Skip to content
This repository was archived by the owner on Jan 22, 2025. It is now read-only.

Commit 8bb153b

Browse files
samkim-cryptosamkim-crypto
committed
add a length check on range proof commitment length
1 parent 3368579 commit 8bb153b

File tree

4 files changed

+23
-0
lines changed

4 files changed

+23
-0
lines changed

zk-token-sdk/src/errors.rs

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -36,6 +36,8 @@ pub enum ProofVerificationError {
3636
ElGamal(#[from] ElGamalError),
3737
#[error("Invalid proof context")]
3838
ProofContext,
39+
#[error("illegal commitment length")]
40+
IllegalCommitmentLength,
3941
}
4042

4143
#[derive(Clone, Debug, Eq, PartialEq)]

zk-token-sdk/src/instruction/batched_range_proof/batched_range_proof_u128.rs

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,7 @@ use {
55
crate::{
66
encryption::pedersen::{PedersenCommitment, PedersenOpening},
77
errors::{ProofGenerationError, ProofVerificationError},
8+
instruction::batched_range_proof::MAX_COMMITMENTS,
89
range_proof::RangeProof,
910
},
1011
std::convert::TryInto,
@@ -77,6 +78,12 @@ impl ZkProofData<BatchedRangeProofContext> for BatchedRangeProofU128Data {
7778
#[cfg(not(target_os = "solana"))]
7879
fn verify_proof(&self) -> Result<(), ProofVerificationError> {
7980
let (commitments, bit_lengths) = self.context.try_into()?;
81+
let num_commitments = commitments.len();
82+
83+
if num_commitments > MAX_COMMITMENTS || num_commitments != bit_lengths.len() {
84+
return Err(ProofVerificationError::IllegalCommitmentLength);
85+
}
86+
8087
let mut transcript = self.context_data().new_transcript();
8188
let proof: RangeProof = self.proof.try_into()?;
8289

zk-token-sdk/src/instruction/batched_range_proof/batched_range_proof_u256.rs

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,7 @@ use {
55
crate::{
66
encryption::pedersen::{PedersenCommitment, PedersenOpening},
77
errors::{ProofGenerationError, ProofVerificationError},
8+
instruction::batched_range_proof::MAX_COMMITMENTS,
89
range_proof::RangeProof,
910
},
1011
std::convert::TryInto,
@@ -74,6 +75,12 @@ impl ZkProofData<BatchedRangeProofContext> for BatchedRangeProofU256Data {
7475
#[cfg(not(target_os = "solana"))]
7576
fn verify_proof(&self) -> Result<(), ProofVerificationError> {
7677
let (commitments, bit_lengths) = self.context.try_into()?;
78+
let num_commitments = commitments.len();
79+
80+
if num_commitments > MAX_COMMITMENTS || num_commitments != bit_lengths.len() {
81+
return Err(ProofVerificationError::IllegalCommitmentLength);
82+
}
83+
7784
let mut transcript = self.context_data().new_transcript();
7885
let proof: RangeProof = self.proof.try_into()?;
7986

zk-token-sdk/src/instruction/batched_range_proof/batched_range_proof_u64.rs

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,7 @@ use {
55
crate::{
66
encryption::pedersen::{PedersenCommitment, PedersenOpening},
77
errors::{ProofGenerationError, ProofVerificationError},
8+
instruction::batched_range_proof::MAX_COMMITMENTS,
89
range_proof::RangeProof,
910
},
1011
std::convert::TryInto,
@@ -76,6 +77,12 @@ impl ZkProofData<BatchedRangeProofContext> for BatchedRangeProofU64Data {
7677
#[cfg(not(target_os = "solana"))]
7778
fn verify_proof(&self) -> Result<(), ProofVerificationError> {
7879
let (commitments, bit_lengths) = self.context.try_into()?;
80+
let num_commitments = commitments.len();
81+
82+
if num_commitments > MAX_COMMITMENTS || num_commitments != bit_lengths.len() {
83+
return Err(ProofVerificationError::IllegalCommitmentLength);
84+
}
85+
7986
let mut transcript = self.context_data().new_transcript();
8087
let proof: RangeProof = self.proof.try_into()?;
8188

0 commit comments

Comments
 (0)