Skip to content
This repository has been archived by the owner on Jan 13, 2025. It is now read-only.

[zk-token-sdk] Restrict range proof generator length and prevent 0-bit range proof #34166

Merged
merged 2 commits into from
Nov 20, 2023
Merged

[zk-token-sdk] Restrict range proof generator length and prevent 0-bit range proof #34166

merged 2 commits into from
Nov 20, 2023

Conversation

samkim-crypto
Copy link
Contributor

@samkim-crypto samkim-crypto commented Nov 19, 2023

Problem

When the input to the range proof generator become very large, then this could lead to expected behavior (#33509).

Summary of Changes

Added a cap of 2^32, which should be plenty for all practical use cases.

Fixes #

@samkim-crypto samkim-crypto added the work in progress This isn't quite right yet label Nov 19, 2023
Copy link

codecov bot commented Nov 19, 2023

Codecov Report

Merging #34166 (3e95bfa) into master (574b8b5) will decrease coverage by 0.1%.
Report is 1 commits behind head on master.
The diff coverage is 91.1%.

Additional details and impacted files
@@            Coverage Diff            @@
##           master   #34166     +/-   ##
=========================================
- Coverage    81.9%    81.9%   -0.1%     
=========================================
  Files         819      819             
  Lines      220122   220172     +50     
=========================================
+ Hits       180386   180394      +8     
- Misses      39736    39778     +42     

@samkim-crypto samkim-crypto added v1.17 PRs that should be backported to v1.17 and removed work in progress This isn't quite right yet labels Nov 20, 2023
Copy link
Contributor

mergify bot commented Nov 20, 2023

Backports to the beta branch are to be avoided unless absolutely necessary for fixing bugs, security issues, and perf regressions. Changes intended for backport should be structured such that a minimum effective diff can be committed separately from any refactoring, plumbing, cleanup, etc that are not strictly necessary to achieve the goal. Any of the latter should go only into master and ride the normal stabilization schedule. Exceptions include CI/metrics changes, CLI improvements and documentation updates on a case by case basis.

Copy link
Contributor

@joncinque joncinque left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great, thanks for factoring these out!

@samkim-crypto samkim-crypto merged commit 0e6dd54 into solana-labs:master Nov 20, 2023
20 checks passed
mergify bot pushed a commit that referenced this pull request Nov 20, 2023
…t range proof (#34166)

* limit range proof generator length

* forbid 0-bit range proof verification

(cherry picked from commit 0e6dd54)

# Conflicts:
#	zk-token-sdk/src/range_proof/errors.rs
#	zk-token-sdk/src/range_proof/generators.rs
#	zk-token-sdk/src/range_proof/mod.rs
samkim-crypto added a commit that referenced this pull request Nov 21, 2023
…nt 0-bit range proof (backport of #34166) (#34183)

* [zk-token-sdk] Restrict range proof generator length and prevent 0-bit range proof (#34166)

* limit range proof generator length

* forbid 0-bit range proof verification

(cherry picked from commit 0e6dd54)

# Conflicts:
#	zk-token-sdk/src/range_proof/errors.rs
#	zk-token-sdk/src/range_proof/generators.rs
#	zk-token-sdk/src/range_proof/mod.rs

* resolve conflict

---------

Co-authored-by: samkim-crypto <skim13@cs.stanford.edu>
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
v1.17 PRs that should be backported to v1.17
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants