From 8035774be493ac09e322cd1335e1a1d0ea3979d9 Mon Sep 17 00:00:00 2001
From: Yumin Xia <me@yumin-xia.com>
Date: Thu, 4 Apr 2024 17:39:12 -0700
Subject: [PATCH] fix: Groth16Verifier solidity scalar size check.

The Groth16Verifier contract is not correctly generating codes to
checking that public signals that with the scalar field's range.
Signals should be less than r instead of q in the contract's context.
---
 templates/verifier_groth16.sol.ejs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/templates/verifier_groth16.sol.ejs b/templates/verifier_groth16.sol.ejs
index 32c260ed..2efe53ca 100644
--- a/templates/verifier_groth16.sol.ejs
+++ b/templates/verifier_groth16.sol.ejs
@@ -56,7 +56,7 @@ contract Groth16Verifier {
     function verifyProof(uint[2] calldata _pA, uint[2][2] calldata _pB, uint[2] calldata _pC, uint[<%=IC.length-1%>] calldata _pubSignals) public view returns (bool) {
         assembly {
             function checkField(v) {
-                if iszero(lt(v, q)) {
+                if iszero(lt(v, r)) {
                     mstore(0, 0)
                     return(0, 0x20)
                 }