search

dusk-network / plonk

Pure Rust implementation of the PLONK ZKProof System done by the Dusk team
https://dusk-network.github.io/plonk
Mozilla Public License 2.0
543 stars 150 forks source link

Add blinding factors to the quotient polynomial #778

Closed xevisalle closed 12 months ago

xevisalle commented 1 year ago

This PR fixes a vulnerability found in Plonk, as described here:

https://x.com/rel_zeta_tech/status/1542474186664210432?s=20

codecov[bot] commented 1 year ago

Codecov Report

Merging #778 (4a4cc7a) into master (29c9500) will decrease coverage by 0.94%. The diff coverage is 27.69%.

:exclamation: Current head 4a4cc7a differs from pull request most recent head 7a05730. Consider uploading reports for the commit 7a05730 to get more accurate results

Additional details and impacted files [![Impacted file tree graph](https://app.codecov.io/gh/dusk-network/plonk/pull/778/graphs/tree.svg?width=650&height=150&src=pr&token=7JKOJ0fLuy&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=dusk-network)](https://app.codecov.io/gh/dusk-network/plonk/pull/778?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=dusk-network) ```diff @@ Coverage Diff @@ ## master #778 +/- ## ========================================== - Coverage 84.96% 84.02% -0.94% ========================================== Files 57 57 Lines 4037 4094 +57 ========================================== + Hits 3430 3440 +10 - Misses 607 654 +47 ``` | [Files](https://app.codecov.io/gh/dusk-network/plonk/pull/778?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=dusk-network) | Coverage Δ | | |---|---|---| | [src/composer/prover.rs](https://app.codecov.io/gh/dusk-network/plonk/pull/778?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=dusk-network#diff-c3JjL2NvbXBvc2VyL3Byb3Zlci5ycw==) | `95.54% <100.00%> (+0.20%)` | :arrow_up: | | [tests/logic.rs](https://app.codecov.io/gh/dusk-network/plonk/pull/778?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=dusk-network#diff-dGVzdHMvbG9naWMucnM=) | `67.92% <2.08%> (-28.48%)` | :arrow_down: | ------ [Continue to review full report in Codecov by Sentry](https://app.codecov.io/gh/dusk-network/plonk/pull/778?src=pr&el=continue&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=dusk-network). > **Legend** - [Click here to learn more](https://docs.codecov.io/docs/codecov-delta?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=dusk-network) > `Δ = absolute (impact)`, `ø = not affected`, `? = missing data` > Powered by [Codecov](https://app.codecov.io/gh/dusk-network/plonk/pull/778?src=pr&el=footer&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=dusk-network). Last update [29c9500...7a05730](https://app.codecov.io/gh/dusk-network/plonk/pull/778?src=pr&el=lastupdated&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=dusk-network). Read the [comment docs](https://docs.codecov.io/docs/pull-request-comments?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=dusk-network).