{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,16]],"date-time":"2025-09-16T16:54:55Z","timestamp":1758041695411,"version":"3.44.0"},"reference-count":70,"publisher":"Association for Computing Machinery (ACM)","issue":"4","funder":[{"DOI":"10.13039\/100000185","name":"Defense Advanced Research Projects Agency","doi-asserted-by":"crossref","award":["HR001120C0085"],"award-info":[{"award-number":["HR001120C0085"]}],"id":[{"id":"10.13039\/100000185","id-type":"DOI","asserted-by":"crossref"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Priv. Secur."],"published-print":{"date-parts":[[2025,11,30]]},"abstract":"<jats:p>Currently, when a security analyst discovers a vulnerability in critical software system, they must navigate a fraught dilemma: immediately disclosing the vulnerability to the public could harm the system\u2019s users; whereas disclosing the vulnerability only to the software\u2019s vendor lets the vendor disregard or deprioritize the security risk, to the detriment of unwittingly-affected users.<\/jats:p>\n          <jats:p>A compelling recent line of work aims to resolve this by using Zero Knowledge (ZK) protocols that let analysts prove that they know a vulnerability in a program, without revealing the details of the vulnerability or the inputs that exploit it. In principle, this could be achieved by generic ZK techniques. In practice, ZK vulnerability proofs to date have been restricted in scope and expressibility, due to challenges related to generating proof statements that model real-world software at scale and to directly formulating violated properties.<\/jats:p>\n          <jats:p>\n            This article presents\n            <jats:sc>Cheesecloth<\/jats:sc>\n            , a novel proof-statement compiler, which proves practical vulnerabilities in ZK by soundly-but-aggressively preprocessing programs on public inputs, selectively revealing information about executed control segments, and formalizing information leakage using a novel storage-labeling scheme.\n            <jats:sc>Cheesecloth<\/jats:sc>\n            \u2019s practicality is demonstrated by generating ZK proofs of well-known vulnerabilities in (previous versions of) critical software, including the Heartbleed information leakage in OpenSSL, a memory vulnerability in the FFmpeg multimedia encoding framework, a cryptographic implementation bug in the Secure Scuttlebutt decentralised social network, and a denial of service vulnerability in OpenSSL.\n          <\/jats:p>","DOI":"10.1145\/3747589","type":"journal-article","created":{"date-parts":[[2025,7,22]],"date-time":"2025-07-22T11:13:48Z","timestamp":1753182828000},"page":"1-35","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["Cheesecloth: Zero-Knowledge Proofs of Real-World Vulnerabilities"],"prefix":"10.1145","volume":"28","author":[{"ORCID":"https:\/\/orcid.org\/0009-0002-8611-7586","authenticated-orcid":false,"given":"Santiago","family":"Cu\u00e9llar Gempeler","sequence":"first","affiliation":[{"name":"Galois Inc","place":["Arlington, United States"]}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1762-2039","authenticated-orcid":false,"given":"Bill","family":"Harris","sequence":"additional","affiliation":[{"name":"Galois Inc","place":["Portland, United States"]}]},{"ORCID":"https:\/\/orcid.org\/0009-0009-4399-8433","authenticated-orcid":false,"given":"James","family":"Parker","sequence":"additional","affiliation":[{"name":"Galois Inc","place":["Arlington, United States"]}]},{"ORCID":"https:\/\/orcid.org\/0009-0002-7931-8152","authenticated-orcid":false,"given":"Stuart","family":"Pernsteiner","sequence":"additional","affiliation":[{"name":"Galois Inc","place":["Portland, United States"]}]},{"ORCID":"https:\/\/orcid.org\/0009-0001-4526-3301","authenticated-orcid":false,"given":"Ian","family":"Sweet","sequence":"additional","affiliation":[{"name":"Galois Inc","place":["Arlington, United States"]}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8884-9564","authenticated-orcid":false,"given":"Eran","family":"Tromer","sequence":"additional","affiliation":[{"name":"Boston University","place":["Boston, United States"]}]}],"member":"320","published-online":{"date-parts":[[2025,9,11]]},"reference":[{"key":"e_1_3_3_2_2","unstructured":"CVE-2013-0864. Retrieved October 10 2022 from https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2013-0864. (n.d.)