Open hats-bug-reporter[bot] opened 4 days ago
The submission is invalid.
It is working properly, there are also tests for it. Please refer to Oasis Sapphire documentation: https://api.docs.oasis.io/sol/sapphire-contracts/contracts/Sapphire.sol/library.Sapphire.html#sign
It requires to provide a hash of the data to be signed/verified
Github username: -- Twitter username: -- Submission hash (on-chain): 0x4903e16d2a444bb11b889a66f95086e0d5fc47b947d6ca10e13b57c960018b1b Severity: high
Description: Description\
compute()
inTEERollup.sol
is implemented as:compute()
is used byBitcoinVerifier.sol
which would return the partial computions proof i.e computation result and contract signature. Both of these are expected to return inbytes
.PartialComputationsProof
struct is implemented as:_compute()
has used an internal function which is overridden inBitcoinProver.sol
and_compute()
is implemented as:This returns the
result
inbytes
which is further passed as shown in below lines of code to get the signature.result
input frombytes
is converted tobytes32
via encoding with keccak256, However, this is not correct.Sapphire.sign()
is implemented as:contextOrHash
here asresult
is expected to be passed asbytes
and not inbytes32
format. It should be noted thatcontextOrHash
is further encoded viaabi.encode
after getting thebytes
argument so passing thebytes32
argument instead ofbytes
will return incorrect result andsign()
will throw an error"sign: failed"
.Therefore, compute will always fail and return incorrect result.
Recommendations\
Consider below changes: