Singularity

Introduction

Singularity delivers KYC/KYB-enabled, confidential DeFi rails integrated with major on-chain liquidity venues. Leveraging Noir circuits and UltraPLONK proofs, it lets institutions obfuscate asset flows while tapping Curve, Uniswap, staking pools, and dark-­pool primitives.

Engagement Goal: Ensure that ZK circuits and Solidity contracts uphold confidentiality guarantees without opening exploitable gaps in asset management, proof validation, or relayer workflows.

Scope of the Engagement

Circuits

Smart Contracts

Results and Findings

Key Critical Issues

Mis-built ZK Note in StakingAssetManager

• Description: lockERC20() used the raw asset address instead of the zk-token in the note commitment, making unlocks impossible.
• Resolution: Rebuilt notes with the correct zkToken reference.

Forged Merkle Root → Fake Note Theft

• Description: Any function consuming a Merkle root lacked a validity check—attackers could present arbitrary roots to unlock non-existent notes.
• Resolution: Enforced on-chain root verification against the trusted VerifierHub.

Reentrancy Drain via Withdraw ETH

• Description: withdrawETH() invoked _postWithdraw() after the external call, letting an attacker reuse the same nullifier to double-spend and loop-drain funds.
• Resolution: Swapped Effects ↦ Interactions: record state before calling .call.

Curve Multi-Exchange Route Poisoning

• Description: curveMultiExchange() never checked assetIn/assetOut against the submitted route, enabling fake-pool swaps that steal real tokens.
• Resolution: Validated that route[0] == assetIn and that the final token in route matches assetOut.

Dark Pool Double-Spend on join/swap

• Description: Passing the same note twice to join(), joinSplit(), or swap() minted twice the underlying, draining the pool.
• Resolution: Enforced that input notes must be distinct.

Stuck ETH in Curve Due to msg.value Misuse

• Description: All Curve calls forwarded msg.value instead of the claimed amountIn, leaving deposits irretrievable.
• Resolution: Switched to {value: amountIn} so only the intended funds are spent.

Nullifier Collision Across Deposits

• Description: Reusing identical (rho, pubKey) combos across deposits produced duplicate nullifiers, orphaning later notes.
• Resolution: Mandated unique nullifier generation or keyed them by the full note commitment.

In conclusion

Over 18 person-weeks, Three Sigma dissected 6,000 LoC of Noir circuits and Solidity asset managers, uncovering 7 critical and 10 high-severity flaws—ranging from ZK note misconstruction to reentrancy drains and route-poisoning exploits. All critical and high issues were remediated, vastly strengthening Singularity’s confidentiality guarantees and asset safety in complex multi-protocol interactions.