."},{"key":"e_1_3_3_3_2","unstructured":"CVE-2022-0778. Retrieved October 30 2024 from https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-0778. (n.d.)."},{"key":"e_1_3_3_4_2","unstructured":"FFmpeg. Retrieved September 1 2022 from https:\/\/ffmpeg.org\/. (n.d.)."},{"key":"e_1_3_3_5_2","unstructured":"OpenSSL: Cryptography and SSL\/TLS toolkit. Retrieved September 5 2022 from https:\/\/openssl.org\/. (n.d.)."},{"key":"e_1_3_3_6_2","unstructured":"Picolibc: C libraries for smaller embedded systems. Retrieved October 10 2022 from https:\/\/keithp.com\/picolibc\/. (n.d.)."},{"key":"e_1_3_3_7_2","unstructured":"SIEVE Intermediate Representation (IR). Retrieved April 19 2024 from https:\/\/github.com\/sieve-zk\/ir. (n.d.)."},{"key":"e_1_3_3_8_2","unstructured":"ssb-handshake. Retrieved April 19 2024 from https:\/\/github.com\/sunrise-choir\/ssb-handshake. (n.d.)."},{"key":"e_1_3_3_9_2","unstructured":"The Heartbleed Bug. Retrieved September 5 2022 from https:\/\/heartbleed.com\/. (n.d.)."},{"key":"e_1_3_3_10_2","volume-title":"Compilers: Principles, Techniques, & Tools","author":"Aho Alfred V","year":"2007","unstructured":"Alfred V Aho, Monica S Lam, Ravi Sethi, and Jeffrey D Ullman. 2007. Compilers: Principles, Techniques, & Tools. Pearson Education India."},{"volume-title":"Proceedings of the ACM CCS 2017","author":"Ames Scott","key":"e_1_3_3_11_2","unstructured":"Scott Ames, Carmit Hazay, Yuval Ishai, and Muthuramakrishnan Venkitasubramaniam. Ligero: Lightweight sublinear arguments without a trusted setup. In Proceedings of the ACM CCS 2017, Bhavani M. Thuraisingham, David Evans, Tal Malkin, and Dongyan Xu (Eds.). DOI:10.1145\/3133956.3134104"},{"key":"e_1_3_3_12_2","first-page":"3","volume-title":"Proceedings of the Annual International Conference on the Theory and Applications of Cryptographic Techniques","author":"Arun Arasu","year":"2024","unstructured":"Arasu Arun, Srinath Setty, and Justin Thaler. 2024. Jolt: Snarks for virtual machines via lookups. In Proceedings of the Annual International Conference on the Theory and Applications of Cryptographic Techniques. Springer, 3\u201333."},{"key":"e_1_3_3_13_2","doi-asserted-by":"publisher","unstructured":"Carsten Baum Alex J. Malozemoff Marc B. Rosen and Peter Scholl. 2021. Mac\u2019n\u2019cheese: Zero-knowledge proofs for boolean and arithmetic circuits with nested disjunctions See Malkin and Peikert [48] 92\u2013122. DOI:10.1007\/978-3-030-84259-8_4","DOI":"10.1007\/978-3-030-84259-8_4"},{"key":"e_1_3_3_14_2","first-page":"90","volume-title":"Proceedings of theCRYPTO 2013, Part II (LNCS)","volume":"8043","author":"Ben-Sasson Eli","year":"2013","unstructured":"Eli Ben-Sasson, Alessandro Chiesa, Daniel Genkin, Eran Tromer, and Madars Virza. 2013. SNARKs for C: Verifying program executions succinctly and in zero knowledge. In Proceedings of theCRYPTO 2013, Part II (LNCS), Ran Canetti and Juan A. Garay (Eds.), Vol. 8043. Springer, Heidelberg, Germany, Santa Barbara, CA, USA, 90\u2013108. DOI:10.1007\/978-3-642-40084-1_6"},{"key":"e_1_3_3_15_2","article-title":"TinyRAM architecture specification, v0.991","author":"Ben-Sasson Eli","year":"2013","unstructured":"Eli Ben-Sasson, Alessandro Chiesa, Daniel Genkin, Eran Tromer, and Madars Virza. 2013. TinyRAM architecture specification, v0.991. Retrieved from https:\/\/www.scipr-lab.org\/doc\/TinyRAM-spec-0.991.pdf. (2013).","journal-title":"https:\/\/www.scipr-lab.org\/doc\/TinyRAM-spec-0.991.pdf"},{"key":"e_1_3_3_16_2","first-page":"781","volume-title":"Proceedings of the 23rd USENIX Security Symposium (USENIX Security 14)","author":"Ben-Sasson Eli","year":"2014","unstructured":"Eli Ben-Sasson, Alessandro Chiesa, Eran Tromer, and Madars Virza. 