chore: Update light-poseidon to 0.2.0 (#33923)
That new release contains an important change which prevents a potential DDoS. * Lightprotocol/light-poseidon#32 Invoking `from_bytes_be` function light-poseidon 0.1.1 inverts all the inputs before performing a check whether their length exceeds the modulus of the prime field. Therefore, it was prone to an attack, where a mailicious user could submit long byte slices just to DDoS the validator, being stuck on inverting large byte sequences. The update and mentioned change fixes the same issue as #33363 aims to address. The new release contains also few other less important changes like: * Lightprotocol/light-poseidon#37 * Lightprotocol/light-poseidon#38 * Lightprotocol/light-poseidon#39
This commit is contained in:
parent
1057ba8406
commit
67f8daf6e9
|
@ -3000,12 +3000,13 @@ dependencies = [
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "light-poseidon"
|
name = "light-poseidon"
|
||||||
version = "0.1.2"
|
version = "0.2.0"
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "a5b439809cdfc0d86ecc7317f1724df13dfa665df48991b79e90e689411451f7"
|
checksum = "3c9a85a9752c549ceb7578064b4ed891179d20acd85f27318573b64d2d7ee7ee"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"ark-bn254",
|
"ark-bn254",
|
||||||
"ark-ff",
|
"ark-ff",
|
||||||
|
"num-bigint 0.4.4",
|
||||||
"thiserror",
|
"thiserror",
|
||||||
]
|
]
|
||||||
|
|
||||||
|
|
|
@ -236,7 +236,7 @@ lazy_static = "1.4.0"
|
||||||
libc = "0.2.149"
|
libc = "0.2.149"
|
||||||
libloading = "0.7.4"
|
libloading = "0.7.4"
|
||||||
libsecp256k1 = "0.6.0"
|
libsecp256k1 = "0.6.0"
|
||||||
light-poseidon = "0.1.2"
|
light-poseidon = "0.2.0"
|
||||||
log = "0.4.20"
|
log = "0.4.20"
|
||||||
lru = "0.7.7"
|
lru = "0.7.7"
|
||||||
lz4 = "1.24.0"
|
lz4 = "1.24.0"
|
||||||
|
|
|
@ -2668,12 +2668,13 @@ dependencies = [
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "light-poseidon"
|
name = "light-poseidon"
|
||||||
version = "0.1.2"
|
version = "0.2.0"
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "a5b439809cdfc0d86ecc7317f1724df13dfa665df48991b79e90e689411451f7"
|
checksum = "3c9a85a9752c549ceb7578064b4ed891179d20acd85f27318573b64d2d7ee7ee"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"ark-bn254",
|
"ark-bn254",
|
||||||
"ark-ff",
|
"ark-ff",
|
||||||
|
"num-bigint 0.4.4",
|
||||||
"thiserror",
|
"thiserror",
|
||||||
]
|
]
|
||||||
|
|
||||||
|
|
|
@ -21,12 +21,16 @@ pub enum PoseidonSyscallError {
|
||||||
"Invalid length of the input. The length matching the modulus of the prime field is 32."
|
"Invalid length of the input. The length matching the modulus of the prime field is 32."
|
||||||
)]
|
)]
|
||||||
InvalidInputLength,
|
InvalidInputLength,
|
||||||
|
#[error("Failed to convert bytest into a prime field element.")]
|
||||||
|
BytesToPrimeFieldElement,
|
||||||
#[error("Input is larger than the modulus of the prime field.")]
|
#[error("Input is larger than the modulus of the prime field.")]
|
||||||
InputLargerThanModulus,
|
InputLargerThanModulus,
|
||||||
#[error("Failed to convert a vector of bytes into an array.")]
|
#[error("Failed to convert a vector of bytes into an array.")]
|
||||||
VecToArray,
|
VecToArray,
|
||||||
#[error("Failed to convert the number of inputs from u64 to u8.")]
|
#[error("Failed to convert the number of inputs from u64 to u8.")]
|
||||||
U64Tou8,
|
U64Tou8,
|
||||||
|
#[error("Failed to convert bytes to BigInt")]
|
||||||
|
BytesToBigInt,
|
||||||
#[error("Invalid width. Choose a width between 2 and 16 for 1 to 15 inputs.")]
|
#[error("Invalid width. Choose a width between 2 and 16 for 1 to 15 inputs.")]
