Great job on bringing multiple improvements to the original zkbattleship-circuit.
I would suggest to add additional input validation on the private input signals. Currently, the prover is able to modify private positions of the ships during gameplay.
Hi @LokartBC,
Great job on bringing multiple improvements to the original zkbattleship-circuit.
I would suggest to add additional input validation on the private input signals. Currently, the prover is able to modify private positions of the ships during gameplay.
For example on https://github.com/LokartBC/ZKBattleship_secure/blob/a37ec16d1e57539e2469fc45cc28eead17740bfd/circuits/battleShipHit.circom#L24 one can increment the carrier signal while decrementing the cruiser signal. The hash will remain the same, but the location of the ships are modified:
fyi, a similar problem exists in the original codebase as well: https://github.com/tommymsz006/zkbattleship-circuit/blob/24d6d95e674176b72d89babd82d194c72786851b/circom/battleship_pedersen.circom#L35