Deserialization `from_bytes` must ensure that the slice is fully consumed

dalek-cryptography / bulletproofs

A pure-Rust implementation of Bulletproofs using Ristretto.

MIT License

1.02k stars 218 forks source link

Deserialization `from_bytes` must ensure that the slice is fully consumed #255

Closed oleganza closed 5 years ago

oleganza commented 5 years ago

Currently from_bytes allows trailing garbage in byte slices. This applies both to RangeProof and to the upcoming R1CSPRoof serialization #243.

oleganza commented 5 years ago

Oops, i was wrong: the IPP proof's from_bytes interprets the entire slice as an IPP proof and makes sure it has exactly 2+2lg(n) 32-byte elements.