[zk-sdk] Add a check to terminate early on identity decrypt handle during zero-ciphertext proof verification#273
Merged
samkim-crypto merged 1 commit intosolana-program:mainfrom Feb 11, 2026
Conversation
samkim-crypto
force-pushed
the
terminate-early
branch
from
ac2b3d5 to
bb019d5
Compare
joncinque
approved these changes
Feb 11, 2026
Contributor
joncinque
left a comment
joncinque
left a comment
There was a problem hiding this comment.
Makes sense, let's get the new release out quick!
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem
Identity inputs to the verification function was added in #199. However, in the zero-ciphertext proof, we check for identity public keys and commitments, but not the decryption handle, while the rest of the proof types do check for identity decryption handle.
There is a conceptual justification for this inconsistency. However, to prevent confusion for developers and for early termination on invalid inputs sake, it would be good to add a check to handle the identity decryption handle.
Summary of Changes
Added a line to check for identity decryption handle in the zero-ciphertext proof.
This change does change the error code of the verification function. However, these error codes are not used in the actual zk-elgamal-proof (here), so it will not be a breaking change for the ZK ElGamal proof program. It will still be better to publish a new patch version of the zk-sdk v5.0.1 and update it on agave if we can make the cut.