blockworks-foundation
/
solana-with-rpc-optimizations
mirror of https://github.com/blockworks-foundation/solana-with-rpc-optimizations.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

chore: Update light-poseidon to 0.2.0 (#33923) 

That new release contains an important change which prevents a
potential DDoS.

* Lightprotocol/light-poseidon#32

Invoking `from_bytes_be` function light-poseidon 0.1.1 inverts all
the inputs before performing a check whether their length exceeds
the modulus of the prime field. Therefore, it was prone to an
attack, where a mailicious user could submit long byte slices just
to DDoS the validator, being stuck on inverting large byte sequences.

The update and mentioned change fixes the same issue as #33363 aims
to address.

The new release contains also few other less important changes like:

* Lightprotocol/light-poseidon#37
* Lightprotocol/light-poseidon#38
* Lightprotocol/light-poseidon#39
This commit is contained in:
vadorovsky 2023-11-10 08:00:10 +01:00 committed by GitHub
parent 1057ba8406
commit 67f8daf6e9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 37 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
Cargo.lock generated
View File

@ -3000,12 +3000,13 @@ dependencies = [
[[package]] [[package]]
name = "light-poseidon" name = "light-poseidon"
version = "0.1.2" version = "0.2.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a5b439809cdfc0d86ecc7317f1724df13dfa665df48991b79e90e689411451f7" checksum = "3c9a85a9752c549ceb7578064b4ed891179d20acd85f27318573b64d2d7ee7ee"
dependencies = [ dependencies = [
"ark-bn254", "ark-bn254",
"ark-ff", "ark-ff",
"num-bigint 0.4.4",
"thiserror", "thiserror",
] ]

2
Cargo.toml
View File

@ -236,7 +236,7 @@ lazy_static = "1.4.0"
libc = "0.2.149" libc = "0.2.149"
libloading = "0.7.4" libloading = "0.7.4"
libsecp256k1 = "0.6.0" libsecp256k1 = "0.6.0"
light-poseidon = "0.1.2" light-poseidon = "0.2.0"
log = "0.4.20" log = "0.4.20"
lru = "0.7.7" lru = "0.7.7"
lz4 = "1.24.0" lz4 = "1.24.0"

5
programs/sbf/Cargo.lock generated
View File

@ -2668,12 +2668,13 @@ dependencies = [
[[package]] [[package]]
name = "light-poseidon" name = "light-poseidon"
version = "0.1.2" version = "0.2.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a5b439809cdfc0d86ecc7317f1724df13dfa665df48991b79e90e689411451f7" checksum = "3c9a85a9752c549ceb7578064b4ed891179d20acd85f27318573b64d2d7ee7ee"
dependencies = [ dependencies = [
"ark-bn254", "ark-bn254",
"ark-ff", "ark-ff",
"num-bigint 0.4.4",
"thiserror", "thiserror",
] ]

