search

hyperledger-labs / zeto

Privacy-preserving implementations of fungible and non-fungible tokens, using UTXO as the underlying transaction model
Apache License 2.0
25 stars 16 forks source link

Fix withdraw() methods in nullifier contracts for not validating the root #41

Closed jimthematrix closed 2 months ago

codecov[bot] commented 2 months ago

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 71.37%. Comparing base (8d6263c) to head (bb64054). Report is 10 commits behind head on main.

Additional details and impacted files ```diff @@ Coverage Diff @@ ## main #41 +/- ## ========================================== + Coverage 70.44% 71.37% +0.92% ========================================== Files 12 12 Lines 538 538 ========================================== + Hits 379 384 +5 + Misses 112 110 -2 + Partials 47 44 -3 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

jimthematrix commented 2 months ago

just added another commit to also validate the input from the withdraw() calls of the non-nullifier tokens, which turn out to have the same security hole.

@Chengxuan @EnriqueL8

jimthematrix commented 2 months ago

Regarding the idea to push the calls in the withdraw() method to a library, the issue is that the 3 function calls already came from 2 parent classes:

        validateTransactionProposal(inputs, [output, 0], proof);   <<-- this is from Zeto_Base/Zeto_Nullifier
        _withdraw(amount, inputs, output, proof);                  <<-- this is from Zeto_Fungible
        processInputsAndOutputs(inputs, [output, 0]);              <<-- this is from Zeto_Base/Zeto_Nullifier