|
||||||
InvalidWidthCircom,
|
InvalidWidthCircom,
|
||||||
#[error("Unexpected error")]
|
#[error("Unexpected error")]
|
||||||
|
@ -41,10 +45,12 @@ impl From<u64> for PoseidonSyscallError {
|
||||||
3 => PoseidonSyscallError::InvalidNumberOfInputs,
|
3 => PoseidonSyscallError::InvalidNumberOfInputs,
|
||||||
4 => PoseidonSyscallError::EmptyInput,
|
4 => PoseidonSyscallError::EmptyInput,
|
||||||
5 => PoseidonSyscallError::InvalidInputLength,
|
5 => PoseidonSyscallError::InvalidInputLength,
|
||||||
6 => PoseidonSyscallError::InputLargerThanModulus,
|
6 => PoseidonSyscallError::BytesToPrimeFieldElement,
|
||||||
7 => PoseidonSyscallError::VecToArray,
|
7 => PoseidonSyscallError::InputLargerThanModulus,
|
||||||
8 => PoseidonSyscallError::U64Tou8,
|
8 => PoseidonSyscallError::VecToArray,
|
||||||
9 => PoseidonSyscallError::InvalidWidthCircom,
|
9 => PoseidonSyscallError::U64Tou8,
|
||||||
|
10 => PoseidonSyscallError::BytesToBigInt,
|
||||||
|
11 => PoseidonSyscallError::InvalidWidthCircom,
|
||||||
_ => PoseidonSyscallError::Unexpected,
|
_ => PoseidonSyscallError::Unexpected,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -58,11 +64,13 @@ impl From<PoseidonSyscallError> for u64 {
|
||||||
PoseidonSyscallError::InvalidNumberOfInputs => 3,
|
PoseidonSyscallError::InvalidNumberOfInputs => 3,
|
||||||
PoseidonSyscallError::EmptyInput => 4,
|
PoseidonSyscallError::EmptyInput => 4,
|
||||||
PoseidonSyscallError::InvalidInputLength => 5,
|
PoseidonSyscallError::InvalidInputLength => 5,
|
||||||
PoseidonSyscallError::InputLargerThanModulus => 6,
|
PoseidonSyscallError::BytesToPrimeFieldElement => 6,
|
||||||
PoseidonSyscallError::VecToArray => 7,
|
PoseidonSyscallError::InputLargerThanModulus => 7,
|
||||||
PoseidonSyscallError::U64Tou8 => 8,
|
PoseidonSyscallError::VecToArray => 8,
|
||||||
PoseidonSyscallError::InvalidWidthCircom => 9,
|
PoseidonSyscallError::U64Tou8 => 9,
|
||||||
PoseidonSyscallError::Unexpected => 10,
|
PoseidonSyscallError::BytesToBigInt => 10,
|
||||||
|
PoseidonSyscallError::InvalidWidthCircom => 11,
|
||||||
|
PoseidonSyscallError::Unexpected => 12,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -210,25 +218,25 @@ pub fn hashv(
|
||||||
impl From<PoseidonError> for PoseidonSyscallError {
|
impl From<PoseidonError> for PoseidonSyscallError {
|
||||||
fn from(error: PoseidonError) -> Self {
|
fn from(error: PoseidonError) -> Self {
|
||||||
match error {
|
match error {
|
||||||
PoseidonError::InvalidNumberOfInputs {
|
PoseidonError::InvalidNumberOfInputs { .. } => {
|
||||||
inputs: _,
|
PoseidonSyscallError::InvalidNumberOfInputs
|
||||||
max_limit: _,
|
}
|
||||||
width: _,
|
|
||||||
} => PoseidonSyscallError::InvalidNumberOfInputs,
|
|
||||||
PoseidonError::EmptyInput => PoseidonSyscallError::EmptyInput,
|
PoseidonError::EmptyInput => PoseidonSyscallError::EmptyInput,
|
||||||
PoseidonError::InvalidInputLength {
|
PoseidonError::InvalidInputLength { .. } => {
|
||||||
len: _,
|
PoseidonSyscallError::InvalidInputLength
|
||||||
modulus_bytes_len: _,
|
}
|
||||||
} => PoseidonSyscallError::InvalidInputLength,
|
PoseidonError::BytesToPrimeFieldElement { .. } => {
|
||||||
|
PoseidonSyscallError::BytesToPrimeFieldElement
|
||||||
|
}
|
||||||
PoseidonError::InputLargerThanModulus => {
|
PoseidonError::InputLargerThanModulus => {
|
||||||
PoseidonSyscallError::InputLargerThanModulus
|
PoseidonSyscallError::InputLargerThanModulus
|
||||||
}
|
}
|
||||||
PoseidonError::VecToArray => PoseidonSyscallError::VecToArray,
|
PoseidonError::VecToArray => PoseidonSyscallError::VecToArray,
|
||||||
PoseidonError::U64Tou8 => PoseidonSyscallError::U64Tou8,
|
PoseidonError::U64Tou8 => PoseidonSyscallError::U64Tou8,
|
||||||
PoseidonError::InvalidWidthCircom {
|
PoseidonError::BytesToBigInt => PoseidonSyscallError::BytesToBigInt,
|
||||||
width: _,
|
PoseidonError::InvalidWidthCircom { .. } => {
|
||||||
max_limit: _,
|
PoseidonSyscallError::InvalidWidthCircom
|
||||||
} => PoseidonSyscallError::InvalidWidthCircom,
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue