Potential vulnerability in zk-Rollup systems - zk-s[nt]arks - Ethereum Research Ethereum Research Potential vulnerability in zk-Rollup systems zk-s[nt]arks zk-roll-up keyvank January 10, 2023, 10:26am 1 I have been working on my own zkRollup implementation for a while now (Ziesha Network). According to my research, most of the zkRollup implementations out there are using a giant Sparse-Merkle-Tree for storing accounts, in which each account contains another Sparse-Merkle-Tree storing the assets of that user. AFAIU, these numbers are limited. I have gotten these numbers in some of the rollup projects. zkSync → Account capacity: 2^24, Token-capacity: 2^8 (Based on their protocol documentation) zkBNB → Account capacity: 2^32, Token-capacity: 2^16 Now imagine (E.g In case of zkSync), I create 2^8 transactions, sending tokens to all empty slots of the victim account. This will block the victim account (People will not be able to send non-existing tokens to that account anymore), unless the account owner remove these tokens from his account. Has this been studied? Are there solutions? Or am I missing something here? Thanks! Home Categories FAQ/Guidelines Terms of Service Privacy Policy Powered by Discourse, best viewed with JavaScript enabled