refactor: revert remove assert_bounded_vec_trimmed#21758
Merged
nchamo merged 1 commit intomerge-train/fairiesfrom Mar 18, 2026
Merged
refactor: revert remove assert_bounded_vec_trimmed#21758nchamo merged 1 commit intomerge-train/fairiesfrom
nchamo merged 1 commit intomerge-train/fairiesfrom
Conversation
nchamo
changed the title
nventuro
approved these changes
Mar 18, 2026
AztecBot
pushed a commit
that referenced
this pull request
Mar 18, 2026
Collaborator
|
✅ Successfully backported to backport-to-v4-next-staging #21654. |
AztecBot
added a commit
that referenced
this pull request
Mar 19, 2026
BEGIN_COMMIT_OVERRIDE feat: entrypoint replay protection (#21649) feat: guard BoundedVec oracle returns against dirty trailing storage (#21589) fix: add bounds when allocating arrays in deserialization (#21622) feat: implement manual Packable for structs with sub-Field members (#21576) fix(aztec-node): throw on existing nullifier in getLowNullifierMembershipWitness (#21472) fix: use trait dispatch for array Packable::unpack in card_game_contract (#21683) fix(p2p): penalize peers for errors during response reading (#21680) fix: update nullifier non-inclusion test expectations after early oracle throw (backport #21600) (#21615) fix(aztec-nr): fix OOB index with nonzero offset (#21613) fix(builder): persist contractsDB across blocks within a checkpoint (#21520) fix(stdlib): accept null return_type for void Noir functions (#21647) feat: gas estimations on send (#21646) fix(validator): process block proposals from own validator keys in HA setups (backport #21603) (#21659) fix(p2p): penalize peer on tx rejected by pool (#21677) fix(sequencer): fix checkpoint budget redistribution for multi-block slots (#21692) feat: sync cache invalidation oracle (backport #21459) (#21730) feat!: make AES128 decrypt oracle return Option (backport #21696) (#21735) feat!: include init_hash in private initialization nullifier (backport #21427) (#21736) fix(sequencer): extract gas and blob configs from valid requests only (A-677) (#21747) chore: backport #21744 — replace dead BOOTSTRAP_TO env var with bootstrap.sh build arg (#21748) refactor: revert remove assert_bounded_vec_trimmed (#21758) END_COMMIT_OVERRIDE
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
assert_bounded_vec_trimmedintroduced in feat: guard BoundedVec oracle returns against dirty trailing storage #21589. The check runs in unconstrained code, so it produces no constraints and a malicious prover can bypass it. The twoBoundedVec-returning oracles (getNotes,tryAes128Decrypt) are already safe because theirBoundedVecs never cross directly into constrained code -- they're deconstructed within unconstrained context first.if i < notes.len()guard inside afor i in 0..notes.len()loop.Fixes https://linear.app/aztec-labs/issue/F-468