Closed 0xbok closed 8 months ago
For depth > MAX_DEPTH, root and isDepth below is calculated as 0. Thus, out = 0 will be always be verified successfully.
depth > MAX_DEPTH
root
isDepth
0
out = 0
https://github.com/privacy-scaling-explorations/zk-kit/blob/0b5b5e4f1f828d3d93a09f166780ed30cc978cf7/packages/circuits/circom/binary-merkle-root.circom#L40-L42
Recommendation is to add a warning in comments for integrators.
For
depth > MAX_DEPTH,rootandisDepthbelow is calculated as0. Thus,out = 0will be always be verified successfully.https://github.com/privacy-scaling-explorations/zk-kit/blob/0b5b5e4f1f828d3d93a09f166780ed30cc978cf7/packages/circuits/circom/binary-merkle-root.circom#L40-L42
Recommendation is to add a warning in comments for integrators.