Veridise, and 2024 was no exception.
The week was a wonderful opportunity to reconnect with old friends and meet new developers and founders tackling some of the most exciting challenges in the blockchain space. The week was full of positive energy and inspiration.
But enough words — let’s show you what we mean! Take a look at this 90 second video reel capturing the energy of the week.
In addition to Devcon itself, we participated in four side events: ZK Accelerate, ZK HUB, L2Con, and Hack Seasons Bangkok.
Jon Stephens (CEO) and Alp Bassa (Head of Cryptography) shared insightful presentations at all of these four events.
Below, you’ll find video recordings — we hope they inspire and inform!
Unifying ZK: A Comprehensive DSL Framework for Tomorrow
At ZK Accelerate, Jon Stephens unveiled LLZK (Lower-Level Zero-Knowledge), Veridise’s groundbreaking open-source project addressing one of the most pressing challenge in the ZK space: fragmentation.
Jon emphasized the challenges developers face navigating a maze of front-end languages and proof systems, which lead to inefficiencies and persistent issues like compiler bugs. Enter LLZK — a flexible framework inspired by LLVM, designed to unify diverse front-end languages and backend architectures, eliminating the need to reinvent solutions.
By abstracting language complexities, LLZK simplifies tool creation, optimizations, and backends, enabling efficient development and reducing vulnerabilities. Jon demonstrated its transformative potential in generating witness generators, arithmetization backends, and, most importantly for Veridise, advanced bug detection tools like static analyzers and verification engines.
Watch the talk to learn how LLZK streamlines ZK circuit construction, tackling common challenges and allowing developers to focus on innovative, high-level solutions rather than getting bogged down by language-specific challenges.
Groups for FFT-like Algorithms in Proof Systems
At the ZK HUB event, Alp Bassa gave an insightful talk on the role of FFT-like algorithms in proof systems used within blockchains.
FFT, or Fast Fourier Transform, is a computational technique with deep mathematical roots, commonly used for efficient polynomial evaluations and interpolations. These operations are integral to many zero-knowledge proof systems, which rely on polynomials for verifying computations succinctly and securely.
Alp began by discussing the traditional FFT algorithm and its adaptations, such as the Discrete Fourier Transform (DFT) over Finite Fields and the Discrete Galois Transform (DGT). He then explored recent variations like ECFFT, Circle FFT, and Galois FFT, explaining their unique properties and how they address specific challenges in the proof systems used in blockchains.
By comparing these FFT-like algorithms, Alp provides a conceptual framework to better understand their strengths, trade-offs, and applications, helping to see how advances in this area contribute to more efficient and scalable blockchain protocols.
ZK Circuits in dApps: Common Bugs to Avoid
At L2Con Bangkok, Jon Stephens tackled one of the pressing challenges for developers working to integrate ZK circuits with decentralized applications: how to avoid critical bugs, particularly in high-stakes areas like DeFi.
Jon kicked off by breaking down the fundamental differences between zero-knowledge circuits and smart contracts. With a focus on storage, control flow, numeric data types, and data privacy, he highlighted how ZK component can create unique vulnerabilities if not carefully managed during development.
From there, Jon dug into the details, presenting five common pitfalls that have tripped up even experienced developers. These included issues like missing state validation, arithmetic denial-of-service attacks, finite field overflows, proof verification replay attacks, and privacy leakage.
What made the talk particularly practical was Jon’s use of real-world code snippets from frameworks like Solidity with Circom, Leo, and o1js (typescript), giving a firsthand look at how these bugs arise and how to address them.
This talk wasn’t just a warning — it is a guide. Watch this talk to learn practical vulnerability examples, solutions, and how to securely integrate ZK circuits into dApps.
Key Insights from 100 Security Audits
At the Hack Seasons event, Jon Stephens shed light on some hard truths about the state of security in zero-knowledge applications. Drawing from our 100 recent audits, he didn’t mince words when revealing that over half of our ZK audits uncover critical bugs — double the rate of traditional smart contract audits.
This isn’t just a statistical anomaly, it’s a sign of the unique and complex challenges developers face in ZK systems. Jon broke down where things often go wrong: logical errors rooted in flawed business logic, unchecked inputs that lead to dangerous data validation failures, usability issues that compromise functionality, and denial of service vulnerabilities that can cripple systems. Jon also touched on maintainability problems — often underestimated but a ticking time bomb for long-term security.
The talk got even more pointed when Jon turned to zero-knowledge security and under-constrained circuits, the Achilles’ heel of ZK applications. Drawing from real-world disasters like the Nomad Bridge and Tornado Cash exploits, Jon showed how these vulnerabilities can lead to catastrophic failures.
Jon’s message wasn’t just about identifying the cracks, it was about sealing them. He stressed that a combination of rigorous testing and external audits is essential for developers who want to avoid becoming the next cautionary tale.
Next stop: ETH Denver 2025
Phew, what an intense and exciting week DevCon 2024 was! It was a whirlwind of meeting the industry’s best and brightest developers, all working to build the future of blockchain applications.
But the journey doesn’t stop here. Now, we’re setting our sights on the next big conference: ETH Denver 2025. See you there!
Author:
Mikko Ikola, VP of Marketing at Veridise
Want to learn more about Veridise?
Twitter | LinkedIn | Github | Request Audit