ZK Verifier Audit
ZK security tooling mostly lints the circuit. The seam — where the deployed verifier's hardcoded points stop matching the audited circuit's verifying key — is almost never checked. This page reads the verifier bytecode, extracts every 32-byte constant (where α / β / γ / δ / IC[] always live), and tells you whether the VK commitments you expect are bound or stale.
| # | Offset | Hex |
|---|
- VK bound every expected commitment is embedded as a
PUSH32. Circuit is pinned to this verifier. - VK stale at least one expected commitment is missing. Likely a stale verifier or a circuit edited post-deployment. Treat as an Error-class dual-layer finding.
- VK unknown you didn't provide expected commitments. The embedded set is reported for manual comparison against the circuit's verifying key.