Why you should avoid having complex codebases and departing from standards when developing zero-knowledge virtual machines TL;DR: We found a subtle bug in Succinct's SP1 virtual machine, which allows a malicious user to prove the validity of false statements by subtly manipulating register 0 in the guest code This
