The much-anticipated ZKsync airdrop distribution plan has been finalized. The ZKsync Association will conduct a one-time airdrop of 3.6 billion ZK tokens to early users and adopters of ZKsync next week, with 695,232 eligible wallets. The snapshot time is March 24, and community members can claim the airdrop starting next week until January 3, 2025.

zkSync is an Ethereum Layer 2 chain that uses zero-knowledge rollup (ZK rollup) technology to solve Ethereum's current scalability issues. zkSync hopes to provide cheaper and faster transactions on the Ethereum blockchain and become the home of many popular Ethereum applications. If successful, we could see major decentralized exchanges and DeFi protocols expand to the zkSync layer, giving cryptocurrency users access to these tools at a lower cost.

However, whether it is the early dispute between zkSync’s parent company and the zk trademark application, or the current airdrop controversy, zkSync has once again been pushed to the forefront.

zkSync is a powerful platform, but it is also a controversial one

zkSync is an Ethereum L2 solution launched by the Matter Labs team 5 years ago. It uses zero-knowledge proof technology to achieve efficient transaction verification and has raised more than $200 million in financing. In 2020, zkSync Lite 1.0 was officially launched. Subsequently, the Matter Labs team made improvements and optimizations on this basis and launched the zkSync Era mainnet in 2022. The mainnet supports EVM, introduces account abstraction functions, and is equipped with complete development tools, attracting more than 200 projects including Uniswap and 1inch to deploy on the zkSync Era mainnet.

Earlier, the market reported that zkSync developer Matter Labs has gone a step further by choosing ZK as the name of the token and has filed trademark applications in nine countries, attempting to use "ZK" as Matter Labs' exclusive intellectual property.

This angered the crypto industry. StarkWare, Algorand, Polygon, Polyhedra Network, Kakarot and many other ZK projects jointly issued a statement condemning Matter Labs' actions.

On June 3, Matter Labs tweeted that after previous discussions, it decided to abandon all trademark applications for the term "ZK". In response, Matter Labs CEO said: This is not an easy decision. It increases legal risks, but the fundamental purpose of ZK is to help humans change their cooperation model from "don't be evil" to "can't be evil", and I think it's the right thing to do.

In the past two days, zkSync's airdrop criteria has also caused controversy in the community. ZKsync checked every address that has traded on ZKsync Era and ZKsync Lite according to the eligibility criteria to identify real users who have seriously spent time exploring ZKsync. However, many people found that they came back empty-handed after checking the addresses.

As the airdrop is about to begin, phishing attacks may also increase. Here are some key safety tips to help you avoid being phished when claiming the ZKsync airdrop:

1 Make sure you are accessing the ZKsync airdrop-related website through official channels. Any unknown links sent via email or private messages may be phishing websites, so be vigilant.

2 Check the authenticity of the URL. Before visiting a website, carefully check the spelling and domain name of the URL. Phishing websites often use URLs that are very similar to official websites to trick users into entering sensitive information.

3. Do not provide private keys, mnemonics, or any other personal sensitive information to claim airdrops. If you receive any request for this information, stop the operation immediately.

zkSync Ecosystem Security

Starting at 6:00 am on June 2, 2024 (Beijing time), according to Beosin Alert monitoring and early warning, the Velocore project on the zkSync chain and the linea chain was attacked by hackers multiple times, resulting in the theft of more than dozens of tokens and a total amount of more than 6.8 million US dollars. At present, the attacker has transferred the stolen funds to the Ethereum chain through the cross-chain bridge and converted all the funds into ETH. As of press time, the attacker has transferred all ETH to Tornado.Cash.

Attack address (zkSync, linea):

0x8CDc37eD79C5EF116b9Dc2A53Cb86ACaca3716bF

As the zkSync ecosystem continues to grow and expand, it is important to ensure its security. As one of Ethereum's second-layer expansion solutions, zkSync aims to provide more efficient transaction processing capabilities and lower transaction costs. However, with the increase in users and developers, security risks also arise.

In this context, security audits become crucial. As a leading blockchain security company, Beosin plays a key role in ensuring the security of the zkSync ecosystem and provides strong security guarantees for projects on zkSync.

At present, Beosin has completed the audit of the SyncSwap project launch agreement. The audit content includes code quality audit, contract logic and security audit, operation model audit, etc. The audit finally found that the contract has too high management authority, and the contract owner can withdraw the assets deposited by users in the contract before the project is launched. The project party is aware of this problem and will indicate that a multi-signature wallet will be used to manage the project in the future.

Audit link: https://beosin.com/audits/SyncSwap_202304231022.pdf

To help ZkSync ecosystem security and compliance, Beosin KYT has now integrated the ZkSync network

In response to the growing demand for blockchain security and compliance, Beosin KYT has now integrated the zkSync network. This upgrade is designed to provide comprehensive security and compliance support to project parties and related exchanges in the zkSync ecosystem, and further promote the healthy development of the zkSync ecosystem.

In this context, preventing malicious addresses, identifying high-risk transactions, and conducting effective fund tracking have become key tasks to ensure the security and compliance of the zkSync ecosystem. The integration of Beosin KYT is designed to meet these challenges and provide comprehensive security and compliance services.

Malicious address query:

Beosin KYT can identify and query malicious addresses in the zkSync network in real time. By analyzing on-chain data and historical behavior, the KYT system can quickly mark suspicious addresses and provide timely warnings and risk alerts to project parties and exchanges.

Address transaction risk score:

The Beosin KYT system provides detailed risk scores for all participants in the zkSync network. These scores are based on the address’s transaction history, fund flow patterns, and interaction behaviors, helping users assess the security and credibility of each address.

STR report output:

The Beosin KYT system can generate detailed Suspicious Transaction Reports (STRs) covering the background, behavior, and potential risks of transactions. These reports help project owners and exchanges identify and address potential compliance risks and ensure compliance with relevant regulatory requirements.

On-chain fund tracking and tracing:

For complex fund flows, Beosin KYT provides powerful on-chain tracking and tracing capabilities. Regardless of the source, direction, or intermediate transfer path of funds, the KYT system can provide comprehensive analysis and visualization to help users quickly identify abnormal fund flows and take corresponding measures.

Beosin's research on ZK technology

Previously, Beosin has done a lot of in-depth hardcore research on ZK technology, such as "Detailed Explanation of the ERC-7520 Draft: zk-SNARK Public Input Overflow Attack Protection" and "In-depth Analysis of Zero-Knowledge Proof zk-SNARK Vulnerabilities: Why Zero-Knowledge Proof Systems Are Not Infallible?".

As well as sharing some security research analysis of zk cases, "Involving $33 million, Beosin KYT analyzes the ZKasino soft run controversy", Beosin is not only committed to revealing and preventing potential risks in ZK technology, but also actively promoting its application and development in actual projects. Through an in-depth understanding of technologies such as zk-SNARK and zk-Rollups, it provides developers with all-round support from theoretical research to practical application.

In the future, with the continuous evolution and widespread application of ZK technology, security protection will become more and more important. Beosin will continue to lead blockchain security research and technology development, and help every blockchain ZK project that pursues excellence to succeed in the future. Whether it is helping project parties audit smart contracts or providing security + compliance solutions for platforms such as zkSync, Beosin has become a backbone in the field of blockchain security with its deep technical accumulation and innovation capabilities.