Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix Potential Overflow Problem within NamecheapPushDomainVerifier #423

Open
wants to merge 2 commits into
base: develop
Choose a base branch
from
Open

Fix Potential Overflow Problem within NamecheapPushDomainVerifier #423

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
eabf829
assert the bit-length of fromEmailIndex
Koukyosyumei Jan 11, 2025
f8a5497
add the bit-length validation of namecheapBuyerIdIndex and namecheapD…
Koukyosyumei Jan 11, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
13 changes: 13 additions & 0 deletions circuits-circom/circuits/namecheap/namecheap_push.circom
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
pragma circom 2.1.9;

include "../node_modules/circomlib/circuits/bitify.circom";
include "circomlib/circuits/poseidon.circom";
include "@zk-email/circuits/utils/regex.circom";
include "@zk-email/circuits/helpers/email-nullifier.circom";
Expand Down Expand Up @@ -97,6 +98,10 @@ template NamecheapPushDomainVerifier(maxHeadersLength, maxBodyLength, n, k) {
// Output packed email from
signal input fromEmailIndex;

// Assert the bit-length of fromEmailIndex
component fromEmailIndexBits = Num2Bits(log2Ceil(maxHeadersLength));
fromEmailIndexBits.in <== fromEmailIndex;

// Assert fromEmailIndex < emailHeaderLength
signal isFromIndexValid <== LessThan(log2Ceil(maxHeadersLength))([fromEmailIndex, emailHeaderLength]);
isFromIndexValid === 1;
Expand All @@ -105,6 +110,10 @@ template NamecheapPushDomainVerifier(maxHeadersLength, maxBodyLength, n, k) {

// Packed buyer id (Hashed before making public output)
signal input namecheapBuyerIdIndex;

// Assert the bit-length of namecheapBuyerIdIndex
component namecheapBuyerIdIndexBits = Num2Bits(log2Ceil(maxBodyLength));
namecheapBuyerIdIndexBits.in <== namecheapBuyerIdIndex;

// Assert namecheapBuyerIdIndex < emailBodyLength
signal namecheapBuyerIdIndexValid <== LessThan(log2Ceil(maxBodyLength))([namecheapBuyerIdIndex, emailBodyLength]);
Expand All @@ -114,6 +123,10 @@ template NamecheapPushDomainVerifier(maxHeadersLength, maxBodyLength, n, k) {

// Output packed domain name
signal input namecheapDomainNameIndex;

// Assert the bit-length of namecheapDomainNameIndex
component namecheapDomainNameIndexBits = Num2Bits(log2Ceil(maxBodyLength));
namecheapDomainNameIndexBits.in <== namecheapDomainNameIndex;

// Assert namecheapDomainNameIndex < emailBodyLength
signal namecheapDomainNameIndexValid <== LessThan(log2Ceil(maxBodyLength))([namecheapDomainNameIndex, emailBodyLength]);
Expand Down