0xluk3/zk-resources

ZK-resources is a short reading list for people interested in the security side of zero knowledge proofs. The author, 0xluk3, frames it as quality over quantity, so it is a small set of hand picked links rather than an exhaustive directory. The repository contains nothing but the README itself. The Tutorials section has five entries that walk from theory to practice. There is an interactive Sumcheck tutorial from zkSecurity that uses SageMath, the ZK Whiteboard Sessions video series from ZK Hack, a math fundamentals collection at floatingpragma's awesome ZK proofs site, the author's own blog at luk3.tech with math explained in plain terms, and the RareSkills ZK Book. The largest section is Bugs and Reports. It starts with three bug trackers: 0xPARC's zk-bug-tracker, zksecurity's zkbugs, and a Spartan-ECDSA audit under thogiti's ZK-Audits repository. Two zkVM projects then get their own subsections. The RISC Zero block links to that project's official audits folder, a Veridise audit report, a RISC Zero blog post about reaching a formally verified zkVM, a HackenProof bug bounty report, and a Hexens audit. The SP1 block links to Succinct Labs' audits folder, a responsible disclosure write up from LambdaClass about an SP1 exploit found with 3MI Labs and Aligned, Succinct's own January 2025 security update, and a June 2025 Veridise audit of SP1. A further zkVMs subsection groups general teaching material rather than project specific reports. It points to Veridise blog posts that introduce zkVMs and list common vulnerabilities, a Sigma Prime auditor's guide focused on SP1, a 7BlockLabs checklist for auditing zkVM guest programs after the 2025 SP1 incidents, and a separate ZippelLabs report archive. The final section is Aggregated, with three broader awesome lists for readers who want more material: timimm's awesome-zero-knowledge-proofs-security, StefanosChaliasos's Awesome-ZKP-Security, and sCrypt-Inc's awesome-zero-knowledge-proofs. There is no contribution guide, no license, and no commentary on individual links, so the repo is best treated as a starting bibliography put together by one practitioner.