Skip to content

fix: prevent oracle failure on tag computation for invalid recipient#22163

Merged
benesjan merged 6 commits into
merge-train/fairiesfrom
nv/oracle-failure-tag-bad-recipient
Apr 1, 2026
Merged

fix: prevent oracle failure on tag computation for invalid recipient#22163
benesjan merged 6 commits into
merge-train/fairiesfrom
nv/oracle-failure-tag-bad-recipient

Conversation

@nventuro

@nventuro nventuro commented Mar 30, 2026

Copy link
Copy Markdown
Contributor

From https://github.com/AztecProtocol/barretenberg-claude/issues/1903.

This fixes a king-of-the-hill vector in which an attempt to deliver to an invalid address resulted in a simulation crash. The contract correctly handles this already during encryption, but the PXE tagging code did not. Future versions of PXE will not be vulnerable to this.

@nventuro nventuro requested a review from benesjan March 30, 2026 19:41
benesjan
benesjan reviewed Mar 31, 2026
View reviewed changes

@benesjan benesjan left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why not just tackle F-512 straight away instead of needing to clutter the code with the branching logic?

Just checking that upon registration would probably have even smaller diff (and we would not waste time wit this)

Comment thread yarn-project/foundation/src/curves/grumpkin/point.ts Outdated
@nventuro

nventuro commented Mar 31, 2026

Copy link
Copy Markdown
Contributor Author

Why not just tackle F-512 straight away instead of needing to clutter the code with the branching logic?
Just checking that upon registration would probably have even smaller diff (and we would not waste time wit this)

This fixes two problems, only one of which is addressed by F-512 - this still needs to account for invalid recipients, so the PR is required regardless (and this is the more severe issue). I didn't want to mix those two concerns here.

@nventuro @benesjan
Apply suggestions from code review
84bf132 
Co-authored-by: Jan Beneš <janbenes1234@gmail.com>
benesjan
benesjan approved these changes Apr 1, 2026
View reviewed changes

@benesjan benesjan left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

NIce.

The suggestions I made are uncontroversial so I will apply them and merge this.

Comment thread yarn-project/pxe/src/contract_function_simulator/oracle/private_execution_oracle.ts Outdated
Comment thread yarn-project/pxe/src/contract_function_simulator/oracle/private_execution_oracle.ts Outdated
@benesjan benesjan marked this pull request as draft April 1, 2026 01:25
@benesjan
Apply suggestions from code review
a1375f1 
Co-authored-by: Jan Beneš <janbenes1234@gmail.com>
benesjan
benesjan reviewed Apr 1, 2026
View reviewed changes
Comment thread yarn-project/pxe/src/contract_function_simulator/oracle/private_execution_oracle.ts Outdated
@benesjan benesjan marked this pull request as ready for review April 1, 2026 01:54
@benesjan benesjan merged commit 0a75500 into merge-train/fairies Apr 1, 2026
18 checks passed
@benesjan benesjan deleted the nv/oracle-failure-tag-bad-recipient branch April 1, 2026 02:17
@AztecBot AztecBot mentioned this pull request Apr 1, 2026
Merged
AztecBot pushed a commit that referenced this pull request Apr 1, 2026
@nventuro
fix: prevent oracle failure on tag computation for invalid recipient (#…
6978bc8 
…22163)
@AztecBot AztecBot mentioned this pull request Apr 1, 2026
Merged
@AztecBot

AztecBot commented Apr 1, 2026

Copy link
Copy Markdown
Collaborator

✅ Successfully backported to backport-to-v4-next-staging #22205.

github-merge-queue Bot pushed a commit that referenced this pull request Apr 1, 2026
@AztecBot
feat: merge-train/fairies (#22152)
0fbda1d 
BEGIN_COMMIT_OVERRIDE
feat!: remove ALL_SCOPES (#22136)
chore: syncing oracle versions (#22131)
fix(aztec-nr): use registered accounts as capsule test scopes (#22171)
chore: reverting accidentally merged AI slop (#22175)
feat: move event size check from declaration to private emission
(#22168)
fix: prevent oracle failure on tag computation for invalid recipient
(#22163)
feat: disable noir test cache on merge-train/fairies (#22206)
END_COMMIT_OVERRIDE
AztecBot added a commit that referenced this pull request Apr 1, 2026
@AztecBot
chore: Accumulated backports to v4-next (#22205)
2821640 
BEGIN_COMMIT_OVERRIDE
cherry-pick: feat: move event size check from declaration to private
emission (#22168)
fix: prevent oracle failure on tag computation for invalid recipient
(#22163)
feat: move event size check from declaration to private emission
(#22168) [v4-next backport] (#22182)
fix(cli-wallet): peek claim stack instead of popping for
estimate-gas-only (#22196)
fix: use Fr.fromString for CLI wallet claim params to handle decimal
values (#22197)
fix: indefinite retry for prover node and agent broker communication
(#22202)
END_COMMIT_OVERRIDE
@AztecBot AztecBot mentioned this pull request Apr 14, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@benesjan benesjan benesjan approved these changes

Assignees

No one assigned

Labels

backport-to-v4-next

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@nventuro @AztecBot @benesjan