Blockchain security firm Veridise: ZK audits are twice as likely to find critical issues as other audit types

Blockchain security company Veridise reported that the likelihood of finding critical issues in zero-knowledge (ZK) projects during audits is twice as high as other types of audits. According to a report, Veridise analyzed 1,605 vulnerabilities found in the past 100 audits, with an average of about 16 issues per audit and an average of 18 issues per ZK audit. However, when focusing on critical vulnerabilities, Veridise found that 55% of ZK audits contained critical issues, compared to 27.5% for other audits (including smart contracts, wallet integrations, blockchain implementations, and relayers). The company stated that overall, the most common vulnerabilities discovered in Veridise audits were logical errors (385), maintainability (355), and data validation (304), accounting for 65% of all issues discovered during audits. These three issues also dominate the 360 specific ZK audit vulnerabilities discovered.