OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-02-23 15:38:27 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
14af874fad8a0c98f0525cecdacd145ac281c5bd
advisory-db/crates/ark-r1cs-std/RUSTSEC-2021-0075.md
github-actions[bot] 4792a373b1 Assigned RUSTSEC-2021-0075 to ark-r1cs-std (#962) 
Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com>
2021-07-09 06:07:19 +02:00

933 B
Raw Blame History 

[advisory]
id = "RUSTSEC-2021-0075"
package = "ark-r1cs-std"
date = "2021-07-08"
categories = ["crypto-failure"]
keywords = ["r1cs", "zksnark", "arkworks"]
url = "https://github.com/arkworks-rs/r1cs-std/pull/70"

[versions]
patched = [">= 0.3.1"]

[affected]
functions = { "ark_r1cs_std::FieldVar::mul_by_inverse" = ["< 0.3.0"] }

Flaw in FieldVar::mul_by_inverse allows unsound R1CS constraint systems

Versions 0.2.0 to 0.3.0 of ark-r1cs-std did not enforce any constraints in the FieldVar::mul_by_inverse method, allowing a malicious prover to produce an unsound proof that passes all verifier checks. This method was used primarily in scalar multiplication for short_weierstrass::ProjectiveVar.

This bug was fixed in commit 47ddbaa, and was released as part of version 0.3.1 on crates.io.