Skip to content

Commit f97eb56

Browse files
committed
fix: add more validation to inputs
1 parent 08e26da commit f97eb56

1 file changed

Lines changed: 13 additions & 1 deletion

File tree

packages/rln/src/zerokit.ts

Lines changed: 13 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -37,7 +37,7 @@ export class Zerokit {
3737
return IdentityCredential.fromBytes(memKeys);
3838
}
3939

40-
public async serializeWitness(
40+
private async serializeWitness(
4141
idSecretHash: Uint8Array,
4242
pathElements: Uint8Array[],
4343
identityPathIndex: Uint8Array[],
@@ -113,6 +113,12 @@ export class Zerokit {
113113
);
114114
}
115115

116+
if (messageId < 0 || messageId >= rateLimit) {
117+
throw new Error(
118+
`messageId must be an integer between 0 and ${rateLimit - 1}, got ${messageId}`
119+
);
120+
}
121+
116122
const serializedWitness = await this.serializeWitness(
117123
idSecretHash,
118124
pathElements,
@@ -143,6 +149,12 @@ export class Zerokit {
143149
): boolean {
144150
if (signalLength.length !== 8)
145151
throw new Error("signalLength must be 8 bytes");
152+
if (proof.length !== 288) throw new Error("proof must be 288 bytes");
153+
if (roots.length == 0) throw new Error("roots array is empty");
154+
if (roots.find((root) => root.length !== 32)) {
155+
throw new Error("All roots must be 32 bytes");
156+
}
157+
146158
return zerokitRLN.verifyWithRoots(
147159
this.zkRLN,
148160
BytesUtils.concatenate(proof, signalLength, signal),

0 commit comments

Comments
 (0)