Commit 86ae10e
committed
check intmul doesn't overflow modulo 2^128-1 (#910)
### TL;DR
Added an overflow check to the integer multiplication gate to prevent potential vulnerabilities.
### What changed?
Added an additional constraint to the `imul.rs` gate implementation that prevents overflow modulo 2^128-1. The implementation now verifies integer multiplication on the least significant bits by:
1. Extracting the least significant bits using shift-left operations
2. Adding an AND constraint to verify that `x[0] * y[0] = lo[0]`
This is accomplished by importing the `sll` function from the constraint builder module and adding the new AND constraint after the existing multiplication constraint.
### How to test?
Run the existing test suite to ensure that the integer multiplication gate still functions correctly with the added overflow protection. Consider adding specific tests that attempt to trigger overflow conditions to verify the new constraint is working as expected.
### Why make this change?
This change addresses a potential security vulnerability where overflow modulo 2^128-1 could occur in integer multiplication operations. The additional constraint ensures that the least significant bits of the multiplication are correctly verified, which is sufficient to guard against overflow attacks that could potentially compromise the system's integrity.1 parent 0b2ded1 commit 86ae10e
File tree
3 files changed
+20
-3
lines changed- crates
- examples/snapshots
- frontend/src/compiler/gate
3 files changed
+20
-3
lines changed| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
2 | 2 | | |
3 | 3 | | |
4 | 4 | | |
5 | | - | |
| 5 | + | |
6 | 6 | | |
7 | 7 | | |
8 | 8 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
2 | 2 | | |
3 | 3 | | |
4 | 4 | | |
5 | | - | |
| 5 | + | |
6 | 6 | | |
7 | 7 | | |
8 | 8 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
2 | 2 | | |
3 | 3 | | |
4 | 4 | | |
5 | | - | |
| 5 | + | |
6 | 6 | | |
7 | 7 | | |
8 | 8 | | |
| |||
27 | 27 | | |
28 | 28 | | |
29 | 29 | | |
| 30 | + | |
| 31 | + | |
| 32 | + | |
| 33 | + | |
| 34 | + | |
| 35 | + | |
| 36 | + | |
| 37 | + | |
| 38 | + | |
| 39 | + | |
| 40 | + | |
| 41 | + | |
| 42 | + | |
| 43 | + | |
| 44 | + | |
| 45 | + | |
| 46 | + | |
30 | 47 | | |
31 | 48 | | |
32 | 49 | | |
| |||
0 commit comments