core: Fix panic when decrypting note with incorrect view-key

Resolves #240
dusk-network · Aug 13, 2024 · f2083b6 · f2083b6
1 parent 5776f43
commit f2083b6
Show file tree

Hide file tree

Showing 3 changed files with 37 additions and 8 deletions.
diff --git a/core/CHANGELOG.md b/core/CHANGELOG.md
@@ -16,6 +16,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 - Update `bls12_381-bls` dep to 0.4
 
+### Fixed
+
+- Fix panic when attempting to decrypt the note with an incorrect view-key [#240]
+
 ## [0.30.0] - 2024-07-03
 
 ### Added
@@ -370,6 +374,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Canonical implementation shielded by feature.
 
 <!-- ISSUES -->
+[#240]: https://github.com/dusk-network/phoenix/issues/240
 [#222]: https://github.com/dusk-network/phoenix/issues/222
 [#214]: https://github.com/dusk-network/phoenix/issues/214
 [#208]: https://github.com/dusk-network/phoenix/issues/208

diff --git a/core/src/note.rs b/core/src/note.rs
@@ -233,7 +233,7 @@ impl Note {
     fn decrypt_value(
         &self,
         vk: &ViewKey,
-    ) -> Result<(u64, JubJubScalar), BytesError> {
+    ) -> Result<(u64, JubJubScalar), Error> {
         let R = self.stealth_address.R();
         let shared_secret = dhke(vk.a(), R);
 
@@ -249,7 +249,7 @@ impl Note {
             match JubJubScalar::from_slice(&dec_plaintext[u64::SIZE..])?.into()
             {
                 Some(scalar) => scalar,
-                None => return Err(BytesError::InvalidData),
+                None => return Err(Error::InvalidData),
             };
 
         Ok((value, value_blinder))
@@ -337,10 +337,9 @@ impl Note {
                     u64::from_slice(&self.value_enc[..u64::SIZE]).unwrap();
                 Ok(value)
             }
-            (NoteType::Obfuscated, Some(vk)) => self
-                .decrypt_value(vk)
-                .map(|(value, _)| value)
-                .map_err(|_| Error::InvalidEncryption),
+            (NoteType::Obfuscated, Some(vk)) => {
+                self.decrypt_value(vk).map(|(value, _)| value)
+            }
             _ => Err(Error::MissingViewKey),
         }
     }
@@ -356,8 +355,7 @@ impl Note {
             (NoteType::Transparent, _) => Ok(TRANSPARENT_BLINDER),
             (NoteType::Obfuscated, Some(vk)) => self
                 .decrypt_value(vk)
-                .map(|(_, value_blinder)| value_blinder)
-                .map_err(|_| Error::InvalidEncryption),
+                .map(|(_, value_blinder)| value_blinder),
             _ => Err(Error::MissingViewKey),
         }
     }

diff --git a/core/tests/note_test.rs b/core/tests/note_test.rs
@@ -169,3 +169,29 @@ fn obfuscated_deterministic_note() -> Result<(), Error> {
 
     Ok(())
 }
+
+#[test]
+fn note_not_owned() {
+    let mut rng = StdRng::seed_from_u64(0xc0b);
+
+    let owner_pk = PublicKey::from(&SecretKey::random(&mut rng));
+    let value_blinder = JubJubScalar::random(&mut rng);
+    let sender_blinder = [
+        JubJubScalar::random(&mut rng),
+        JubJubScalar::random(&mut rng),
+    ];
+
+    let note = Note::obfuscated(
+        &mut rng,
+        &owner_pk,
+        &owner_pk,
+        42,
+        value_blinder,
+        sender_blinder,
+    );
+
+    let not_owner_sk = SecretKey::random(&mut rng);
+    let not_owner_vk = ViewKey::from(&not_owner_sk);
+
+    assert!(note.value(Some(&not_owner_vk)).is_err());
+}