mirror of https://github.com/zcash/zips.git
Fix vulnerability in get_peaks() pseudocode
This addresses finding NCC-1908_Zcash-002.
This commit is contained in:
parent
5b411837f4
commit
6d64ce0c87
21
zip-0221.rst
21
zip-0221.rst
|
@ -451,21 +451,18 @@ With each new block ``B_n``, we append a new MMR leaf node corresponding to bloc
|
|||
def get_peaks(node: ZcashMMRNode) -> List[ZcashMMRNode]:
|
||||
peaks: List[ZcashMMRNode] = []
|
||||
|
||||
left_child = node.left_child
|
||||
right_child = node.right_child
|
||||
# Get number of leaves.
|
||||
leaves = latest_height - earliest_height + 1
|
||||
|
||||
# find the number of leaves in the subtree
|
||||
left_leaves = left_child.latest_height - left_child.earliest_height + 1
|
||||
right_leaves = right_child.latest_height - right_child.earliest_height + 1
|
||||
|
||||
if (left_leaves & (left_leaves - 1)) == 0:
|
||||
peaks.append(left_child)
|
||||
# Check if the number of leaves is a power of two.
|
||||
if (leaves & (leaves - 1)) == 0:
|
||||
# Tree is full, hence a single peak. This also covers the
|
||||
# case of a single isolated leaf.
|
||||
peaks.append(node)
|
||||
else:
|
||||
# If the number of leaves is not a power of two, then this
|
||||
# node must be internal, and cannot be a peak.
|
||||
peaks.extend(get_peaks(left_child))
|
||||
|
||||
if (right_leaves & (right_leaves - 1)) == 0:
|
||||
peaks.append(right_child)
|
||||
else:
|
||||
peaks.extend(get_peaks(right_child))
|
||||
|
||||
return peaks
|
||||
|
|
Loading…
Reference in New Issue