2014. Succinct non-interactive zero knowledge for a von Neumann architecture. In Proceedings of the 23rd USENIX Security Symposium (USENIX Security 14). 781\u2013796."},{"issue":"1","key":"e_1_3_3_17_2","doi-asserted-by":"crossref","first-page":"14","DOI":"10.1145\/982962.964003","article-title":"Simple relational correctness proofs for static analyses and program transformations","volume":"39","author":"Benton Nick","year":"2004","unstructured":"Nick Benton. 2004. Simple relational correctness proofs for static analyses and program transformations. ACM SIGPLAN Notices 39, 1 (2004), 14\u201325.","journal-title":"ACM SIGPLAN Notices"},{"key":"e_1_3_3_18_2","first-page":"168","volume-title":"Proceedings of the TCC 2020, Part II (LNCS)","volume":"12551","author":"Block Alexander R.","year":"2020","unstructured":"Alexander R. Block, Justin Holmgren, Alon Rosen, Ron D. Rothblum, and Pratik Soni. 2020. Public-coin zero-knowledge arguments with (almost) minimal time and space overheads. In Proceedings of the TCC 2020, Part II (LNCS), Rafael Pass and Krzysztof Pietrzak (Eds.), Vol. 12551. Springer, Heidelberg, Germany, Durham, NC, USA, 168\u2013197. DOI:10.1007\/978-3-030-64378-2_7"},{"key":"e_1_3_3_19_2","doi-asserted-by":"publisher","unstructured":"Alexander R. Block Justin Holmgren Alon Rosen Ron D. Rothblum and Pratik Soni. 2021. Time- and space-efficient arguments from groups of unknown order See Malkin and Peikert [48] 123\u2013152. DOI:10.1007\/978-3-030-84259-8_5","DOI":"10.1007\/978-3-030-84259-8_5"},{"key":"e_1_3_3_20_2","doi-asserted-by":"crossref","first-page":"225","DOI":"10.1007\/BF01185212","article-title":"Checking the correctness of memories","volume":"12","author":"Blum Manuel","year":"1994","unstructured":"Manuel Blum, Will Evans, Peter Gemmell, Sampath Kannan, and Moni Naor. 1994. Checking the correctness of memories. Algorithmica 12, 2 (1994), 225\u2013244.","journal-title":"Algorithmica"},{"key":"e_1_3_3_21_2","first-page":"595","volume-title":"Proceedings of the ASIACRYPT 2018, Part I (LNCS)","volume":"11272","author":"Bootle Jonathan","year":"2018","unstructured":"Jonathan Bootle, Andrea Cerulli, Jens Groth, Sune K. Jakobsen, and Mary Maller. 2018. Arya: Nearly linear-time zero-knowledge proofs for correct program execution. In Proceedings of the ASIACRYPT 2018, Part I (LNCS), Thomas Peyrin and Steven Galbraith (Eds.), Vol. 11272. Springer, Heidelberg, Germany, Brisbane, Queensland, Australia, 595\u2013626. DOI:10.1007\/978-3-030-03326-2_20"},{"key":"e_1_3_3_22_2","first-page":"341","volume-title":"Proceedings of the 24th ACM Symposium on Operating Systems Principles","author":"Braun Benjamin","year":"2013","unstructured":"Benjamin Braun, Ariel J Feldman, Zuocheng Ren, Srinath Setty, Andrew J Blumberg, and Michael Walfish. 2013. Verifying computations with state. In Proceedings of the 24th ACM Symposium on Operating Systems Principles. 341\u2013357."},{"key":"e_1_3_3_23_2","article-title":"RISC Zero zkVM: Scalable, transparent arguments of RISC-V integrity","volume":"29","author":"Bruestle Jeremy","year":"2023","unstructured":"Jeremy Bruestle and Paul Gafni. 2023. RISC Zero zkVM: Scalable, transparent arguments of RISC-V integrity. Draft. July 29 (2023).","journal-title":"Draft. July"},{"issue":"6","key":"e_1_3_3_24_2","doi-asserted-by":"crossref","first-page":"1157","DOI":"10.3233\/JCS-2009-0393","article-title":"Hyperproperties","volume":"18","author":"Clarkson Michael R","year":"2010","unstructured":"Michael R Clarkson and Fred B Schneider. 2010. Hyperproperties. Journal of Computer Security 18, 6 (2010), 1157\u20131210.","journal-title":"Journal of Computer Security"},{"key":"e_1_3_3_25_2","doi-asserted-by":"crossref","first-page":"78","DOI":"10.1109\/CSF.2019.00013","volume-title":"Proceedings of the 2019 IEEE 32nd Computer Security Foundations Symposium (CSF)","author":"Cremers Cas","year":"2019","unstructured":"Cas Cremers and Dennis Jackson. 