search

firoorg / firo

The privacy-focused cryptocurrency
https://firo.org
MIT License
720 stars 354 forks source link

Add size and type checks to coin deserialization #1374

Closed AaronFeickert closed 11 months ago

AaronFeickert commented 11 months ago

PR intention

Adds size and type checks during coin deserialization that fail on known bad data.

Closes #1373.

Code changes brief

Certain aspects of coin data must be checked during deserialization. These include the validity of the coin type (mint or spend) and the size of encrypted recipient data. This PR adds these checks directly into deserializers, and will throw errors on bad data.

AaronFeickert commented 11 months ago

This still fails non-libspark tests, where AEAD key commitments are 64 bytes instead of 32 bytes. Not sure why this occurs.

AaronFeickert commented 11 months ago

Superseded by #1379, which fixes test failures.