whatisgithub

What is nullsec-s1-zk?

trynullsec/nullsec-s1-zk — explained in plain English

Analysis updated 2026-05-18

32TypeScriptAudience · researcherComplexity · 4/5LicenseSetup · easy

In one sentence

A local, deterministic static analysis tool that scans Circom and Halo2 zero-knowledge circuits for underconstraint bugs and generates exploit hypotheses.

Mindmap

mindmap
  root((repo))
    What it does
      Scans ZK circuits
      Finds underconstraints
      Generates exploit hypotheses
    Tech stack
      TypeScript
      Circom
      Halo2 Rust
    Use cases
      Audit circuits
      CI security scanning
    Audience
      ZK auditors
      Security researchers

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

What do people build with it?

USE CASE 1

Scan a Circom circuit for underconstrained signals before deploying it.

USE CASE 2

Audit Halo2-style Rust circuits for missing public bindings and selector risks.

USE CASE 3

Generate exploit hypotheses for potential zero-knowledge proof bugs.

USE CASE 4

Add SARIF output to a CI pipeline for automated code scanning.

What is it built with?

TypeScriptCircomHalo2Rust

How does it compare?

trynullsec/nullsec-s1-zkalexmt/mobile-for-argocdalvinunreal/juice
Stars323232
LanguageTypeScriptTypeScriptTypeScript
Setup difficultyeasymoderateeasy
Complexity4/53/53/5
Audienceresearcherops devopsdeveloper

Figures from each repo's GitHub metadata at analysis time.

How do you get it running?

Difficulty · easy Time to first run · 5min

Best used by someone who already understands Circom or Halo2 circuit design.

MIT licensed, free to use, modify, and distribute including for commercial purposes.

So what is it?

Nullsec S1-ZK is an open-source static analysis tool for zero-knowledge circuits. Zero-knowledge proofs are a cryptographic technique used in blockchain protocols and privacy systems, allowing someone to prove they know something without revealing what it is. The circuits that implement these proofs need to be written carefully, because a flaw in the constraint logic can let an attacker construct a fake proof that the system accepts as valid. This class of bug is called an underconstraint. The tool targets two circuit formats: Circom, which has a purpose-built language for writing ZK circuits, and Halo2-style Rust, which is a framework used by projects like the Zcash Orchard protocol. For Circom, S1-ZK builds a graph of signals and constraints and checks for specific unsafe patterns such as signals that are assigned but never constrained, missing range checks, unsafe division, and unbound inputs or outputs. For Halo2, it uses pattern-based analysis on the Rust source since a full Rust parser is not included. A standard scan runs in one command: npx @trynullsec/s1-zk scan ./circuits. An optional deep mode goes further by inferring what the circuit is supposed to prove from naming conventions and graph structure, checking whether the actual constraints support those proof obligations, and generating hypotheses about how a malicious prover might exploit any gaps. Output can be formatted as terminal text, JSON, Markdown, or SARIF for integration with code scanning workflows. The tool is fully local and deterministic, meaning it does not send any code to external services and produces the same results on every run. On the bundled synthetic benchmark, it achieves 100% precision and 92.86% recall, with one known miss in a Halo2 selector-booleanity case. The repository is clear that this is static analysis, not formal verification, and does not replace a specialist ZK audit. The package is published to npm under @trynullsec/s1-zk and released under the MIT license.

Copy-paste prompts

Prompt 1
Help me run npx @trynullsec/s1-zk scan on my Circom circuits and explain the results.
Prompt 2
Walk me through fixing an unconstrained signal flagged by S1-ZK's Circom rules.
Prompt 3
Show me how to use S1-ZK's deep mode to generate an exploit hypothesis for my Halo2 circuit.
Prompt 4
Help me wire S1-ZK's SARIF output into a GitHub Actions code scanning workflow.

Frequently asked questions

What is nullsec-s1-zk?

A local, deterministic static analysis tool that scans Circom and Halo2 zero-knowledge circuits for underconstraint bugs and generates exploit hypotheses.

What language is nullsec-s1-zk written in?

Mainly TypeScript. The stack also includes TypeScript, Circom, Halo2.

What license does nullsec-s1-zk use?

MIT licensed, free to use, modify, and distribute including for commercial purposes.

How hard is nullsec-s1-zk to set up?

Setup difficulty is rated easy, with roughly 5min to a first successful run.

Who is nullsec-s1-zk for?

Mainly researcher.

Open on GitHub → Ask about another repo

This repo across BitVibe Labs

Verify against the repo before relying on details.