project screenshot
project screenshot
project screenshot


Zk on-chain verification of YARA scans for IPFS cids. Yara scans bytes for malicious patterns.


Created At


Project Description

Problem statement:

IPFS is used with rising frequency for serving malware to compromised machines during the deployment.



Yara is a Security tool which scans bytes for malicious patterns defined in yara-rules. We propose an FEVM-based security layer, where a smart-contract validates the integrity of an IPFS CID through the zero-knowledge (ZK) proof verification of a successful Yara scan.

How it's Made


  • Docker container with Yara rules and scanner.

Yara runs in a docker-container. The input is the IPFS cid and the set of rules to test for. The output is a standardized log with matches per rule.

  • SNARK circuit which generates a proof of a successful scan for a CID.

A SNARK circuit which takes 3 inputs: the cid, the hash of the ruleset and the hash of the log. This the verification circuit gets deployed on chain. With every scan a proof is generated and submitted for on-chain verification.

  • Smart contract which verifies the proof.

The smart-contract validates if the cid and proof match. Those are stored offchain and can be validated on demand.

background image mobile

Join the mailinglist

Get the latest news and updates