Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SIMD-0222: Fix alt-bn128-multiplication Syscall Length Check #222

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

SIMD-0222: Fix alt-bn128-multiplication Syscall Length Check #222

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
79 changes: 79 additions & 0 deletions proposals/0222-fix-alt-bn128-multiplication-length-check.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,79 @@
---
simd: "0222"
title: Fix alt-bn128 multiplication syscall length
authors:
- Sam Kim
category: Standard
type: Core
status: Review
created: 2025-01-10
feature:
supersedes:
superseded-by:
extends:
---

## Summary

The `alt_bn128_multiplication` syscall takes in a byte slice as input,
interprets the bytes as a bn128 elliptic curve point/scalar pair, and applies
point-scalar multiplication. If the byte slice input has improper length then
the function terminates early. Specifically, if the byte slice has length
greater than 128, then the function terminates early with an error.

However, a bn128 curve point is 64 bytes and a scalar is 32 bytes. This means
that the function should check if the byte slice is 96 bytes in length rather
than 128 bytes.

This document proposes to fix this length check by checking for the correct
length.

## Motivation

The `alt_bn128_multiplication` function still works with the incorrect 128
length bound since a correct input of 96 bytes is still less than 128 bytes.
However, there could be successful inputs that are greater than 96 bytes and
smaller than 128 bytes in length. This could cause application logic harder to
debug.

## Alternatives Considered

Leave as is.

## New Terminology

N/A

## Detailed Design

The fix is simple.

Currently, the constant `ALT_BN128_MULTIPLICATION_INPUT_LEN`, which is set to
128 is used to sanity check the length of the input.

```rust

pub fn alt_bn128_multiplication(input: &[u8]) -> Result<Vec<u8>, AltBn128Error> {
if input.len() > ALT_BN128_MULTIPLICATION_INPUT_LEN {
return Err(AltBn128Error::InvalidInputData);

// logic omitted...
}
```

A fix would entail updating the `ALT_BN128_MULTIPLICATION_INPUT_LEN` constant to
the correct length of 96.

## Impact

This fix will prevent accidental misuse of the `alt_bn128_multiplication`
syscall function and make programs easier to debug.

## Security Considerations

This does update the behavior of the syscall function and therefore, should be
properly feature-gated.

## Drawbacks _(Optional)_

None
Loading