Skip to content

Bump zk-sdk to v5.0#10000

Merged
samkim-crypto merged 3 commits intoanza-xyz:masterfrom
samkim-crypto:bump-zk-sdk
Jan 16, 2026
Merged

Bump zk-sdk to v5.0#10000
samkim-crypto merged 3 commits intoanza-xyz:masterfrom
samkim-crypto:bump-zk-sdk

Conversation

@samkim-crypto
Copy link
Copy Markdown

@samkim-crypto samkim-crypto commented Jan 14, 2026
edited
Loading

Problem

The zk-sdk went through a couple of audits. Nothing major in terms of security has been found, but there have been a number of additional sanity checks that have been added to v5.0.0.

You can refer to the release notes, but most of the changes are non-breaking internal changes or proof generation, which doesn't affect proof verification in agave. The only breaking changes are the following:

Currently, the only place in the repo that depends on the solana-zk-sdk is the zk-elgamal proof program, which is currently DISABLED.

Summary of Changes

  • Bump solana-zk-sdk to v5.0
  • For the proof constructor functions in versions of the solana-zk-sdk, if it took in invalid inputs, it just produced invalid proofs. We used this to generate wrong proof instances in the zk-elgamal-proof-tests. However, now with v5.0, these invalid proofs are outright rejected by the constructor. So I updated the proof logic to manually generate invalid proofs for tests.
  • I rekeyed the reenable-zk-elgamal-proof-program feature gate.

Fixes #

@codecov-commenter
Copy link
Copy Markdown

codecov-commenter commented Jan 14, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 82.5%. Comparing base (f6e1572) to head (69668a0).
⚠️ Report is 2 commits behind head on master.

Additional details and impacted files 
@@           Coverage Diff           @@
##           master   #10000   +/-   ##
=======================================
  Coverage    82.5%    82.5%           
=======================================
  Files         844      844           
  Lines      316727   316727           
=======================================
+ Hits       261546   261564   +18     
+ Misses      55181    55163   -18
🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@samkim-crypto samkim-crypto marked this pull request as ready for review January 14, 2026 08:49
steviez
steviez reviewed Jan 14, 2026
View reviewed changes
Copy link
Copy Markdown

@steviez steviez left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good call on the rekey!

Comment thread Cargo.lock
"solana-program-option",
"solana-pubkey 3.0.0",
"solana-zk-sdk",
"solana-zk-sdk 4.0.0",
Copy link
Copy Markdown

@steviez steviez Jan 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is it problematic that this dep (and a couple others) are still depending on v4.0 ?

Copy link
Copy Markdown
Author

@samkim-crypto samkim-crypto Jan 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah it is mainly token-2022-interface and the related crates. It would have been cleaner if we bumped zk-sdk in these crates first and then bump in agave.

I think it is still fine since the breaking changes in zk-sdk v5.0 only involve proof components. The agave crates that depend on token-2022-interface and its related crates do not use the proof components at all (they just other components like encryption, public keys, etc.).

Comment thread programs/zk-elgamal-proof-tests/tests/process_transaction.rs
Comment on lines -46 to +51
let incorrect_pubkey = elgamal_keypair.pubkey();
let incorrect_secret = ElGamalSecretKey::new_rand();
let incorrect_keypair = ElGamalKeypair::new_for_tests(*incorrect_pubkey, incorrect_secret);

let fail_proof_data =
ZeroCiphertextProofData::new(&incorrect_keypair, &zero_ciphertext).unwrap();
let mut fail_proof_context = success_proof_data.context;
fail_proof_context.pubkey = ElGamalPubkey::default().into();
let fail_proof_data = ZeroCiphertextProofData {
context: fail_proof_context,
proof: success_proof_data.proof,
};
Copy link
Copy Markdown

@steviez steviez Jan 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Forgive the possibly naive question as I'm not super familiar with this code - It looks like the old code generated more "incorrect" stuff. Namely, the secret and keypair.

The new code looks to just be sticking a bad pubkey in with the otherwise "good" fields form success_proof_data. Does this impact anything or is the change inconsequential ?

Copy link
Copy Markdown
Author

@samkim-crypto samkim-crypto Jan 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Right, in older versions, when we provided "incorrect" inputs to the proof constructors, it still went through with the proof generation logic to produce some garbage output.

This can be misused, so the auditors recommended that when an "incorrect" input is provided to a constructor, it just terminates early and return an error instead.

The zk-elgamal-proof program just does verification, not proof verification, so this change in proof generation doesn't impact the program at all. The only issue is that it makes it slightly more tedious to make invalid proofs for tests. We have to now manually tweak things to generate invalid proofs to test that the zk-elgamal-proof program indeed fails on invalid proofs.

t-nelson
t-nelson approved these changes Jan 16, 2026
View reviewed changes
Copy link
Copy Markdown

@t-nelson t-nelson left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

odd that the sdk made a major bump, but there are no api changes here

@samkim-crypto
Copy link
Copy Markdown
Author

samkim-crypto commented Jan 16, 2026

Thanks for the review!

Yeah the zk-sdk only uses Pubkey / Address for ElGamal key generation, which is handled internally, so no api changes in the zk-sdk.

@samkim-crypto samkim-crypto added this pull request to the merge queue Jan 16, 2026
Merged via the queue into anza-xyz:master with commit 7ad3fdf Jan 16, 2026
58 checks passed
@samkim-crypto samkim-crypto deleted the bump-zk-sdk branch January 16, 2026 03:38
@0x0ece 0x0ece mentioned this pull request Jan 23, 2026
Closed
This was referenced Feb 5, 2026
Merged
Merged
This was referenced Feb 7, 2026
Closed
Closed
@Rexicon226 Rexicon226 mentioned this pull request Feb 17, 2026
Closed
@Rexicon226 Rexicon226 mentioned this pull request Mar 7, 2026
Merged
github-merge-queue Bot pushed a commit to Syndica/sig that referenced this pull request Apr 5, 2026
@Rexicon226
zksdk 5.0 conformance (#1296)
faf95e0 
anza-xyz/agave#10000

Fixes all the zksdk failures in the instruction harness
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@steviez steviez steviez left review comments

@t-nelson t-nelson t-nelson approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@samkim-crypto @codecov-commenter @t-nelson @steviez