Closed sherlock-admin2 closed 1 week ago
@evanmarshall is it the case that input functions declared as public are private when they are in a function block? Or are they public and this would be a valid finding?
The fee_private
has two public inputs (amount & transition_id) and one private input (record). It must be set up this way because validators need to know:
The record input (encrypted UTXO) is private as it contains the identity of the user paying for the transaction ie who is actually doing the transaction is private.
Okay thanks for the clarification
morbsel
Medium
The
fee_private
function has public inputs that should be restricted to privateSummary
The
fee_private
function has public inputs, these inputs should be private to ensure the confidentiality of transaction details and maintain privacy.Vulnerability Detail
In the
fee_private
function, the parametersr1
,r2
, andr3
are public. This exposes transaction details, such as the fee amount and execution ID, which should remain confidential.Impact
Privacy leaks for users that interact with the function
Code Snippet
https://github.com/sherlock-audit/2024-05-aleo/blob/55b2e4a02f27602a54c11f964f6f610fee6f4ab8/snarkVM/synthesizer/program/src/resources/credits.aleo#L980-L985
Tool used
Manual Review
Recommendation
Change the visibility of the inputs
r1
,r2
, andr3
from public to private.