Skip to content

Navigation Menu

Explore
By company size
By use case
By industry
View all solutions
Topics
- AI
- DevOps
- Security
- Software Development
- View all
Explore
- GitHub Sponsors
  Fund open source developers
- The ReadME Project
  GitHub community articles
Repositories
- Enterprise platform
  AI-powered developer platform
Available add-ons
Pricing

Search code, repositories, users, issues, pull requests...

Search

Clear

Search syntax tips

Provide feedback

We read every piece of feedback, and take your input very seriously.

Include my email address so I can be contacted

Saved searches

Use saved searches to filter your results more quickly

Name

Query

To see all available qualifiers, see our documentation.

You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session. You switched accounts on another tab or window. Reload to refresh your session.

Dismiss alert

Consensys / linea-constraints Public

Notifications You must be signed in to change notification settings
Fork 4
Star 10

Code
Issues 19
Pull requests 2
Actions
Security
Insights

Additional navigation options

Code
Issues
Pull requests
Actions
Security
Insights

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Formal verification related fixes #29

Open

16 of 21 tasks

OlivierBBB opened this issue Oct 27, 2023 · 0 comments

Open

16 of 21 tasks

Formal verification related fixes #29

OlivierBBB opened this issue Oct 27, 2023 · 0 comments

Assignees

Labels

Something isn't working

Comments

Copy link

Collaborator

OlivierBBB commented Oct 27, 2023 •

edited by letypequividelespoubelles

Loading

Main point

There is an issue with the padding in the ADD module spotted by @ericsson49 : a malicious prover can use the padding to insert a single wrong instruction into the ADD module. This is a serious security issue, thankfully with a trivial fix.

Other modules of that era may also be affected.

List of fixes

ADD module: constrain INST to be zero in the padding (+ optional vanishing of arguments in padding)
- fix spec https://github.com/Consensys/zkevm-spec/commit/16139fb240c01ec62d322317774602cf04c79dbc
- fix corset ADD module padding fix #30
check if affected and fix if necessary
- MUL
- MOD
  - currently requires instruction decoding, but could be done with out with 4 binary columns
  - missing constraint killing INST in the padding (spotted by @ericsson49)
- EXT
- SHF
  - instruction isn't constrained in padding
  - instruction isn't constrained outside of padding either, though the point is recognized
  - again 3 binary columns would suffice
- BIN
  - spec update
  - lisp update
  - java update
- WCP
  - spec update
  - lisp update
  - java update
    instruction + simplifying OLI etc ...

The text was updated successfully, but these errors were encountered:

All reactions

OlivierBBB self-assigned this

OlivierBBB changed the title ~~Fix ALU~~ Formal verification related fixes

OlivierBBB added the bug Something isn't working label

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Assignees

Labels

bug

Something isn't working

Projects

None yet

Milestone

No milestone

Development

No branches or pull requests

1 participant

Footer

© 2024 GitHub, Inc.

Footer navigation

Terms
Privacy
Security
Status
Docs
Contact

You can’t perform that action at this time.