Open UIZorrot opened 8 months ago
It seemed like this was a legacy repo, however, it may still lurk in the newest version maybe?
https://github.com/hermeznetwork/circuits/blob/master/src/lib/utils-bjj.circom
In L#12 BitsCompressed2AySign, the input signal bjjCompressed is not fully constrained.
BitsCompressed2AySign
bjjCompressed
for (i = 0; i < 254; i++) { b2nAy.in[i] <== bjjCompressed[i]; }
The bjjCompressed[254] seemed not been constrained by the loop and other statements. As a result, this bug maybe used for forged fake proof.
bjjCompressed[254]
It seemed like this was a legacy repo, however, it may still lurk in the newest version maybe?
https://github.com/hermeznetwork/circuits/blob/master/src/lib/utils-bjj.circom
In L#12
BitsCompressed2AySign, the input signalbjjCompressedis not fully constrained.The
bjjCompressed[254]seemed not been constrained by the loop and other statements. As a result, this bug maybe used for forged fake proof.