If we do not do this an attacker could pass invaid address bits that are not 0 , 1.
I am unsure if this will cause a problem but its good to be sure/
Something like this from zcash from zcash should fix it.
for (size_t i = 0; i < INCREMENTAL_MERKLE_TREE_DEPTH; i++) {
// TODO: This might not be necessary, and doesn't
// appear to be done in libsnark's tests, but there
// is no documentation, so let's do it anyway to
// be safe.
generate_boolean_r1cs_constraint<FieldT>(
this->pb,
positions[i],
"boolean_positions"
);
}
Cross posting in miximus. But I hope we can finish the miximus rewrite with Semaphore as a dependency so we don't need to make this fix over there.
If we do not do this an attacker could pass invaid address bits that are not 0 , 1.
I am unsure if this will cause a problem but its good to be sure/
Something like this from zcash from zcash should fix it.
Cross posting in miximus. But I hope we can finish the miximus rewrite with Semaphore as a dependency so we don't need to make this fix over there.