TU Wien Informatics

Maria Christakis Receives ERC Proof of Concept Grant

  • 2026-06-30
  • Award
  • Women in Informatics
  • Excellence

We are thrilled to announce that Maria Christakis has received an ERC Proof of Concept Grant for her project CIRCUZZ!

Maria Christakis
Maria Christakis
Picture: Amélie Chapalain / TU Wien Informatics

We are thrilled to announce that Maria Christakis, Professor and Head of the Research Unit Software Engineering, has received an ERC Proof of Concept grant for her project CIRCUZZ! The grant is endowed with 150,000 Euros and is set to run for up to 18 months.

CIRCUZZ aims to transform cutting-edge research on the automated testing of zero-knowledge systems into a robust, practical tool for developers and security auditors. Zero-knowledge proofs are cryptographic protocols that allow a system to verify that a statement is true without revealing the underlying data, like proving you are over a certain age without disclosing your exact birthdate. In computing, this principle is highly attractive for privacy-preserving applications, blockchain infrastructures, and secure digital identities. However, the software implementing these proofs is incredibly complex. While external experts heavily audit these systems, the manual review process is expensive, and subtle errors can still slip through. If a zero-knowledge system contains bugs, the consequences are severe: fraudulent transactions could be processed, or sensitive information compromised.

“If there is a bug in these systems during an authentication scenario, it might mean the system fails to authenticate me even when I am who I say I am,” she explains. “But a much more serious bug is when the system erroneously authenticates me as someone else, granting me access to sensitive information I shouldn’t have,” says Christakis, highlighting the critical nature of these vulnerabilities.

To address this, CIRCUZZ introduces an automated, black-box testing approach. Rather than requiring deep cryptographic expertise to audit the code manually, the tool generates test programs to uncover discrepancies between the system’s prover and verifier components. The research utilizes two primary testing strategies: The first is differential testing, where the tool takes a program and slightly modifies it to create an equivalent version, for example, by taking an addition operation and simply adding zero. Both versions are then run through the zero-knowledge system. Since the programs are functionally identical, they should yield identical behavior. If they do not, it immediately flags a mismatch and a potential bug. The second strategy relies on artifact manipulation.

“These systems generate intermediate cryptographic artifacts, such as constraints, proofs, or verification results,” notes Christakis. “We go in and deliberately modify these artifacts, essentially tampering with them just as an attacker would. If the system continues to function normally and fails to detect the tampering, it exposes a severe vulnerability—you should never authenticate someone based on a corrupted artifact.”

This methodology has already demonstrated immense real-world impact. The prototypes developed by Christakis and her collaborators have uncovered more than 50 previously unknown bugs in widely used zero-knowledge systems, including critical correctness and security flaws. The vast majority of these have been acknowledged and fixed by developers. The foundational work for CIRCUZZ builds on two recent research papers accepted at the 32nd ACM Conference on Computer and Communications Security (CCS) and 35th USENIX Security Symposium, both leading security conferences. With the support of the ERC Proof of Concept Grant, the next step is taking this research out of the lab: The grant supports transforming CIRCUZZ into a practical, open-source tool that developers and auditors can use to secure their codebases. The project will focus on improving usability and broadening the range of testable zero-knowledge software. The grant also complements Christakis’ broader research agenda. She currently leads the ERC Starting Grant project MirandaTesting, which develops new techniques for testing complex software-analysis tools.

Congratulations to Maria on this outstanding achievement!

About Maria Christakis

Maria Christakis is a Professor and Head of the Research Unit Software Engineering at TU Wien Informatics. Her research focuses on automated testing, program analysis, software verification, and techniques for building more reliable software systems. Before joining TU Wien in 2022, she was a tenure-track faculty member at the Max Planck Institute for Software Systems in Germany. She previously held positions at the University of Kent, Microsoft Research, and ETH Zurich, where she completed her PhD.

Christakis has received several competitive grants and distinctions, including an ERC Starting Grant, an ERC Proof of Concept Grant, an Ethereum Foundation Academic Grant, an Amazon Research Award, a Google Research Scholar Award, and a Facebook Faculty Research Award. She is also a member of the Young Academy of the Austrian Academy of Sciences and received the ACM-W Rising Star Award for her research contributions to computing.

Curious about our other news? Subscribe to our news feed, calendar, or newsletter, or follow us on social media.