52
sdk/program/src/poseidon.rs
View File

@ -21,12 +21,16 @@ pub enum PoseidonSyscallError {
"Invalid length of the input. The length matching the modulus of the prime field is 32." "Invalid length of the input. The length matching the modulus of the prime field is 32."
)] )]
InvalidInputLength, InvalidInputLength,
#[error("Failed to convert bytest into a prime field element.")]
BytesToPrimeFieldElement,
#[error("Input is larger than the modulus of the prime field.")] #[error("Input is larger than the modulus of the prime field.")]
InputLargerThanModulus, InputLargerThanModulus,
#[error("Failed to convert a vector of bytes into an array.")] #[error("Failed to convert a vector of bytes into an array.")]
VecToArray, VecToArray,
#[error("Failed to convert the number of inputs from u64 to u8.")] #[error("Failed to convert the number of inputs from u64 to u8.")]
U64Tou8, U64Tou8,
#[error("Failed to convert bytes to BigInt")]
BytesToBigInt,
#[error("Invalid width. Choose a width between 2 and 16 for 1 to 15 inputs.")] #[error("Invalid width. Choose a width between 2 and 16 for 1 to 15 inputs.")]
InvalidWidthCircom, InvalidWidthCircom,
#[error("Unexpected error")] #[error("Unexpected error")]
@ -41,10 +45,12 @@ impl From<u64> for PoseidonSyscallError {
3 => PoseidonSyscallError::InvalidNumberOfInputs, 3 => PoseidonSyscallError::InvalidNumberOfInputs,
4 => PoseidonSyscallError::EmptyInput, 4 => PoseidonSyscallError::EmptyInput,
5 => PoseidonSyscallError::InvalidInputLength, 5 => PoseidonSyscallError::InvalidInputLength,
6 => PoseidonSyscallError::InputLargerThanModulus, 6 => PoseidonSyscallError::BytesToPrimeFieldElement,
7 => PoseidonSyscallError::VecToArray, 7 => PoseidonSyscallError::InputLargerThanModulus,
8 => PoseidonSyscallError::U64Tou8, 8 => PoseidonSyscallError::VecToArray,
9 => PoseidonSyscallError::InvalidWidthCircom, 9 => PoseidonSyscallError::U64Tou8,
10 => PoseidonSyscallError::BytesToBigInt,
11 => PoseidonSyscallError::InvalidWidthCircom,
_ => PoseidonSyscallError::Unexpected, _ => PoseidonSyscallError::Unexpected,
} }
} }
@ -58,11 +64,13 @@ impl From<PoseidonSyscallError> for u64 {
PoseidonSyscallError::InvalidNumberOfInputs => 3, PoseidonSyscallError::InvalidNumberOfInputs => 3,
PoseidonSyscallError::EmptyInput => 4, PoseidonSyscallError::EmptyInput => 4,
PoseidonSyscallError::InvalidInputLength => 5, PoseidonSyscallError::InvalidInputLength => 5,
PoseidonSyscallError::InputLargerThanModulus => 6, PoseidonSyscallError::BytesToPrimeFieldElement => 6,
PoseidonSyscallError::VecToArray => 7, PoseidonSyscallError::InputLargerThanModulus => 7,
PoseidonSyscallError::U64Tou8 => 8, PoseidonSyscallError::VecToArray => 8,
PoseidonSyscallError::InvalidWidthCircom => 9, PoseidonSyscallError::U64Tou8 => 9,
PoseidonSyscallError::Unexpected => 10, PoseidonSyscallError::BytesToBigInt => 10,
PoseidonSyscallError::InvalidWidthCircom => 11,
PoseidonSyscallError::Unexpected => 12,
} }
} }
} }
@ -210,25 +218,25 @@ pub fn hashv(
impl From<PoseidonError> for PoseidonSyscallError { impl From<PoseidonError> for PoseidonSyscallError {
fn from(error: PoseidonError) -> Self { fn from(error: PoseidonError) -> Self {
match error { match error {
PoseidonError::InvalidNumberOfInputs { PoseidonError::InvalidNumberOfInputs { .. } => {
inputs: _, PoseidonSyscallError::InvalidNumberOfInputs
max_limit: _, }
width: _,
} => PoseidonSyscallError::InvalidNumberOfInputs,
PoseidonError::EmptyInput => PoseidonSyscallError::EmptyInput, PoseidonError::EmptyInput => PoseidonSyscallError::EmptyInput,
PoseidonError::InvalidInputLength { PoseidonError::InvalidInputLength { .. } => {
len: _, PoseidonSyscallError::InvalidInputLength
modulus_bytes_len: _, }
} => PoseidonSyscallError::InvalidInputLength, PoseidonError::BytesToPrimeFieldElement { .. } => {
PoseidonSyscallError::BytesToPrimeFieldElement
}
PoseidonError::InputLargerThanModulus => { PoseidonError::InputLargerThanModulus => {
PoseidonSyscallError::InputLargerThanModulus PoseidonSyscallError::InputLargerThanModulus
} }
PoseidonError::VecToArray => PoseidonSyscallError::VecToArray, PoseidonError::VecToArray => PoseidonSyscallError::VecToArray,
PoseidonError::U64Tou8 => PoseidonSyscallError::U64Tou8, PoseidonError::U64Tou8 => PoseidonSyscallError::U64Tou8,
PoseidonError::InvalidWidthCircom { PoseidonError::BytesToBigInt => PoseidonSyscallError::BytesToBigInt,
width: _, PoseidonError::InvalidWidthCircom { .. } => {
max_limit: _, PoseidonSyscallError::InvalidWidthCircom
} => PoseidonSyscallError::InvalidWidthCircom, }
} }
} }
} }