Skip to content

fix(avm)!: assert keys are non-zero on contract registration#22462

Merged
MirandaWood merged 1 commit into
nextfrom
mw/assert-keys-non-inf
Apr 13, 2026
Merged

fix(avm)!: assert keys are non-zero on contract registration#22462
MirandaWood merged 1 commit into
nextfrom
mw/assert-keys-non-inf

Conversation

@MirandaWood

@MirandaWood MirandaWood commented Apr 10, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Changes

During address derivation, the AVM assumes that all input public keys are non-infinite points, and hardcodes an is_infinity flag as zero. In reviewing how address derivation changes now that noir no longer uses a flag, we found that we actually couldn't rely on that assumption (I thought we could due to #7529 and comments around the repo). This PR explicity checks all keys are non-infinity.

Edit: Some keys are checked in the private context, but since this isn't in a protocol contract/the rollup circuits, we still require this change for the avm!

Notes

The DoS (for before or after removing the inf flag from noir) seems to be protected against at the archiver level (#21787) but this is an explicit, constrained solution.

Before removing the inf flag, the AVM hardcoded it as zero in the hash preimage(s) to the address. Now it does not exist in noir, we simply omit the flag (see diff) to match the new address derivation.

However, we still rely on this assumption for the ivpk in #[IVK_ON_CURVE_CHECK] (which would fail in the AVM for an inf point with (0,0) coordinates, but not in noir), and assume it is non-inf in the call to ecc for address_point = preaddress_public_key + incoming_viewing_key.

@MirandaWood MirandaWood added the ci-full Run all master checks. label Apr 10, 2026
@MirandaWood MirandaWood mentioned this pull request Apr 10, 2026
Merged
Base automatically changed from bump-noir to next April 11, 2026 06:40
@MirandaWood MirandaWood force-pushed the mw/assert-keys-non-inf branch from 5e5bade to d025e44 Compare April 13, 2026 09:00
@MirandaWood MirandaWood marked this pull request as ready for review April 13, 2026 09:00
@MirandaWood MirandaWood requested a review from LeilaWang as a code owner April 13, 2026 09:00
@MirandaWood MirandaWood enabled auto-merge April 13, 2026 12:23
@MirandaWood MirandaWood removed the request for review from LeilaWang April 13, 2026 15:35
@MirandaWood MirandaWood added this pull request to the merge queue Apr 13, 2026
@github-merge-queue github-merge-queue Bot removed this pull request from the merge queue due to failed status checks Apr 13, 2026
@MirandaWood MirandaWood added this pull request to the merge queue Apr 13, 2026
Merged via the queue into next with commit 1d9ed2a Apr 13, 2026
32 checks passed
@MirandaWood MirandaWood deleted the mw/assert-keys-non-inf branch April 13, 2026 16:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@iAmMichaelConnor iAmMichaelConnor iAmMichaelConnor approved these changes

Assignees

No one assigned

Labels

ci-full Run all master checks.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@MirandaWood @iAmMichaelConnor