2019. Prime, order please! Revisiting small subgroup and invalid curve attacks on protocols using diffie-hellman. In Proceedings of the 2019 IEEE 32nd Computer Security Foundations Symposium (CSF). IEEE, 78\u20137815."},{"issue":"5","key":"e_1_3_3_26_2","doi-asserted-by":"crossref","first-page":"236","DOI":"10.1145\/360051.360056","article-title":"A lattice model of secure information flow","volume":"19","author":"Denning Dorothy E","year":"1976","unstructured":"Dorothy E Denning. 1976. A lattice model of secure information flow. Communications of the ACM 19, 5 (1976), 236\u2013243.","journal-title":"Communications of the ACM"},{"issue":"2","key":"e_1_3_3_27_2","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/2619091","article-title":"Taintdroid: An information-flow tracking system for realtime privacy monitoring on smartphones","volume":"32","author":"Enck William","year":"2014","unstructured":"William Enck, Peter Gilbert, Seungyeop Han, Vasant Tendulkar, Byung-Gon Chun, Landon P Cox, Jaeyeon Jung, Patrick McDaniel, and Anmol N Sheth. 2014. Taintdroid: An information-flow tracking system for realtime privacy monitoring on smartphones. ACM Transactions on Computer Systems (TOCS) 32, 2 (2014), 1\u201329.","journal-title":"ACM Transactions on Computer Systems (TOCS)"},{"key":"e_1_3_3_28_2","doi-asserted-by":"crossref","first-page":"2951","DOI":"10.1145\/3460120.3484795","volume-title":"Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security","author":"Fang Zhiyong","year":"2021","unstructured":"Zhiyong Fang, David Darais, Joseph P Near, and Yupeng Zhang. 2021. Zero knowledge static program analysis. In Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security. 2951\u20132967."},{"key":"e_1_3_3_29_2","first-page":"178","volume-title":"Proceedings of the ACM CCS 2021","author":"Franzese Nicholas","year":"2021","unstructured":"Nicholas Franzese, Jonathan Katz, Steve Lu, Rafail Ostrovsky, Xiao Wang, and Chenkai Weng. 2021. Constant-overhead zero-knowledge for RAM programs. In Proceedings of the ACM CCS 2021, Giovanni Vigna and Elaine Shi (Eds.). ACM Press, Virtual Event, Republic of Korea, 178\u2013191. DOI:10.1145\/3460120.3484800"},{"key":"e_1_3_3_30_2","article-title":"swanky: A suite of rust libraries for secure computation","author":"Inc. Galois,","year":"2019","unstructured":"Galois, Inc.2019. swanky: A suite of rust libraries for secure computation. Retrieved from https:\/\/github.com\/GaloisInc\/swanky. (2019).","journal-title":"https:\/\/github.com\/GaloisInc\/swanky"},{"key":"e_1_3_3_31_2","first-page":"626","volume-title":"Proceedings of the EUROCRYPT 2013 (LNCS)","volume":"7881","author":"Gennaro Rosario","year":"2013","unstructured":"Rosario Gennaro, Craig Gentry, Bryan Parno, and Mariana Raykova. 2013. Quadratic span programs and succinct NIZKs without PCPs. In Proceedings of the EUROCRYPT 2013 (LNCS), Thomas Johansson and Phong Q. Nguyen (Eds.), Vol. 7881. Springer, Heidelberg, Germany, Athens, Greece, 626\u2013645. DOI:10.1007\/978-3-642-38348-9_37"},{"key":"e_1_3_3_32_2","doi-asserted-by":"crossref","first-page":"11","DOI":"10.1109\/SP.1982.10014","volume-title":"Proceedings of the 1982 IEEE Symposium on Security and Privacy","author":"Goguen Joseph A","year":"1982","unstructured":"Joseph A Goguen and Jos\u00e9 Meseguer. 1982. Security policies and security models. In Proceedings of the 1982 IEEE Symposium on Security and Privacy. IEEE, 11\u201311."},{"issue":"3","key":"e_1_3_3_33_2","doi-asserted-by":"crossref","first-page":"690","DOI":"10.1145\/116825.116852","article-title":"Proofs that yield nothing but their validity or all languages in NP have zero-knowledge proof systems","volume":"38","author":"Goldreich Oded","year":"1991","unstructured":"Oded Goldreich, Silvio Micali, and Avi Wigderson. 