-
Notifications
You must be signed in to change notification settings - Fork 69
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Restrict types of message
in eddsa-poseidon's signMessage
#230
Comments
hi @cedoor could I take this issue? I am part of the PSE 2024 core program |
@f3r10 sure! Is there enough information? |
@cedoor the only type supported for the message parameter should be |
Tagging @artwyman here. Wdyt? |
oh ok, using a BigNumber I created an additional unit test with
with 31 as an example, the test passes but with 34 the test fails. Would be that ok? |
Yes, please make sure to update/add tests to check the correct type. |
BREAKING CHANGE: message type re privacy-scaling-explorations#230
hi! @cedoor I just opened a PR about this issue, please let me know if that would be ok or if something else has to be done. |
Describe the improvement you're thinking about
This issue is conceptually similar to #188, now applied to the
message
argument to eddsa-poseidon'ssignMessage
rather than the private key. This argument is typed asBigNumberish
and the docs don't say anything special about how it's interpreted. The message of the underlying Poseidon algorithm is expected to be a single field element (bigint mod r).The
checkMessage
function used to check this input allows arbitrary strings. If a string is valid decimal or hex, it'll be converted to a bigint as digits. Otherwise it'll be converted to a Buffer as raw bytes. This works so long as the string isn't more than 32 characters. If it's longer, it'll trigger an exception later fromleBigIntToBuffer
which uses a size argument.This might be intended to be a convenience feature for signing string messages. If so, it would need to be more clearly documented. I think the size limitation and the potential for confusion about whether a small string should be treated as digits or bytes suggests it would be better to remove this case and reject string inputs which can't be interpreted as stringified bigints.
Additional context
I came across this when writing tests for handling of bad inputs in the Zupass repo. I passed a string expecting a TypeError and was surprised to get no exception. I've added my own type check to avoid the potential confusion here, so I'm not blocked by this issue.
The text was updated successfully, but these errors were encountered: