Open barryWhiteHat opened 5 years ago
vaibhavchellani
commented
5 years ago We can totally add a constraint like a*(a-1) === 0; to check the binary check. But do we really need it?
The constraint here probably wont match if the inputs are non-binary I think.
barryWhiteHat
commented
5 years ago I think there are some attacks where we can play with the merkle path. It seems like pretty difficult to exploit but from a defence in depth argument i think we shoudl include the chcek.
therealyingtong
commented
5 years ago or a*a == a. should we add this in now?
We need to binary constain the merkle tree path as binary. This is because we use multiplicaions and additions to do merkle tree lookups https://github.com/barryWhiteHat/RollupNC/blob/master/tokens_transfer/tokens_transfer.circom#L47
and we don't want an attacker to be able to pass non binary values to mess with the path in the tree.