Current fee table values are all shifted left 79 bits in order to have precision for all feeFactors.
This leads that the maximum feeFactorShifted value is 10**31 << 79, with a bit length of 182.
Taking into account that maximum transferred amountFloat could be 0xFFFF, with a bit length of 113 bits, computing amount * feeFactorShifted could overflow snark Field maximum bits length (253) since 182 + 113 = 295 > 253.
Error is not triggered since num2bits template does not checks overflows and therefore, it could led to applying an erroneous feeAmount
Solution
fee table would be changed to not reach an overflow situation
shifted would be applied to fee table if precision is needed
sanity check on fee computed: fee computed < 2^{129
Implementation
generalize fee-table-selector into a mux256
isolate computing fee into a single circuit compute-fee
update balance-updater with above circuit abstractions
krlosMata
commented
3 years ago
Describe issue
Current fee table values are all shifted left 79 bits in order to have precision for all
feeFactors. This leads that the maximumfeeFactorShiftedvalue is10**31 << 79, with a bit length of 182.Taking into account that maximum transferred
amountFloatcould be0xFFFF, with a bit length of 113 bits, computingamount * feeFactorShiftedcould overflow snark Field maximum bits length (253) since182 + 113 = 295 > 253. Error is not triggered sincenum2bitstemplate does not checks overflows and therefore, it could led to applying an erroneousfeeAmountSolution
fee computed < 2^{129Implementation
fee-table-selectorinto amux256compute-feebalance-updaterwith above circuit abstractions