-
Notifications
You must be signed in to change notification settings - Fork 7
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Need clarify with input / output sizes #10
Comments
This is simply passing the variables to the EVM precompiles. The ethereum clients have these curve operations built in |
Thanks, I'm aware of the EVM precompiled contracts. However, it seems my question hasn't been answered. Aren't the input size and output size incorrect in the code? |
Deleted my other response cause I'm not sure anymore ill need to investigate this further, this code has been copied and pasted and worked happily without any issues. there is a chance that those size params arnt correct and just have had no effect on the functionality |
Yes, I think we were just lucky. The precompiled https://github.com/ethereum/go-ethereum/blob/master/core/vm/contracts.go#L442
https://github.com/ethereum/go-ethereum/blob/master/core/vm/contracts.go#L484
|
Just curious, where did you copy the code from? If it's from an open-source project, I think it's worth reminding the original author that their code is not correct. If it's from AI-generated code, in my experience, AI frequently makes this type of error. |
Yeah looks like that param is completely unused on the ethereum client. Source was here |
Could you also address this instance? This issue demonstrates the potential risk of a supply chain attack. This time we were lucky to detect it early, and fortunate that the code was not seriously risky. However, if the other time some upstream code is not entirely safe, it could eventually affect us in the future. |
Fixed by Zellic 3.5: Wrong input length to static call as part of Zellic audit triage Thanks @darcys22 @Doy-lee and @KeeJef. Just curious, did the Zellic audit team independently rediscover this issue by reviewing the code, or did they review this GitHub issue and confirm that this is a potential issue that needs to be addressed? I'm asking because I'm curious about the coverage of their audit. If they independently rediscover an issue we found before, then it's a good signal that they have conducted an extensive audit with high coverage. |
Full audit report will be released soon with findings, just finalising things now |
Hi @KeeJef Thanks for publishing the audit report. I've read:
However, my previous question was not answered, please allow me to rephrase it: Did the Zellic audit team identify the input/output size issue independently through their code review, or did they merely confirm its existence after reviewing our GitHub issue? The keyword is independently. Understanding this is helpful for making an educated guess of the thoroughness of their audit. If they independently rediscovered a known issue, it suggests their audit has a lower chance of missing other vulnerabilities. Conversely, if they missed something we previously found, then it raises concerns about potential blind spots in other parts of their audit process. Is my question clear enough? |
My understanding is that they did not review any GitHub issues before determining their findings. We simply provided them with the commit hash, the repository link to the contracts folder, and a high-level outline of the contracts and interaction paths before the audit began. We did not provide any background on previously raised GitHub issues, and they did not bring up any community-identified issues with us. We specifically directed Zellic to focus attention in their audit on our cryptographic implementation of BLS validation logic, which is where they spent most of their time and where we had the biggest blind spots, they also looked our other contracts, but those contracts implement much more basic functionality. |
Thanks, that's a very detailed answer to my question. I appreciate the effort you put into it. |
Close this issue as it's already fixed. Thank you everyone! |
input
is unit[4], which is32*4 = 128
bytes, which is 0x80 in hexr
is a G1Point which is32*2 = 64
bytes, which is 0x40 in hexI don't understand why we have
0xc0
and0x60
incall(sub(gas(), 2000), 6, 0, input, 0xc0, r, 0x60)
, is there anything I missed?input
isunit[3]
which is32*3 = 96
bytes or 0x60 in hexr
is G1Point which is32*2 = 64
bytes or 0x40 in hexI don't understand the line
call(sub(gas(), 2000), 7, 0, input, 0x80, r, 0x60)
either, can anyone explain it for me?Source: https://github.com/oxen-io/eth-sn-contracts/blob/e3f6bdc4eef75bce44b44e076cae0e6163b046e4/contracts/libraries/BN256G1.sol
Thank you.
The text was updated successfully, but these errors were encountered: