From 67f8daf6e966d9bb6ac5007ee082e9fa32ed3345 Mon Sep 17 00:00:00 2001 From: vadorovsky Date: Fri, 10 Nov 2023 08:00:10 +0100 Subject: [PATCH] chore: Update light-poseidon to 0.2.0 (#33923) That new release contains an important change which prevents a potential DDoS. * Lightprotocol/light-poseidon#32 Invoking `from_bytes_be` function light-poseidon 0.1.1 inverts all the inputs before performing a check whether their length exceeds the modulus of the prime field. Therefore, it was prone to an attack, where a mailicious user could submit long byte slices just to DDoS the validator, being stuck on inverting large byte sequences. The update and mentioned change fixes the same issue as #33363 aims to address. The new release contains also few other less important changes like: * Lightprotocol/light-poseidon#37 * Lightprotocol/light-poseidon#38 * Lightprotocol/light-poseidon#39 --- Cargo.lock | 5 ++-- Cargo.toml | 2 +- programs/sbf/Cargo.lock | 5 ++-- sdk/program/src/poseidon.rs | 52 +++++++++++++++++++++---------------- 4 files changed, 37 insertions(+), 27 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 519388ed1be9eb..4e1d37e3901eb7 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -3000,12 +3000,13 @@ dependencies = [ [[package]] name = "light-poseidon" -version = "0.1.2" +version = "0.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a5b439809cdfc0d86ecc7317f1724df13dfa665df48991b79e90e689411451f7" +checksum = "3c9a85a9752c549ceb7578064b4ed891179d20acd85f27318573b64d2d7ee7ee" dependencies = [ "ark-bn254", "ark-ff", + "num-bigint 0.4.4", "thiserror", ] diff --git a/Cargo.toml b/Cargo.toml index 778b37f477db1d..00d03de5856eb8 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -236,7 +236,7 @@ lazy_static = "1.4.0" libc = "0.2.149" libloading = "0.7.4" libsecp256k1 = "0.6.0" -light-poseidon = "0.1.2" +light-poseidon = "0.2.0" log = "0.4.20" lru = "0.7.7" lz4 = "1.24.0" diff --git a/programs/sbf/Cargo.lock b/programs/sbf/Cargo.lock index fe1623388c4188..e60a929c183e81 100644 --- a/programs/sbf/Cargo.lock +++ b/programs/sbf/Cargo.lock @@ -2668,12 +2668,13 @@ dependencies = [ [[package]] name = "light-poseidon" -version = "0.1.2" +version = "0.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a5b439809cdfc0d86ecc7317f1724df13dfa665df48991b79e90e689411451f7" +checksum = "3c9a85a9752c549ceb7578064b4ed891179d20acd85f27318573b64d2d7ee7ee" dependencies = [ "ark-bn254", "ark-ff", + "num-bigint 0.4.4", "thiserror", ] diff --git a/sdk/program/src/poseidon.rs b/sdk/program/src/poseidon.rs index c23cded6db9310..9c02fe90bc8b50 100644 --- a/sdk/program/src/poseidon.rs +++ b/sdk/program/src/poseidon.rs @@ -21,12 +21,16 @@ pub enum PoseidonSyscallError { "Invalid length of the input. The length matching the modulus of the prime field is 32." )] InvalidInputLength, + #[error("Failed to convert bytest into a prime field element.")] + BytesToPrimeFieldElement, #[error("Input is larger than the modulus of the prime field.")] InputLargerThanModulus, #[error("Failed to convert a vector of bytes into an array.")] VecToArray, #[error("Failed to convert the number of inputs from u64 to u8.")] U64Tou8, + #[error("Failed to convert bytes to BigInt")] + BytesToBigInt, #[error("Invalid width. Choose a width between 2 and 16 for 1 to 15 inputs.")] InvalidWidthCircom, #[error("Unexpected error")] @@ -41,10 +45,12 @@ impl From for PoseidonSyscallError { 3 => PoseidonSyscallError::InvalidNumberOfInputs, 4 => PoseidonSyscallError::EmptyInput, 5 => PoseidonSyscallError::InvalidInputLength, - 6 => PoseidonSyscallError::InputLargerThanModulus, - 7 => PoseidonSyscallError::VecToArray, - 8 => PoseidonSyscallError::U64Tou8, - 9 => PoseidonSyscallError::InvalidWidthCircom, + 6 => PoseidonSyscallError::BytesToPrimeFieldElement, + 7 => PoseidonSyscallError::InputLargerThanModulus, + 8 => PoseidonSyscallError::VecToArray, + 9 => PoseidonSyscallError::U64Tou8, + 10 => PoseidonSyscallError::BytesToBigInt, + 11 => PoseidonSyscallError::InvalidWidthCircom, _ => PoseidonSyscallError::Unexpected, } } @@ -58,11 +64,13 @@ impl From for u64 { PoseidonSyscallError::InvalidNumberOfInputs => 3, PoseidonSyscallError::EmptyInput => 4, PoseidonSyscallError::InvalidInputLength => 5, - PoseidonSyscallError::InputLargerThanModulus => 6, - PoseidonSyscallError::VecToArray => 7, - PoseidonSyscallError::U64Tou8 => 8, - PoseidonSyscallError::InvalidWidthCircom => 9, - PoseidonSyscallError::Unexpected => 10, + PoseidonSyscallError::BytesToPrimeFieldElement => 6, + PoseidonSyscallError::InputLargerThanModulus => 7, + PoseidonSyscallError::VecToArray => 8, + PoseidonSyscallError::U64Tou8 => 9, + PoseidonSyscallError::BytesToBigInt => 10, + PoseidonSyscallError::InvalidWidthCircom => 11, + PoseidonSyscallError::Unexpected => 12, } } } @@ -210,25 +218,25 @@ pub fn hashv( impl From for PoseidonSyscallError { fn from(error: PoseidonError) -> Self { match error { - PoseidonError::InvalidNumberOfInputs { - inputs: _, - max_limit: _, - width: _, - } => PoseidonSyscallError::InvalidNumberOfInputs, + PoseidonError::InvalidNumberOfInputs { .. } => { + PoseidonSyscallError::InvalidNumberOfInputs + } PoseidonError::EmptyInput => PoseidonSyscallError::EmptyInput, - PoseidonError::InvalidInputLength { - len: _, - modulus_bytes_len: _, - } => PoseidonSyscallError::InvalidInputLength, + PoseidonError::InvalidInputLength { .. } => { + PoseidonSyscallError::InvalidInputLength + } + PoseidonError::BytesToPrimeFieldElement { .. } => { + PoseidonSyscallError::BytesToPrimeFieldElement + } PoseidonError::InputLargerThanModulus => { PoseidonSyscallError::InputLargerThanModulus } PoseidonError::VecToArray => PoseidonSyscallError::VecToArray, PoseidonError::U64Tou8 => PoseidonSyscallError::U64Tou8, - PoseidonError::InvalidWidthCircom { - width: _, - max_limit: _, - } => PoseidonSyscallError::InvalidWidthCircom, + PoseidonError::BytesToBigInt => PoseidonSyscallError::BytesToBigInt, + PoseidonError::InvalidWidthCircom { .. } => { + PoseidonSyscallError::InvalidWidthCircom + } } } }