https://rot256.dev/tags/soundness/Recent posts in Soundness on ROT256.en-usTue, 12 May 2026 00:00:00 +0000https://rot256.dev/post/frobenius/Tue, 12 May 2026 00:00:00 +0000https://rot256.dev/post/frobenius/<img src="./top.png" width="100%" alt="Lyon Streets, Dithered"> <h1 id="introduction">Introduction</h1> <p>In this post we just want to cover a fun bug we found: fun because the math itself is interesting, and fun because it breaks <em>just</em> the right way. The bug is <a href="https://github.com/GaloisInc/swanky/issues/44">issue #44</a> in <a href="https://github.com/GaloisInc/swanky/tree/master/edge/inferno">Inferno</a>, which is a Rust implementation of the <a href="https://eprint.iacr.org/2021/215">Limbo</a> MPC-in-the-head zero-knowledge argument, which is an improvement upon the <a href="https://eprint.iacr.org/2018/475">KKW scheme</a>. The bug in the implementation is one character long, surprisingly common, usually not game ending, but over binary extension fields <em>everything breaks</em> in <em>just</em> the right way&hellip;</p>