Overflow vulnerability in Polygon's zkEVM Storage machine #18
Description
Just came across this bug tracker, very cool :)
I found a bug in the Polygon zkEVM which allows a malicious prover to return "0" when reading any storage slot (and possibly also exploit other CRUD operations). Sounds like it fits in well here! All the details are in the blog post.