1991. Proofs that yield nothing but their validity or all languages in NP have zero-knowledge proof systems. Journal of the ACM (JACM) 38, 3 (1991), 690\u2013728.","journal-title":"Journal of the ACM (JACM)"},{"key":"e_1_3_3_34_2","doi-asserted-by":"crossref","unstructured":"Matthew Green Mathias Hall-Andersen Eric Hennenfent Gabriel Kaptchuk Benjamin Perez and Gijs Van Laer. 2023. Efficient proofs of software exploitability for real-world processors. Proceedings on Privacy Enhancing Technologies 1 1 (2023) 627\u2013640.","DOI":"10.56553\/popets-2023-0036"},{"key":"e_1_3_3_35_2","first-page":"305","volume-title":"Proceedings of the EUROCRYPT 2016, Part II (LNCS)","volume":"9666","author":"Groth Jens","year":"2016","unstructured":"Jens Groth. 2016. On the size of pairing-based non-interactive arguments. In Proceedings of the EUROCRYPT 2016, Part II (LNCS), Marc Fischlin and Jean-S\u00e9bastien Coron (Eds.), Vol. 9666. Springer, Heidelberg, Germany, Vienna, Austria, 305\u2013326. DOI:10.1007\/978-3-662-49896-5_11"},{"key":"e_1_3_3_36_2","doi-asserted-by":"crossref","first-page":"2055","DOI":"10.1145\/3372297.3417283","volume-title":"Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security","author":"Heath David","year":"2020","unstructured":"David Heath and Vladimir Kolesnikov. 2020. A 2.1 KHz zero-knowledge processor with BubbleRAM. In Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security. 2055\u20132074."},{"key":"e_1_3_3_37_2","first-page":"569","volume-title":"Proceedings of the Annual International Conference on the Theory and Applications of Cryptographic Techniques","author":"Heath David","year":"2020","unstructured":"David Heath and Vladimir Kolesnikov. 2020. Stacked garbling for disjunctive zero-knowledge proofs. In Proceedings of the Annual International Conference on the Theory and Applications of Cryptographic Techniques. Springer, 569\u2013598."},{"key":"e_1_3_3_38_2","doi-asserted-by":"crossref","first-page":"1538","DOI":"10.1109\/SP40001.2021.00089","volume-title":"Proceedings of the 2021 IEEE Symposium on Security and Privacy","author":"Heath David","year":"2021","unstructured":"David Heath, Yibin Yang, David Devecsery, and Vladimir Kolesnikov. 2021. Zero knowledge for everything and everyone: Fast ZK processor with cached ORAM for ANSI C Programs. In Proceedings of the 2021 IEEE Symposium on Security and Privacy. IEEE Computer Society Press, San Francisco, CA, USA, 1538\u20131556. DOI:10.1109\/SP40001.2021.00089"},{"key":"e_1_3_3_39_2","volume-title":"The CERT Guide to Coordinated Vulnerability Disclosure","author":"Householder Allen D","year":"2017","unstructured":"Allen D Householder, Garret Wassermann, Art Manion, and Chris King. 2017. The CERT Guide to Coordinated Vulnerability Disclosure. Technical Report. Carnegie-Mellon Univ, Pittsburgh, PA, United States."},{"key":"e_1_3_3_40_2","first-page":"150","volume-title":"Proceedings of the CRYPTO 2015, Part II (LNCS)","volume":"9216","author":"Hu Zhangxiang","year":"2015","unstructured":"Zhangxiang Hu, Payman Mohassel, and Mike Rosulek. 2015. Efficient zero-knowledge proofs of non-algebraic statements with sublinear amortized cost. In Proceedings of the CRYPTO 2015, Part II (LNCS), Rosario Gennaro and Matthew J. B. Robshaw (Eds.), Vol. 9216. Springer, Heidelberg, Germany, Santa Barbara, CA, USA, 150\u2013169. DOI:10.1007\/978-3-662-48000-7_8"},{"key":"e_1_3_3_41_2","first-page":"21","volume-title":"Proceedings of the 39th Annual ACM Symposium on Theory of Computing","author":"Ishai Yuval","year":"2007","unstructured":"Yuval Ishai, Eyal Kushilevitz, Rafail Ostrovsky, and Amit Sahai. 2007. Zero-knowledge from secure multiparty computation. In Proceedings of the 39th Annual ACM Symposium on Theory of Computing. 21\u201330."},{"key":"e_1_3_3_42_2","article-title":"GRIT: GBA Raster Image Transmogrifier","author":"Vijn Jasper","year":"2022","unstructured":"Jasper Vijn. 2022. GRIT: GBA Raster Image Transmogrifier. Retrieved from https:\/\/github.com\/devkitPro\/grit. (2022).","journal-title":"R"},{"key":"e_1_3_3_43_2","volume-title":"Partial Evaluation and Automatic Program Generation","author":"Jones Neil D","year":"1993","unstructured":"Neil D Jones, Carsten K Gomard, and Peter Sestoft. 