From e86edbfc084f7c4f43b8ba49c17b5a1a4b57fd94 Mon Sep 17 00:00:00 2001
From: Minhyuk Kim <kimminhyuk1004@gmail.com>
Date: Thu, 16 Jan 2025 06:30:29 +0900
Subject: [PATCH] Change proof size check to 60*32

---
 rvsol/src/RISCV.sol    | 4 ++--
 rvsol/test/RISCV.t.sol | 8 +++++---
 2 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/rvsol/src/RISCV.sol b/rvsol/src/RISCV.sol
index 7f8654e3..3b190109 100644
--- a/rvsol/src/RISCV.sol
+++ b/rvsol/src/RISCV.sol
@@ -346,10 +346,10 @@ contract RISCV is IBigStepper {
             }
             if iszero(eq(_proof.offset, proofContentOffset())) { revert(0, 0) }
 
-            if mod(calldataload(sub(proofContentOffset(), 32)), 60) {
+            if mod(calldataload(sub(proofContentOffset(), 32)), mul(60, 32)) {
                 // proof offset must be stateContentOffset+paddedStateSize+32
                 // proof size: 64-5+1=60 * 32 byte leaf,
-                // so the proofSize must be a multiple of 60
+                // so the proofSize must be a multiple of 60*32
                 revert(0, 0)
             }
 
diff --git a/rvsol/test/RISCV.t.sol b/rvsol/test/RISCV.t.sol
index cada3544..e62b2455 100644
--- a/rvsol/test/RISCV.t.sol
+++ b/rvsol/test/RISCV.t.sol
@@ -2385,9 +2385,11 @@ contract RISCV_Test is CommonTest {
         uint32 insn = encodeRType(0xff, 0, 0, 0, 0, 0);
         (State memory state, bytes memory proof) = constructRISCVState(0, insn);
         bytes memory encodedState = encodeState(state);
-        // Invalid memory proof
-        proof =
-            hex"000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000";
+
+        // Overwrite the first 60 bytes of the proof with zero to create invalid memory proof
+        for (uint256 i = 0; i < 60 && i < proof.length; i++) {
+            proof[i] = 0x00;
+        }
 
         vm.expectRevert(hex"00000000000000000000000000000000000000000000000000000000badf00d1");
         riscv.step(encodedState, proof, 0);