search

privacy-scaling-explorations / zk-kit

A monorepo of reusable libraries for zero-knowledge technologies.
https://zkkit.pse.dev
MIT License
290 stars 74 forks source link

verifyProof probably should return false for any key if the tree is empty #343

Open 0xDatapunk opened 1 month ago

0xDatapunk commented 1 month ago

https://github.com/privacy-scaling-explorations/zk-kit/blob/253277c91c8ffee33bfb4bc5abd8a0db0251df61/packages/smt/src/smt.ts#L237

not sure if it is as designed, but verifyProof return True for any key with an empty tree. It makes better sense if false is returned:


verifyProof(merkleProof: MerkleProof): boolean {
    if (this.root === this.zeroNode) {
        // Empty tree case
        return merkleProof.root === this.zeroNode && 
               merkleProof.siblings.length === 0 &&
               merkleProof.matchingEntry === undefined &&
               merkleProof.membership === false;
    }
    // ... rest of the method ...
}```
cedoor commented 3 weeks ago

A proof of non-membership in a empty tree should still be true tho. Wdyt @0xDatapunk ?

0xDatapunk commented 3 weeks ago

yes, and the code above should return true for non-membership.

cedoor commented 3 weeks ago

Not sure about this merkleProof.matchingEntry === undefined -> should a matchingEntry should still be defined?