From d864c4f670482ee70be5e82aea978c978bd52306 Mon Sep 17 00:00:00 2001 From: maple Date: Fri, 24 Jan 2025 15:46:13 +0800 Subject: [PATCH 1/3] Do not mutate the ciphertext in decryption --- src/lib/provable/crypto/encryption.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/lib/provable/crypto/encryption.ts b/src/lib/provable/crypto/encryption.ts index 2de86105c..a1029efd3 100644 --- a/src/lib/provable/crypto/encryption.ts +++ b/src/lib/provable/crypto/encryption.ts @@ -33,7 +33,7 @@ function decrypt( const sharedSecret = publicKey.scale(privateKey.s); const sponge = new Poseidon.Sponge(); sponge.absorb(sharedSecret.x); - const authenticationTag = cipherText.pop(); + const authenticationTag = cipherText[cipherText.length - 1]; // decryption const message = []; From caae930b04a3896663979b447222a9d96a107308 Mon Sep 17 00:00:00 2001 From: Florian Date: Mon, 27 Jan 2025 08:22:19 +0100 Subject: [PATCH 2/3] changelog --- CHANGELOG.md | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 15785000f..164954619 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -18,13 +18,19 @@ This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.htm ## [Unreleased](https://github.com/o1-labs/o1js/compare/b857516...HEAD) ### Added + - `setFee` and `setFeePerSnarkCost` for `Transaction` and `PendingTransaction` https://github.com/o1-labs/o1js/pull/1968 - Doc comments for various ZkProgram methods https://github.com/o1-labs/o1js/pull/1974 ### Changed + - Sort order for actions now includes the transaction sequence number and the exact account id sequence https://github.com/o1-labs/o1js/pull/1917 - Updated typedoc version for generating docs https://github.com/o1-labs/o1js/pull/1973 +### Fixed + +- Fixed mutation of input cipher text. https://github.com/o1-labs/o1js/pull/1981 [@maple3142](https://github.com/maple3142) + ## [2.2.0](https://github.com/o1-labs/o1js/compare/e1bac02...b857516) - 2024-12-10 ### Added @@ -375,7 +381,7 @@ This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.htm - `Reducer.reduce()` requires the maximum number of actions per method as an explicit (optional) argument https://github.com/o1-labs/o1js/pull/1450 - The default value is 1 and should work for most existing contracts - `new UInt64()` and `UInt64.from()` no longer unsafely accept a field element as input. https://github.com/o1-labs/o1js/pull/1438 [@julio4](https://github.com/julio4) - As a replacement, `UInt64.Unsafe.fromField()` was introduced + As a replacement, `UInt64.Unsafe.fromField()` was introduced - This prevents you from accidentally creating a `UInt64` without proving that it fits in 64 bits - Equivalent changes were made to `UInt32` - Fixed vulnerability in `Field.to/fromBits()` outlined in [#1023](https://github.com/o1-labs/o1js/issues/1023) by imposing a limit of 254 bits https://github.com/o1-labs/o1js/pull/1461 From 4accc85dc3355f5f3cf24c5472edc37f5c2ed567 Mon Sep 17 00:00:00 2001 From: maple Date: Mon, 27 Jan 2025 21:20:59 +0800 Subject: [PATCH 3/3] Fix decryption after making it immutable --- src/lib/provable/crypto/encryption.ts | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/lib/provable/crypto/encryption.ts b/src/lib/provable/crypto/encryption.ts index a1029efd3..677dfa359 100644 --- a/src/lib/provable/crypto/encryption.ts +++ b/src/lib/provable/crypto/encryption.ts @@ -37,9 +37,9 @@ function decrypt( // decryption const message = []; - for (let i = 0; i < cipherText.length; i++) { + for (let i = 0; i < cipherText.length - 1; i++) { // absorb frame tag - if (i === cipherText.length - 1) sponge.absorb(Field(1)); + if (i === cipherText.length - 2) sponge.absorb(Field(1)); else sponge.absorb(Field(0)); const keyStream = sponge.squeeze();