From c7fbd4b69b5021e3fecee7ec439d6fba2950d235 Mon Sep 17 00:00:00 2001
From: samkim-crypto <skim13@cs.stanford.edu>
Date: Sat, 3 Dec 2022 14:46:02 +0900
Subject: [PATCH] check expected new source ciphertext in processing
 confidential transfer (#3867)

---
 .../src/extension/confidential_transfer/processor.rs       | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/token/program-2022/src/extension/confidential_transfer/processor.rs b/token/program-2022/src/extension/confidential_transfer/processor.rs
index 90909390..02e31c23 100644
--- a/token/program-2022/src/extension/confidential_transfer/processor.rs
+++ b/token/program-2022/src/extension/confidential_transfer/processor.rs
@@ -585,6 +585,7 @@ fn process_transfer(
             &proof_data.transfer_with_fee_pubkeys.source_pubkey,
             &source_ciphertext_lo,
             &source_ciphertext_hi,
+            &proof_data.new_source_ciphertext,
             new_source_decryptable_available_balance,
         )?;
 
@@ -643,6 +644,7 @@ fn process_transfer(
             &proof_data.transfer_pubkeys.source_pubkey,
             &source_ciphertext_lo,
             &source_ciphertext_hi,
+            &proof_data.new_source_ciphertext,
             new_source_decryptable_available_balance,
         )?;
 
@@ -679,6 +681,7 @@ fn process_source_for_transfer(
     source_encryption_pubkey: &EncryptionPubkey,
     source_ciphertext_lo: &EncryptedBalance,
     source_ciphertext_hi: &EncryptedBalance,
+    expected_new_source_available_balance: &EncryptedBalance,
     new_source_decryptable_available_balance: DecryptableBalance,
 ) -> ProgramResult {
     check_program_account(token_account_info.owner)?;
@@ -719,6 +722,10 @@ fn process_source_for_transfer(
         .ok_or(ProgramError::InvalidInstructionData)?
     };
 
+    if new_source_available_balance != *expected_new_source_available_balance {
+        return Err(TokenError::ConfidentialTransferBalanceMismatch.into());
+    }
+
     confidential_transfer_account.available_balance = new_source_available_balance;
     confidential_transfer_account.decryptable_available_balance =
         new_source_decryptable_available_balance;