1993. Partial Evaluation and Automatic Program Generation. Peter Sestoft."},{"key":"e_1_3_3_44_2","first-page":"525","volume-title":"Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security","author":"Katz Jonathan","year":"2018","unstructured":"Jonathan Katz, Vladimir Kolesnikov, and Xiao Wang. 2018. Improved non-interactive zero knowledge with applications to post-quantum signatures. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. 525\u2013537."},{"key":"e_1_3_3_45_2","article-title":"How to prove false statements: Practical attacks on fiat-shamir","author":"Khovratovich Dmitry","year":"2025","unstructured":"Dmitry Khovratovich, Ron D Rothblum, and Lev Soukhanov. 2025. How to prove false statements: Practical attacks on fiat-shamir. Cryptology ePrint Archive (2025).","journal-title":"Cryptology ePrint Archive"},{"key":"e_1_3_3_46_2","doi-asserted-by":"publisher","unstructured":"Evan Laufer Alex Ozdemir and Dan Boneh. 2024. zkpi: Proving lean theorems in zero-knowledge. In Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security CCS\u201924. New York NY USA 2024. Association for Computing Machinery 4301\u20134315. DOI:10.1145\/3658644.3670322","DOI":"10.1145\/3658644.3670322"},{"key":"e_1_3_3_47_2","article-title":"Valida","author":"Foundation Lita","year":"2024","unstructured":"Lita Foundation. 2024. Valida. Retrieved from https:\/\/github.com\/valida-xyz\/valida. (2024).","journal-title":"R"},{"key":"e_1_3_3_48_2","volume-title":"Proceedings of the 33rd USENIX Security Symposium (USENIX Security 24)","author":"Luick Daniel","year":"2024","unstructured":"Daniel Luick, John C Kolesar, Timos Antonopoulos, William R Harris, James Parker, Ruzica Piskac, Eran Tromer, Xiao Wang, and Ning Luo. 2024. ZKSMT: A VM for proving SMT theorems in zero knowledge. In Proceedings of the 33rd USENIX Security Symposium (USENIX Security 24)."},{"key":"e_1_3_3_49_2","series-title":"LNCS","volume-title":"CRYPTO 2021, Part IV","author":"Malkin Tal","year":"2021","unstructured":"Tal Malkin and Chris Peikert (Eds.). 2021. CRYPTO 2021, Part IV. LNCS, Vol. 12828. Springer, Heidelberg, Germany, Virtual Event."},{"key":"e_1_3_3_50_2","first-page":"501","volume-title":"Proceedings of the EUROCRYPT 2017, Part I (LNCS)","volume":"10210","author":"Mohassel Payman","year":"2017","unstructured":"Payman Mohassel, Mike Rosulek, and Alessandra Scafuro. 2017. Sublinear zero-knowledge arguments for RAM programs. In Proceedings of the EUROCRYPT 2017, Part I (LNCS), Jean-S\u00e9bastien Coron and Jesper Buus Nielsen (Eds.), Vol. 10210. Springer, Heidelberg, Germany, Paris, France, 501\u2013531. DOI:10.1007\/978-3-319-56620-7_18"},{"key":"e_1_3_3_51_2","doi-asserted-by":"crossref","first-page":"228","DOI":"10.1145\/292540.292561","volume-title":"Proceedings of the 26th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages","author":"Myers Andrew C","year":"1999","unstructured":"Andrew C Myers. 1999. JFlow: Practical mostly-static information flow control. In Proceedings of the 26th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages. 228\u2013241."},{"issue":"5","key":"e_1_3_3_52_2","doi-asserted-by":"crossref","first-page":"129","DOI":"10.1145\/269005.266669","article-title":"A decentralized model for information flow control","volume":"31","author":"Myers Andrew C","year":"1997","unstructured":"Andrew C Myers and Barbara Liskov. 1997. A decentralized model for information flow control. ACM SIGOPS Operating Systems Review 31, 5 (1997), 129\u2013142.","journal-title":"ACM SIGOPS Operating Systems Review"},{"key":"e_1_3_3_53_2","doi-asserted-by":"crossref","first-page":"89","DOI":"10.1145\/1250734.1250746","volume-title":"Proceedings of the 28th ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI \u201907)","author":"Nethercote Nicholas","year":"2007","unstructured":"Nicholas Nethercote and Julian Seward. 2007. Valgrind: A framework for heavyweight dynamic binary instrumentation. In Proceedings of the 28th ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI \u201907). Association for Computing Machinery, New York, NY, USA, 89\u2013100. DOI:10.1145\/1250734.1250746"},{"key":"e_1_3_3_54_2","article-title":"Nexus zkVM","author":"Laboratories Nexus","year":"2024","unstructured":"Nexus Laboratories. 2024. Nexus zkVM. Retrieved from https:\/\/nexus.xyz\/zkvm. (2024).","journal-title":"R"},{"key":"e_1_3_3_55_2","doi-asserted-by":"publisher","DOI":"10.1145\/3290388"},{"key":"e_1_3_3_56_2","doi-asserted-by":"crossref","first-page":"238","DOI":"10.1109\/SP.2013.47","volume-title":"Proceedings of the 2013 IEEE Symposium on Security and Privacy","author":"Parno Bryan","year":"2013","unstructured":"Bryan Parno, Jon Howell, Craig Gentry, and Mariana Raykova. 2013. Pinocchio: Nearly practical verifiable computation. In Proceedings of the 2013 IEEE Symposium on Security and Privacy. IEEE Computer Society Press, Berkeley, CA, USA, 238\u2013252. DOI:10.1109\/SP.2013.47"},{"key":"e_1_3_3_57_2","article-title":"PSE-Halo2","author":"Explorations Privacy Scaling","year":"2025","unstructured":"Privacy Scaling Explorations. 2025. PSE-Halo2. Retrieved from https:\/\/github.com\/privacy-scaling-explorations\/halo2\/. (2025).","journal-title":"R"},{"key":"e_1_3_3_58_2","first-page":"55","volume-title":"Proceedings of the 17th Annual IEEE Symposium on Logic in Computer Science","author":"Reynolds John C","year":"2002","unstructured":"John C Reynolds. 2002. Separation logic: A logic for shared mutable data structures. In Proceedings of the 17th Annual IEEE Symposium on Logic in Computer Science. IEEE, 55\u201374."},{"issue":"1","key":"e_1_3_3_59_2","doi-asserted-by":"crossref","first-page":"5","DOI":"10.1109\/JSAC.2002.806121","article-title":"Language-based information-flow security","volume":"21","author":"Sabelfeld Andrei","year":"2003","unstructured":"Andrei Sabelfeld and Andrew C Myers. 2003. Language-based information-flow security. IEEE Journal on Selected Areas in Communications 21, 1 (2003), 5\u201319.","journal-title":"IEEE Journal on Selected Areas in Communications"},{"issue":"3","key":"e_1_3_3_60_2","doi-asserted-by":"crossref","first-page":"217","DOI":"10.1145\/514188.514190","article-title":"Parametric shape analysis via 3-valued logic","volume":"24","author":"Sagiv Mooly","year":"2002","unstructured":"Mooly Sagiv, Thomas Reps, and Reinhard Wilhelm. 2002. Parametric shape analysis via 3-valued logic. ACM Transactions on Programming Languages and Systems (TOPLAS) 24, 3 (2002), 217\u2013298.","journal-title":"ACM Transactions on Programming Languages and Systems (TOPLAS)"},{"issue":"4","key":"e_1_3_3_61_2","doi-asserted-by":"crossref","first-page":"701","DOI":"10.1145\/322217.322225","article-title":"Fast probabilistic algorithms for verification of polynomial identities","volume":"27","author":"Schwartz Jacob T","year":"1980","unstructured":"Jacob T Schwartz. 1980. Fast probabilistic algorithms for verification of polynomial identities. Journal of the ACM (JACM) 27, 4 (1980), 701\u2013717.","journal-title":"Journal of the ACM (JACM)"},{"key":"e_1_3_3_62_2","first-page":"180","volume-title":"Proceedings of the Annual International Conference on the Theory and Applications of Cryptographic Techniques","author":"Setty Srinath","year":"2024","unstructured":"Srinath Setty, Justin Thaler, and Riad Wahby. 2024. Unlocking the lookup singularity with lasso. In Proceedings of the Annual International Conference on the Theory and Applications of Cryptographic Techniques. Springer, 180\u2013209."},{"key":"e_1_3_3_63_2","first-page":"1","volume-title":"Proceedings of the 24th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages","author":"Shapiro Marc","year":"1997","unstructured":"Marc Shapiro and Susan Horwitz. 1997. Fast and accurate flow-insensitive points-to analysis. In Proceedings of the 24th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages. 1\u201314."