blockworks-foundation
/
solana-with-rpc-optimizations
mirror of https://github.com/blockworks-foundation/solana-with-rpc-optimizations.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

chore: Update light-poseidon to 0.2.0 (#33923) 

That new release contains an important change which prevents a
potential DDoS.

* Lightprotocol/light-poseidon#32

Invoking `from_bytes_be` function light-poseidon 0.1.1 inverts all
the inputs before performing a check whether their length exceeds
the modulus of the prime field. Therefore, it was prone to an
attack, where a mailicious user could submit long byte slices just
to DDoS the validator, being stuck on inverting large byte sequences.

The update and mentioned change fixes the same issue as #33363 aims
to address.

The new release contains also few other less important changes like:

* Lightprotocol/light-poseidon#37
* Lightprotocol/light-poseidon#38
* Lightprotocol/light-poseidon#39
This commit is contained in:
vadorovsky 2023-11-10 08:00:10 +01:00 committed by GitHub
parent 1057ba8406
commit 67f8daf6e9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 37 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
Cargo.lock generated
View File

@ -3000,12 +3000,13 @@ dependencies = [
[[package]]
name = "light-poseidon"
version = "0.1.2"
version = "0.2.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a5b439809cdfc0d86ecc7317f1724df13dfa665df48991b79e90e689411451f7"
checksum = "3c9a85a9752c549ceb7578064b4ed891179d20acd85f27318573b64d2d7ee7ee"
dependencies = [
"ark-bn254",
"ark-ff",
"num-bigint 0.4.4",
"thiserror",
]

2
Cargo.toml
View File

@ -236,7 +236,7 @@ lazy_static = "1.4.0"
libc = "0.2.149"
libloading = "0.7.4"
libsecp256k1 = "0.6.0"
light-poseidon = "0.1.2"
light-poseidon = "0.2.0"
log = "0.4.20"
lru = "0.7.7"
lz4 = "1.24.0"

5
programs/sbf/Cargo.lock generated
View File

@ -2668,12 +2668,13 @@ dependencies = [
[[package]]
name = "light-poseidon"
version = "0.1.2"
version = "0.2.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a5b439809cdfc0d86ecc7317f1724df13dfa665df48991b79e90e689411451f7"
checksum = "3c9a85a9752c549ceb7578064b4ed891179d20acd85f27318573b64d2d7ee7ee"
dependencies = [
"ark-bn254",
"ark-ff",
"num-bigint 0.4.4",
"thiserror",
]

52
sdk/program/src/poseidon.rs
View File

@ -21,12 +21,16 @@ pub enum PoseidonSyscallError {
"Invalid length of the input. The length matching the modulus of the prime field is 32."
)]
InvalidInputLength,
#[error("Failed to convert bytest into a prime field element.")]
BytesToPrimeFieldElement,
#[error("Input is larger than the modulus of the prime field.")]
InputLargerThanModulus,
#[error("Failed to convert a vector of bytes into an array.")]
VecToArray,
#[error("Failed to convert the number of inputs from u64 to u8.")]
U64Tou8,
#[error("Failed to convert bytes to BigInt")]
BytesToBigInt,
#[error("Invalid width. Choose a width between 2 and 16 for 1 to 15 inputs.")]
InvalidWidthCircom,
#[error("Unexpected error")]
@ -41,10 +45,12 @@ impl From<u64> for PoseidonSyscallError {
3 => PoseidonSyscallError::InvalidNumberOfInputs,
4 => PoseidonSyscallError::EmptyInput,
5 => PoseidonSyscallError::InvalidInputLength,
6 => PoseidonSyscallError::InputLargerThanModulus,
7 => PoseidonSyscallError::VecToArray,
8 => PoseidonSyscallError::U64Tou8,
9 => PoseidonSyscallError::InvalidWidthCircom,
6 => PoseidonSyscallError::BytesToPrimeFieldElement,
7 => PoseidonSyscallError::InputLargerThanModulus,
8 => PoseidonSyscallError::VecToArray,
9 => PoseidonSyscallError::U64Tou8,
10 => PoseidonSyscallError::BytesToBigInt,
11 => PoseidonSyscallError::InvalidWidthCircom,
_ => PoseidonSyscallError::Unexpected,
}
}
@ -58,11 +64,13 @@ impl From<PoseidonSyscallError> for u64 {
PoseidonSyscallError::InvalidNumberOfInputs => 3,
PoseidonSyscallError::EmptyInput => 4,
PoseidonSyscallError::InvalidInputLength => 5,
PoseidonSyscallError::InputLargerThanModulus => 6,
PoseidonSyscallError::VecToArray => 7,
PoseidonSyscallError::U64Tou8 => 8,
PoseidonSyscallError::InvalidWidthCircom => 9,
PoseidonSyscallError::Unexpected => 10,
PoseidonSyscallError::BytesToPrimeFieldElement => 6,
PoseidonSyscallError::InputLargerThanModulus => 7,
PoseidonSyscallError::VecToArray => 8,
PoseidonSyscallError::U64Tou8 => 9,
PoseidonSyscallError::BytesToBigInt => 10,
PoseidonSyscallError::InvalidWidthCircom => 11,
PoseidonSyscallError::Unexpected => 12,
}
}
}
@ -210,25 +218,25 @@ pub fn hashv(
impl From<PoseidonError> for PoseidonSyscallError {
fn from(error: PoseidonError) -> Self {
match error {
PoseidonError::InvalidNumberOfInputs {
inputs: _,
max_limit: _,
width: _,
} => PoseidonSyscallError::InvalidNumberOfInputs,
PoseidonError::InvalidNumberOfInputs { .. } => {
PoseidonSyscallError::InvalidNumberOfInputs
}
PoseidonError::EmptyInput => PoseidonSyscallError::EmptyInput,
PoseidonError::InvalidInputLength {
len: _,
modulus_bytes_len: _,
} => PoseidonSyscallError::InvalidInputLength,
PoseidonError::InvalidInputLength { .. } => {
PoseidonSyscallError::InvalidInputLength
}
PoseidonError::BytesToPrimeFieldElement { .. } => {
PoseidonSyscallError::BytesToPrimeFieldElement
}
PoseidonError::InputLargerThanModulus => {
PoseidonSyscallError::InputLargerThanModulus
}
PoseidonError::VecToArray => PoseidonSyscallError::VecToArray,
PoseidonError::U64Tou8 => PoseidonSyscallError::U64Tou8,
PoseidonError::InvalidWidthCircom {
width: _,
max_limit: _,
} => PoseidonSyscallError::InvalidWidthCircom,
PoseidonError::BytesToBigInt => PoseidonSyscallError::BytesToBigInt,
PoseidonError::InvalidWidthCircom { .. } => {
PoseidonSyscallError::InvalidWidthCircom
}
}
}
}