zkao Sales Cheat Sheet

Rome ZK Conferences, May 2026 | For internal use by zkSecurity team

1. The 10-Second Pitch

"Deep Research, but for finding bugs."

zkao is AI-powered continuous security analysis, built by zkSecurity. AI agents exhaustively research your code for vulnerabilities: connect once, and they keep finding new bugs months later as they improve. It's like having a tireless security researcher on your codebase all year.

2. Conversation Openers

Pick the one that fits who you're talking to. Don't pitch cold: start with a question.

For existing audit clients

"You know how after we deliver the audit report, you keep shipping code but there's no one watching? We built something for that gap."

For teams that can't afford an audit yet

"What are you doing for security before your next audit? We have something that catches the low-hanging fruit at a fraction of the cost."

For people who know zkSecurity

"We've been encoding our auditor knowledge into AI agents. Same techniques we use in audits, running continuously on your repo."

For people who don't know us

"We're zkSecurity: the largest ZK-focused security team. 18 researchers, 100+ audits. We built a product that automates the patterns we see over and over."

For non-blockchain / general crypto teams

"Our AI analysis platform works on any cryptographic code: MPC protocols, FHE implementations, TEE attestation logic. Same deep-analysis approach, different domain."

3. Key Value Props

Continuous, not one-shot

AI is non-deterministic. The same agent on the same code explores different paths each run. Some bugs only surface on run 8 of 100. Continuous scanning exploits this.

Audit-grade expertise

Built by the team that's done 100+ ZK audits. Agents encode real vulnerability patterns we find in paid engagements, not generic static analysis rules.

Signal over noise

Multi-agent pipeline with a dedicated triage step. We optimize for precision: if we report it, it's worth your time. Not 500 medium-confidence warnings.

Complements audits

Use pre-audit (catch easy bugs before paying $100k+ for humans) or post-audit (catch regressions after deployment). Not a replacement for audits.

4. How It Works (keep it simple)

Connect your GitHub repo (auto-detects circuits)
Multiple specialized AI agents analyze in parallel: security audit, invariant hunting, crypto analysis, test generation, known-pattern matching
Automated triage filters noise, produces actionable findings with line numbers, severity, and fix suggestions
Continuous scanning keeps finding bugs as models improve

CLI available too for local/private workflows. 5 minutes from signup to first scan results.

5. Pricing

A fraction of the cost of a traditional audit

Pricing is still being finalized. What you can say: it's significantly cheaper than a full audit engagement, with pay-as-you-go and monthly subscription options available. No per-finding fees, no surprise costs.

If they press for exact numbers, say we're in early access and happy to work out pricing that makes sense for their use case.

6. Common Objections

"AI can't find real bugs in crypto code"

Our agents are guided by patterns from 100+ real audits. They've found real vulnerabilities in production circuits: under-constrained signals, arithmetic overflows, unsafe template compositions. We can show you sample reports.

"We already had an audit"

Great: you're exactly our user. You ship new code after the audit. zkao catches regressions and finds bugs the audit missed (AI explores different paths than humans). Think of it as your security baseline between audits.

"Why not just use ChatGPT/Claude directly?"

Raw LLMs hallucinate findings. We run multiple specialized agents in a pipeline with automated triage. The orchestration, domain-specific prompting, and validation layers are what make findings actionable vs. noise. Plus: continuous re-scanning, persistence, tracking.

"We're not using Circom"

We support Circom today with Gnark support already shipping. Noir, Halo2, and other frameworks are on the roadmap. The architecture is framework-agnostic: same multi-agent pipeline, different domain knowledge. If you're interested, we'd prioritize your framework.

"Isn't this expensive?"

A single audit costs $100k+. If zkao catches one bug that would've been a critical in your next audit (or worse, in production), it pays for itself many times over. It's also cheaper than hiring one security engineer.

"We're not in blockchain/ZK"

Our analysis platform works on any code with cryptographic complexity: MPC implementations, FHE schemes, TEE attestation, custom protocol implementations. Same approach: specialized AI agents with domain expertise, continuous analysis. Let's talk about what you're building.

7. Expansion Beyond ZK

The pitch for non-ZK prospects

zkao's architecture is domain-agnostic. The same multi-agent orchestration that finds ZK bugs can be pointed at:

MPC Protocol implementation bugs, secret sharing errors
FHE Parameter selection, noise budget violations
TEE Attestation logic, side-channel patterns
General crypto Misuse of primitives, timing attacks, randomness issues
Smart contracts Solidity/Move/Rust contract vulnerabilities

Frame it as: "We're expanding. If you're interested, you'd be an early design partner: you get priority support and input on what we build."

8. The Ask

Don't try to close. Get them to try it.

"Can I get your email? I'll send you an invite. Takes 5 minutes to connect a repo and see your first results. No commitment."

If they're warmer: "Want to scan one of your repos right now? I can set it up on my phone."

9. Quick Facts (if they ask)

About zkSecurity

18-person team, all researchers/engineers
100+ completed ZK audits
Clients include major L1/L2 protocols
Published ZK security research
The leading ZK-focused audit firm

Technical details (if they dig)

Multi-agent DAG pipeline
5 specialized analysis flows
Automated triage reduces false positives
GitHub integration + CLI
Results in minutes, not weeks
Agents improve as underlying models improve

The 5 Analysis Flows (only if they ask)

SnarkSentinel: Comprehensive security audit across all vulnerability classes
Invariants Hunter: Generates and verifies mathematical invariants to find logic violations
Cryptopsy: Reverse-engineers crypto implementations for weaknesses
Testator: Generates comprehensive test suites targeting edge cases
Paper-Cuts: Searches for known vulnerability patterns and generates proof-of-concept exploits

10. Do's and Don'ts

Ask questions first, pitch second
Lead with their pain, not our features
Offer to demo on their actual repo
Position as complementary to audits
Collect emails/Telegrams for follow-up
Mention we're expanding beyond ZK
Be honest about current limitations

Don't

Say it replaces human audits
Promise specific bug-finding guarantees
Oversell framework support (Circom + Gnark today)
Get into technical architecture unless asked
Try to close a deal on the spot
Trash other security tools/competitors
Forget to follow up within 48 hours

Website: zkao.io | Questions? Ask in the team chat