Fix vulnerability in get_peaks() pseudocode

This addresses finding NCC-1908_Zcash-002.
2020-03-04 09:12:53 +13:00 · 2020-03-04 09:12:53 +13:00 · 6d64ce0c87
parent 5b411837f4
commit 6d64ce0c87
1 changed files with 9 additions and 12 deletions
--- a/zip-0221.rst
+++ b/zip-0221.rst
@ -451,21 +451,18 @@ With each new block ``B_n``, we append a new MMR leaf node corresponding to bloc
    def get_peaks(node: ZcashMMRNode) -> List[ZcashMMRNode]:
        peaks: List[ZcashMMRNode] = []

-        left_child = node.left_child
-        right_child = node.right_child
+        # Get number of leaves.
+        leaves = latest_height - earliest_height + 1

-        # find the number of leaves in the subtree
-        left_leaves = left_child.latest_height - left_child.earliest_height + 1
-        right_leaves = right_child.latest_height - right_child.earliest_height + 1
-
-        if (left_leaves & (left_leaves - 1)) == 0:
-            peaks.append(left_child)
+        # Check if the number of leaves is a power of two.
+        if (leaves & (leaves - 1)) == 0:
+            # Tree is full, hence a single peak. This also covers the
+            # case of a single isolated leaf.
+            peaks.append(node)
        else:
+            # If the number of leaves is not a power of two, then this
+            # node must be internal, and cannot be a peak.
            peaks.extend(get_peaks(left_child))
-
-        if (right_leaves & (right_leaves - 1)) == 0:
-            peaks.append(right_child)
-        else:
            peaks.extend(get_peaks(right_child))

        return peaks