Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Potential Overflow Problem in header-length check #40

Open
Koukyosyumei opened this issue Jan 25, 2025 · 1 comment
Open

Potential Overflow Problem in header-length check #40

Koukyosyumei opened this issue Jan 25, 2025 · 1 comment

Comments

@Koukyosyumei
Copy link

Thank you for this fantastic project!

I noticed that the TwitterVerifier template implemented in Circom might not properly validate whether index < header-length. For instance:

proof-of-twitter/packages/circuits/src/twitter.circom

Line 64 in d97f933

signal isFromIndexValid <== LessThan(log2Ceil(maxHeadersLength))([fromEmailIndex, emailHeaderLength]);

In this case, if fromEmailIndex = 21888242871839275222246405745257275088548364400416034343698204186575808495614 and emailHeaderLength = 3, the circuit results in isFromIndexValid = 1.

To address this, we should validate the bit-length of both fromEmailIndex and emailHeaderLength using Num2Bits.

If this is acknowledged as a potential bug, I’d be happy to submit a PR with a fix.
@Koukyosyumei
Copy link
Author

A similar problem is discussed in zkp2p/zkp2p-v1-monorepo#423.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Koukyosyumei