Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Do not mutate the ciphertext in decryption #1981

Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

Do not mutate the ciphertext in decryption #1981

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
d864c4f
Do not mutate the ciphertext in decryption
maple3142 Jan 24, 2025
caae930
changelog
Trivo25 Jan 27, 2025
4accc85
Fix decryption after making it immutable
maple3142 Jan 27, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 7 additions & 1 deletion CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,13 +18,19 @@ This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.htm
## [Unreleased](https://github.com/o1-labs/o1js/compare/b857516...HEAD)

### Added

- `setFee` and `setFeePerSnarkCost` for `Transaction` and `PendingTransaction` https://github.com/o1-labs/o1js/pull/1968
- Doc comments for various ZkProgram methods https://github.com/o1-labs/o1js/pull/1974

### Changed

- Sort order for actions now includes the transaction sequence number and the exact account id sequence https://github.com/o1-labs/o1js/pull/1917
- Updated typedoc version for generating docs https://github.com/o1-labs/o1js/pull/1973

### Fixed

- Fixed mutation of input cipher text. https://github.com/o1-labs/o1js/pull/1981 [@maple3142](https://github.com/maple3142)

## [2.2.0](https://github.com/o1-labs/o1js/compare/e1bac02...b857516) - 2024-12-10

### Added
Expand Down Expand Up @@ -375,7 +381,7 @@ This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.htm
- `Reducer.reduce()` requires the maximum number of actions per method as an explicit (optional) argument https://github.com/o1-labs/o1js/pull/1450
- The default value is 1 and should work for most existing contracts
- `new UInt64()` and `UInt64.from()` no longer unsafely accept a field element as input. https://github.com/o1-labs/o1js/pull/1438 [@julio4](https://github.com/julio4)
As a replacement, `UInt64.Unsafe.fromField()` was introduced
As a replacement, `UInt64.Unsafe.fromField()` was introduced
- This prevents you from accidentally creating a `UInt64` without proving that it fits in 64 bits
- Equivalent changes were made to `UInt32`
- Fixed vulnerability in `Field.to/fromBits()` outlined in [#1023](https://github.com/o1-labs/o1js/issues/1023) by imposing a limit of 254 bits https://github.com/o1-labs/o1js/pull/1461
Expand Down
6 changes: 3 additions & 3 deletions src/lib/provable/crypto/encryption.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,13 +33,13 @@ function decrypt(
const sharedSecret = publicKey.scale(privateKey.s);
const sponge = new Poseidon.Sponge();
sponge.absorb(sharedSecret.x);
const authenticationTag = cipherText.pop();
const authenticationTag = cipherText[cipherText.length - 1];

// decryption
const message = [];
for (let i = 0; i < cipherText.length; i++) {
for (let i = 0; i < cipherText.length - 1; i++) {
// absorb frame tag
if (i === cipherText.length - 1) sponge.absorb(Field(1));
if (i === cipherText.length - 2) sponge.absorb(Field(1));
else sponge.absorb(Field(0));

const keyStream = sponge.squeeze();
Expand Down
Loading