Prover is free to choose any value forsha256_preimage_bit_length to generate the sha256 hash for c. Since the length of the hash pre-image is fixed, it can be removed as an input signal. The TODO comment indicates this too:
// ...TODO: calculate internally in circom to simplify API
signal input sha256_preimage_bit_length;
Recommendation:sha256_preimage_bit_length should always be equal to message_bits (6*33*8).
verify_nullifier.circom#L33
Prover is free to choose any value for
sha256_preimage_bit_length
to generate the sha256 hash forc
. Since the length of the hash pre-image is fixed, it can be removed as an input signal. TheTODO
comment indicates this too:Recommendation:
sha256_preimage_bit_length
should always be equal tomessage_bits
(6*33*8
).