Fix out of bounds when verifying malformed proofs

openmina · Feb 24, 2025 · e957b6b · e957b6b
1 parent dec49a9
commit e957b6b
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 2 deletions.
diff --git a/kimchi/src/circuits/polynomials/endomul_scalar.rs b/kimchi/src/circuits/polynomials/endomul_scalar.rs
@@ -11,7 +11,7 @@ use crate::{
     },
     curve::KimchiCurve,
 };
-use ark_ff::{BitIteratorLE, BigInteger, Field, PrimeField};
+use ark_ff::{BigInteger, BitIteratorLE, Field, PrimeField};
 use std::array;
 use std::marker::PhantomData;
 

diff --git a/poly-commitment/src/commitment.rs b/poly-commitment/src/commitment.rs
@@ -739,6 +739,13 @@ impl<G: CommitmentCurve> SRS<G> {
 
             let s = b_poly_coefficients(&chal);
 
+            debug_assert!(s.len() <= scalars.len());
+
+            // TODO: implement a better solution at type/wire level, for now we just bail out...
+            if s.len() > scalars.len() {
+                return false;
+            }
+
             let neg_rand_base_i = -rand_base_i;
 
             // TERM

diff --git a/signer/src/keypair.rs b/signer/src/keypair.rs
@@ -98,7 +98,9 @@ impl Keypair {
     pub fn secret_multiply_with_curve_point(&self, multiplicand: CurvePoint) -> CurvePoint {
         use ark_ec::AffineCurve;
         use ark_ec::ProjectiveCurve;
-        multiplicand.mul(self.secret.clone().into_scalar()).into_affine()
+        multiplicand
+            .mul(self.secret.clone().into_scalar())
+            .into_affine()
     }
 }