ed255
commented
4 years ago After further analysis I have concluded that there is no bug.
The checksum is calculated by adding 29 bytes and storing the result in 16 bits. The max number that adding 29 bytes can achieve is 29 * 0xff = 0x1ce3 which doesn't overflow the 16 bits. So unless the 29 bytes are all 0 (which is an invalid ID and the CheckChecksum should return false), the checksum will never be 0 and all properly created IDs will be valid.
// CalculateChecksum, returns the checksum for a given type and genesis_root,
// where checksum: hash( [type | root_genesis ] )
func CalculateChecksum(typ [2]byte, genesis [27]byte) [2]byte {
var toChecksum [29]byte
copy(toChecksum[:], typ[:])
copy(toChecksum[2:], genesis[:])
s := uint16(0)
for _, b := range toChecksum {
s += uint16(b)
}
var checksum [2]byte
checksum[0] = byte(s >> 8)
checksum[1] = byte(s & 0xff)
return checksum
}
It seems that
CheckChecksumoutputs as invalid any identity that returns a checksum of [0, 0]. Maybe this was done to make the "Zero" identity fail the checksum. But since the checksum is just 16 bits, it means that there's a probability of 1/2^16 of generating an identity that doesn't pass the CheckChecksum and thus is problematic!https://github.com/iden3/go-iden3-core/blob/4e1e059c974f869e8e3b343236fa0837d7aa49fa/core/id.go#L132