},{"key":"e_1_3_3_64_2","first-page":"32","volume-title":"Proceedings of the 23rd ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages","author":"Steensgaard Bjarne","year":"1996","unstructured":"Bjarne Steensgaard. 1996. Points-to analysis in almost linear time. In Proceedings of the 23rd ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages. 32\u201341."},{"key":"e_1_3_3_65_2","doi-asserted-by":"crossref","first-page":"95","DOI":"10.1145\/2034675.2034688","volume-title":"Proceedings of the 4th ACM Symposium on Haskell","author":"Stefan Deian","year":"2011","unstructured":"Deian Stefan, Alejandro Russo, John C Mitchell, and David Mazi\u00e8res. 2011. Flexible dynamic information flow control in haskell. In Proceedings of the 4th ACM Symposium on Haskell. 95\u2013106."},{"key":"e_1_3_3_66_2","article-title":"SP1 zkVM","author":"Labs Succinct","year":"2024","unstructured":"Succinct Labs. 2024. SP1 zkVM. Retrieved from https:\/\/blog.succinct.xyz\/introducing-sp1\/. (2024).","journal-title":"R"},{"issue":"11","key":"e_1_3_3_67_2","doi-asserted-by":"crossref","first-page":"85","DOI":"10.1145\/1037187.1024404","article-title":"Secure program execution via dynamic information flow tracking","volume":"39","author":"Suh G Edward","year":"2004","unstructured":"G Edward Suh, Jae W Lee, David Zhang, and Srinivas Devadas. 2004. Secure program execution via dynamic information flow tracking. ACM Sigplan Notices 39, 11 (2004), 85\u201396.","journal-title":"ACM Sigplan Notices"},{"key":"e_1_3_3_68_2","first-page":"1","volume-title":"Proceedings of the 6th ACM Conference on Information-centric Networking","author":"Tarr Dominic","year":"2019","unstructured":"Dominic Tarr, Erick Lavoie, Aljoscha Meyer, and Christian Tschudin. 2019. Secure scuttlebutt: An identity-centric protocol for subjective and decentralized applications. In Proceedings of the 6th ACM Conference on Information-centric Networking. 1\u201311."},{"key":"e_1_3_3_69_2","volume-title":"Proceedings of the NDSS","author":"Wahby Riad S","year":"2015","unstructured":"Riad S Wahby, Srinath TV Setty, Zuocheng Ren, Andrew J Blumberg, and Michael Walfish. 2015. Efficient RAM and control flow in verifiable outsourced computation.. In Proceedings of the NDSS."},{"key":"e_1_3_3_70_2","doi-asserted-by":"crossref","first-page":"908","DOI":"10.1109\/SP.2018.00013","volume-title":"Proceedings of the 2018 IEEE Symposium on Security and Privacy (SP)","author":"Zhang Yupeng","year":"2018","unstructured":"Yupeng Zhang, Daniel Genkin, Jonathan Katz, Dimitrios Papadopoulos, and Charalampos Papamanthou. 2018. vRAM: Faster verifiable RAM with program-independent preprocessing. In Proceedings of the 2018 IEEE Symposium on Security and Privacy (SP). IEEE, 908\u2013925."},{"key":"e_1_3_3_71_2","first-page":"216","volume-title":"Proceedings of the International Symposium on Symbolic and Algebraic Manipulation","author":"Zippel Richard","year":"1979","unstructured":"Richard Zippel. 1979. Probabilistic algorithms for sparse polynomials. In Proceedings of the International Symposium on Symbolic and Algebraic Manipulation. Springer, 216\u2013226."}],"container-title":["ACM Transactions on Privacy and Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3747589","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,9,11]],"date-time":"2025-09-11T12:33:57Z","timestamp":1757594037000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3747589"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,9,11]]},"references-count":70,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2025,11,30]]}},"alternative-id":["10.1145\/3747589"],"URL":"https:\/\/doi.org\/10.1145\/3747589","relation":{},"ISSN":["2471-2566","2471-2574"],"issn-type":[{"type":"print","value":"2471-2566"},{"type":"electronic","value":"2471-2574"}],"subject":[],"published":{"date-parts":[[2025,9,11]]},"assertion":[{"value":"2024-12-04","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2025-06-02","order":2,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2025-09-11","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}