Third-party review (NCC track)
Single entry point for independent reviewers reproducing QuantZK checks without hunting the tree.
Prerequisites
| Tool | Version | Used for |
|---|---|---|
| Node.js | ≥ 18 | Protocol packages, JS verifier, tests |
| npm | 9+ | Installs protocol/ workspaces |
| Go | ≥ 1.21 | protocol/packages/vdi-verifier-go tests |
| Python | ≥ 3.10 | protocol/packages/vdi-verifier-python golden vectors |
Optional: Docker for verifier-api local PostgreSQL/Redis; Circom/snarkjs only if recompiling circuits.
One command (protocol audit suite)
From the repository root after git clone:
bash
make ncc-reviewEquivalent: bash scripts/ncc-review.sh
Runs protocol install, VDI audit suite (JS conformance, Go verifier, Python golden vectors), and MPC policy E2E integrity gate.
API billing pilot gate
With PostgreSQL available:
bash
cd verifier-api
DATABASE_URL="postgresql://zkcaptcha:development@localhost:5432/zkcaptcha" \
REDIS_ENABLED="false" REDIS_DISABLED="true" NODE_ENV=test DB_SSL=false \
npm run test:billing-pilotExpect 15/15 passing tests.
Production smoke (live)
bash
API=https://api.quantzk.com VDI_ATTEST_SECRET=<secret> \
bash scripts/smoke-billing-phase2.shPins billing_proof.vkey_hash against ARTIFACT_MANIFEST.json. See Production smoke evidence.
Manual protocol steps
bash
cd protocol
npm install --legacy-peer-deps
npm run test:audit-suite
npm run mpc:e2e-check -- --environment ncc-review-gate --output audit-logs/mpc-e2e-check.ncc-review.json| Command | What it does |
|---|---|
npm run test:audit-suite | Primary NCC bar: conformance + Go + Python |
npm run artifact:status | Artifact authority + MPC provenance (JSON) |
npm run mpc:e2e-check | Prove/verify + hash alignment for MPC circuits |
npm run docs:check-terms | Mode terminology drift guard |
Artifact expectations
| Suite | Prebuilt WASM/zkey required? |
|---|---|
npm run test:audit-suite | No — fixtures under protocol/fixtures/ |
npm test (full) | Partially — some policy-circuit tests need protocol/build/ |
npm run test:examples | Yes — needs zk-cp/build/ (Groth16) |
Related docs
Full reviewer README in repo root: NCC_REVIEW.md.
