fix: remove panics from merged BBMT verification #5221
Merged
+70
−27
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Removes panics from merged balanced binary Merkle tree proofs. Changes proof format to avoid a hash output size assumption. Minor renaming and typo fixes for clarity.
Closes issue 5220.
Motivation and Context
Recent work implements merged balanced binary Merkle tree proofs. However, the verifier depended on a specific hash output length (32 bytes) to differentiate node hashes from proof indexes. This would lead to a panic if this size restriction was not met; it was not enforced because of how hashers are used in the design.
Separately, proof semantics were not checked by the verifier, which could lead to other panics.
This PR addresses both of these points. Instead of relying on hash output size, merged path data now includes a flag to indicate if each step references a proof index or a node hash. The verifier now returns a
Result
, producing an error if the proof semantics are incorrect. If they are correct, its return value can be unwrapped as abool
to assert the verification passes. It also fixes a few typos and does some minor renaming for clarity.Note that the design still retains an original assumption of a universal
usize
that may be problematic. Non-merged proofs contain ausize
index to the node in question, and merged proofs additionally containusize
vectors to indicate path lengths and proof indexes. This may lead to unexpected and inconsistent behavior, and should be carefully examined separately.How Has This Been Tested?
Existing unit tests pass.