This PR implements a number of security fixes. We gratefully acknowledge the work of Chain Security in spotting these.
1) Summing input funds and output funds (to show conservation of money) was done across fees and non-fee amounts. This is problematic when they are a different currency. They are now separately summed.
2) Fees in the transform circuit were not correclty constrained.
3) The tokenId was held in a field during some intermediate computations, which can cause an overflow.
This PR implements a number of security fixes. We gratefully acknowledge the work of Chain Security in spotting these.
1) Summing input funds and output funds (to show conservation of money) was done across fees and non-fee amounts. This is problematic when they are a different currency. They are now separately summed. 2) Fees in the transform circuit were not correclty constrained. 3) The tokenId was held in a field during some intermediate computations, which can cause an overflow.