# ZKEmail/ Z-Imburse Audit Docs ## Table of Contents ZKEmail.nr <-- to add, see zkemail.nr readme for now [ZImburseRegistry](https://hackmd.io/@IQZ-5dJ4QGGu4K6oX71X7w/B15n-XLlJe) [ZImburseEscrow](https://hackmd.io/@IQZ-5dJ4QGGu4K6oX71X7w/S1e6oAalJe) ## Scope ### ZKEmail.nr entirety of https://github.com/zkemail/zkemail.nr: - missing edge cases in nr testing - use of sequences instead of regex or string search in general (this is probably the most abusable but we tried to lock it down) - safety of header field constraining - safety of email address parser - use of range checks + get_unchecked on BoundedVecs to save gates ### Z-Imburse - Is it possible to manupulate the email inputs to achieve a linode reimbursement that otherwise should not happen? - Trust assumptions have been made for either PoC or efficiency reasons - what is the threat model around them (see blue note fields in docs) - Nullifiers: what is the consequence of using `EntitlementNote.randomness` instead of nullifier secret? - How threatening is the lack of DKIM key revocation? - #### Applicable File Structure ``` <root_dir> | - circuits | | - date_parser/* <-- medium priority | | - library_testers/linode_email_verifier <- low priority | | - zimburse_verifiers/ <-- low/med priority | | - *.nr | | - linode/* | - contracts | | - z_imburse_escrow/* <-- highest priority | | - z_imburse_registry/* <-- high priority | - scripts <-- only needed for compiling contracts/ circuits no need to actually audit | | - artifacts.sh | | - compile.sh | - src/* <-- only needed if elect to investigate PXE tests - zkemail.nr audit focus will educate on same practices used in linode verifier | - tests/ | | - circuits/linode.test.ts <-- low/med priotiy | | - contracts/escrow.test.ts <-- medium priority, can focux on TXE tests in z_imburse_registry most likely ```