fix: reject unchallenged response chunks

Author: Zk2u

crates/cac/protocol/src/evaluator/stf.rs

@@ -6,7 +6,7 @@ use mosaic_cac_types::{
     ChallengeResponseMsgChunk, ChallengeResponseMsgHeader, CommitMsgChunk, CommitMsgHeader,
     CompletedSignatures, DepositAdaptors, DepositId, GarblingTableCommitment, HeapArray, Index,
     OpenedGarblingTableCommitments, PubKey, ReservedSetupInputShares, Seed, SetupInputs,
-    TableTransferReceiptMsg, TableTransferRequestMsg, WideLabelWirePolynomialCommitments,
+    TableTransferReceiptMsg, WideLabelWirePolynomialCommitments,
     WideLabelZerothPolynomialCoefficients, WithdrawalAdaptors, WithdrawalAdaptorsChunk,
     WithdrawalInputs, state_machine::evaluator::*,
 };
@@ -807,6 +807,18 @@ async fn handle_recv_challenge_response_msg<S: StateMut>(
             header,
             remaining_chunks,
         } => {
+            let challenge_idxs = state
+                .get_challenge_indices()
+                .await
+                .require("expected challenge indices")?;
+
+            if !challenge_idxs
+                .iter()
+                .any(|idx| idx.get() == response_msg_chunk.circuit_index as usize)
+            {
+                return Err(SMError::InvalidInputData);
+            }
+
             let chunk_idx = (response_msg_chunk.circuit_index as usize)
                 .checked_sub(1)
                 .unwrap();
@@ -815,8 +827,11 @@ async fn handle_recv_challenge_response_msg<S: StateMut>(
                     // expected chunk
                 }
                 Some(false) => {
-                    // already seen chunk
-                    warn!(%chunk_idx, "evaluator received duplicate commit chunk, ack and ignore");
+                    // already seen expected chunk
+                    warn!(
+                        %chunk_idx,
+                        "evaluator received duplicate challenge response chunk, ack and ignore"
+                    );
                     return Ok(());
                 }
                 None => {

crates/cac/protocol/src/evaluator/tests.rs

@@ -396,6 +396,10 @@ async fn duplicate_challenge_response_chunk_is_ack_and_ignore() {
     // Mark first challenge index's chunk as already received.
     let first_challenge_idx = challenge_indices[0].get() - 1;
     remaining[first_challenge_idx] = false;
+    state
+        .put_challenge_indices(&challenge_indices)
+        .await
+        .unwrap();
     state
         .put_root_state(&EvaluatorState {
             config: None,
@@ -422,6 +426,41 @@ async fn duplicate_challenge_response_chunk_is_ack_and_ignore() {
     assert!(actions.is_empty(), "should produce no actions");
 }
 
+#[tokio::test]
+async fn unchallenged_in_range_challenge_response_chunk_is_invalid() {
+    let mut state = StoredEvaluatorState::default();
+    let challenge_indices = ChallengeIndices::new(|i| Index::new((i * 2) + 1).unwrap());
+    let remaining = get_remaining_challenge_response_chunks(&challenge_indices);
+    state
+        .put_challenge_indices(&challenge_indices)
+        .await
+        .unwrap();
+    state
+        .put_root_state(&EvaluatorState {
+            config: None,
+            step: Step::WaitingForChallengeResponse {
+                header: false,
+                remaining_chunks: remaining,
+            },
+        })
+        .await
+        .unwrap();
+
+    let mut actions = Vec::new();
+    let result = handle_event(
+        &mut state,
+        Input::RecvChallengeResponseMsgChunk(dummy_challenge_response_chunk(2)),
+        &mut actions,
+    )
+    .await;
+
+    assert!(
+        matches!(result, Err(crate::error::SMError::InvalidInputData)),
+        "unchallenged in-range chunk must be rejected, got: {result:?}"
+    );
+    assert!(actions.is_empty(), "should produce no actions");
+}
+
 #[tokio::test]
 async fn challenge_response_chunk_after_verifying_is_ack_and_ignore() {
     let mut state = StoredEvaluatorState::default();