From aa0446b3132a5a0005325b75b05dcf4d119d64e7 Mon Sep 17 00:00:00 2001 From: benesjan Date: Thu, 5 Sep 2024 12:50:52 +0000 Subject: [PATCH 1/2] fix: SubscriptionNote preimage attack --- .../src/subscription_note.nr | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/noir-projects/noir-contracts/contracts/app_subscription_contract/src/subscription_note.nr b/noir-projects/noir-contracts/contracts/app_subscription_contract/src/subscription_note.nr index 202da79eb183..ac77244747b7 100644 --- a/noir-projects/noir-contracts/contracts/app_subscription_contract/src/subscription_note.nr +++ b/noir-projects/noir-contracts/contracts/app_subscription_contract/src/subscription_note.nr @@ -1,21 +1,21 @@ -use dep::aztec::prelude::{AztecAddress, PrivateContext, NoteHeader, NoteInterface}; use dep::aztec::{ + oracle::unsafe_rand, prelude::{PrivateContext, NoteHeader, NoteInterface}, protocol_types::{constants::GENERATOR_INDEX__NOTE_NULLIFIER, hash::poseidon2_hash_with_separator}, note::utils::compute_note_hash_for_nullify, keys::getters::get_nsk_app }; -global SUBSCRIPTION_NOTE_LEN: Field = 3; -// ADDRESS_NOTE_LEN * 32 + 32(storage_slot as bytes) + 32(note_type_id as bytes) -global SUBSCRIPTION_NOTE_BYTES_LEN: Field = 3 * 32 + 64; +global SUBSCRIPTION_NOTE_LEN: Field = 4; +// SUBSCRIPTION_NOTE_BYTES_LEN * 32 + 32(storage_slot as bytes) + 32(note_type_id as bytes) +global SUBSCRIPTION_NOTE_BYTES_LEN: Field = SUBSCRIPTION_NOTE_LEN * 32 + 64; -// Stores a public key composed of two fields -// TODO: Do we need to include a nonce, in case we want to read/nullify/recreate with the same pubkey value? #[aztec(note)] struct SubscriptionNote { // The nullifying public key hash is used with the nsk_app to ensure that the note can be privately spent. npk_m_hash: Field, expiry_block_number: Field, remaining_txs: Field, + // Randomness of the note to hide its contents + randomness: Field, } impl NoteInterface for SubscriptionNote { @@ -43,6 +43,6 @@ impl NoteInterface for Subsc impl SubscriptionNote { pub fn new(npk_m_hash: Field, expiry_block_number: Field, remaining_txs: Field) -> Self { - SubscriptionNote { npk_m_hash, expiry_block_number, remaining_txs, header: NoteHeader::empty() } + Self { npk_m_hash, expiry_block_number, remaining_txs, randomness: unsafe_rand(), header: NoteHeader::empty() } } } From d46e638cf20872a600643e9fbd68a67a2fdbab14 Mon Sep 17 00:00:00 2001 From: benesjan Date: Thu, 5 Sep 2024 12:58:54 +0000 Subject: [PATCH 2/2] fixes --- .../src/subscription_note.nr | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/noir-projects/noir-contracts/contracts/app_subscription_contract/src/subscription_note.nr b/noir-projects/noir-contracts/contracts/app_subscription_contract/src/subscription_note.nr index ac77244747b7..b6b60d7d1642 100644 --- a/noir-projects/noir-contracts/contracts/app_subscription_contract/src/subscription_note.nr +++ b/noir-projects/noir-contracts/contracts/app_subscription_contract/src/subscription_note.nr @@ -1,7 +1,8 @@ use dep::aztec::{ - oracle::unsafe_rand, prelude::{PrivateContext, NoteHeader, NoteInterface}, - protocol_types::{constants::GENERATOR_INDEX__NOTE_NULLIFIER, hash::poseidon2_hash_with_separator}, - note::utils::compute_note_hash_for_nullify, keys::getters::get_nsk_app + hash::poseidon2_hash_with_separator, note::utils::compute_note_hash_for_nullify, + keys::getters::get_nsk_app, oracle::unsafe_rand::unsafe_rand, + prelude::{PrivateContext, NoteHeader, NoteInterface}, + protocol_types::constants::GENERATOR_INDEX__NOTE_NULLIFIER }; global SUBSCRIPTION_NOTE_LEN: Field = 4; @@ -43,6 +44,9 @@ impl NoteInterface for Subsc impl SubscriptionNote { pub fn new(npk_m_hash: Field, expiry_block_number: Field, remaining_txs: Field) -> Self { - Self { npk_m_hash, expiry_block_number, remaining_txs, randomness: unsafe_rand(), header: NoteHeader::empty() } + let randomness = unsafe { + unsafe_rand() + }; + Self { npk_m_hash, expiry_block_number, remaining_txs, randomness, header: NoteHeader::empty() } } }