ZKP2P is currently in its alpha stage and should be used at your own risk. Our circuits have been audited by PSE. We have outlined known potential risks associated with using the protocol, acknowledging that there may be additional risks not yet identified.

Audits

ZKP2P alpha circuits have been audited by PSE

Trusted Setup

Read more about our trusted setup ceremony here.

Risks 😬

Off-ramp Risks

Governance-Controlled Public Key: The protocol's governance can update the public key associated with Venmo. If the new key is under their control, they could potentially forge emails, sign them, produce proofs, and access all the USDC deposited in the protocol. Initially governance will consist of a multisig and will be decentralized in the future.

Regex Injection Attack: Venmo requires on-rampers to specify a custom message when sending a payment. Venmo escapes all the custom strings and makes it very difficult to inject newlines and other special characters in the custom note. But despite that, to be extra secure, we have increased the regex string to 330 chars which is longer than the custom message size of 280 chars. However, if Venmo increases its custom message length, in the future, it might introduce new vulnerabilities.

Venmo ID Exposure: Off-rampers, by making a deposit, reveal their Venmo ID on the blockchain. For those concerned about privacy, it is recommended to use a wallet that does not hold a large amount of assets.

Reversible Transactions: Venmo transactions are reversible. An on-ramper after claiming your USDC can reverse a Venmo transaction. We have restricted the on-ramp amount and frequency to disincentivize this behavior. Also, you can block a malicious on-ramper to prevent them from opening an order against your deposit. We are actively working to mitigate this risk in future versions.

On-ramp Risks

Privacy Concerns with Hosted Proving: When on-ramping, if you opt for hosted proving, your emails are sent to a proving server to generate proofs. This could theoretically expose personal information. However, our prover API and UI code are open-source and can be audited to verify we do not exploit this data.

Venmo Template Change: If Venmo alters its email template, the existing emails may no longer be valid for proof generation, even if the off-chain payment has already been made. This could prevent the completion of the on-ramping process. If this happens, governance will try to update the smart contract processors to allow the continued functioning of the protocol.

Venmo DKIM Key Rotation: If Venmo updates its DKIM key, the existing emails may no longer be valid for proof generation, even if the off-chain payment has already been made. This could prevent the completion of the on-ramping process. If this happens, governance will try to update the Venmo key on the smart contract to allow the continued functioning of the protocol.