From f2083b6c01d216c329936d9ea7b200aa98aff796 Mon Sep 17 00:00:00 2001 From: moana Date: Tue, 13 Aug 2024 17:12:33 +0200 Subject: [PATCH] core: Fix panic when decrypting note with incorrect view-key Resolves #240 --- core/CHANGELOG.md | 5 +++++ core/src/note.rs | 14 ++++++-------- core/tests/note_test.rs | 26 ++++++++++++++++++++++++++ 3 files changed, 37 insertions(+), 8 deletions(-) diff --git a/core/CHANGELOG.md b/core/CHANGELOG.md index 7fc53dd..82c01d5 100644 --- a/core/CHANGELOG.md +++ b/core/CHANGELOG.md @@ -16,6 +16,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 - Update `bls12_381-bls` dep to 0.4 +### Fixed + +- Fix panic when attempting to decrypt the note with an incorrect view-key [#240] + ## [0.30.0] - 2024-07-03 ### Added @@ -370,6 +374,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 - Canonical implementation shielded by feature. +[#240]: https://github.com/dusk-network/phoenix/issues/240 [#222]: https://github.com/dusk-network/phoenix/issues/222 [#214]: https://github.com/dusk-network/phoenix/issues/214 [#208]: https://github.com/dusk-network/phoenix/issues/208 diff --git a/core/src/note.rs b/core/src/note.rs index 181f52f..51cc9cb 100644 --- a/core/src/note.rs +++ b/core/src/note.rs @@ -233,7 +233,7 @@ impl Note { fn decrypt_value( &self, vk: &ViewKey, - ) -> Result<(u64, JubJubScalar), BytesError> { + ) -> Result<(u64, JubJubScalar), Error> { let R = self.stealth_address.R(); let shared_secret = dhke(vk.a(), R); @@ -249,7 +249,7 @@ impl Note { match JubJubScalar::from_slice(&dec_plaintext[u64::SIZE..])?.into() { Some(scalar) => scalar, - None => return Err(BytesError::InvalidData), + None => return Err(Error::InvalidData), }; Ok((value, value_blinder)) @@ -337,10 +337,9 @@ impl Note { u64::from_slice(&self.value_enc[..u64::SIZE]).unwrap(); Ok(value) } - (NoteType::Obfuscated, Some(vk)) => self - .decrypt_value(vk) - .map(|(value, _)| value) - .map_err(|_| Error::InvalidEncryption), + (NoteType::Obfuscated, Some(vk)) => { + self.decrypt_value(vk).map(|(value, _)| value) + } _ => Err(Error::MissingViewKey), } } @@ -356,8 +355,7 @@ impl Note { (NoteType::Transparent, _) => Ok(TRANSPARENT_BLINDER), (NoteType::Obfuscated, Some(vk)) => self .decrypt_value(vk) - .map(|(_, value_blinder)| value_blinder) - .map_err(|_| Error::InvalidEncryption), + .map(|(_, value_blinder)| value_blinder), _ => Err(Error::MissingViewKey), } } diff --git a/core/tests/note_test.rs b/core/tests/note_test.rs index cf1b24a..9f612b9 100644 --- a/core/tests/note_test.rs +++ b/core/tests/note_test.rs @@ -169,3 +169,29 @@ fn obfuscated_deterministic_note() -> Result<(), Error> { Ok(()) } + +#[test] +fn note_not_owned() { + let mut rng = StdRng::seed_from_u64(0xc0b); + + let owner_pk = PublicKey::from(&SecretKey::random(&mut rng)); + let value_blinder = JubJubScalar::random(&mut rng); + let sender_blinder = [ + JubJubScalar::random(&mut rng), + JubJubScalar::random(&mut rng), + ]; + + let note = Note::obfuscated( + &mut rng, + &owner_pk, + &owner_pk, + 42, + value_blinder, + sender_blinder, + ); + + let not_owner_sk = SecretKey::random(&mut rng); + let not_owner_vk = ViewKey::from(¬_owner_sk); + + assert!(note.value(Some(¬_owner_vk)).is_err()); +}