Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[confidential-mint-burn] Mint does not check for u64 supply overflows correctly (Neodyme L01) #127

Open
samkim-crypto opened this issue Jan 28, 2025 · 0 comments
Open

[confidential-mint-burn] Mint does not check for u64 supply overflows correctly (Neodyme L01) #127

samkim-crypto opened this issue Jan 28, 2025 · 0 comments

Comments

@samkim-crypto
Copy link
Contributor

The proofs while minting contain CiphertextCommitmentEqualityProof that asserts the new supply ciphertext belongs to a specific pedersen commitment, on which the u64 overflow-check is proven.

But that new-supply-ciphertext is fully arbitrary. You have to check it against the actual new supply, computed in-contract, similar to how transfer does it:

// Check that the computed available balance is consistent with what was
// actually used to generate the zkp on the client side.
if new_source_available_balance != proof_context.new_source_ciphertext {
    return Err(TokenError::ConfidentialTransferBalanceMismatch.into());
}

The impact of this missing is likely small, but the whole range-proof does nothing without this check.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@samkim-crypto