Support compact AND-composed sigma proof#6861
Support compact AND-composed sigma proof#6861kennyzlei merged 2 commits intoXRPLF:ripple/attackathon-april-2026from
Conversation
|
/ai-review |
![xrplf-ai-reviewer[bot]](https://avatars.githubusercontent.com/u/67929741?s=60&v=4){kind=small}
| 2 * ecPedersenProofLength + ecDoubleBulletproofLength; | ||
|
|
||
| if (proof.size() != expectedProofSize || sender.publicKey.size() != ecPubKeyLength || | ||
| if (proof.size() != ecCompactSendProofLength || sender.publicKey.size() != ecPubKeyLength || |
There was a problem hiding this comment.
Proof-size check ignores auditor presence — ecCompactSendProofLength is a single constant, but recipientCount varies. Use the dynamic calculation:
| if (proof.size() != ecCompactSendProofLength || sender.publicKey.size() != ecPubKeyLength || | |
| if (proof.size() != getEqualityProofSize(recipientCount) + 2 * ecPedersenProofLength + ecDoubleBulletproofLength || sender.publicKey.size() != ecPubKeyLength || |
There was a problem hiding this comment.
recipientCount is no longer valid. The new design provides a fixed length. Please check my PR in the mpt-crypto library: XRPLF/mpt-crypto#24
The core changes are in that PR
| @@ -403,7 +404,6 @@ verifySendProof( | |||
|
|
|||
| if (mpt_verify_send_proof( | |||
There was a problem hiding this comment.
proof.size() removed from mpt_verify_send_proof — if the C library doesn't infer length from a constant, this risks a buffer overread in the crypto path. Confirm the library API changed, or restore the size argument:
if (mpt_verify_send_proof(
proof.data(),
proof.size(),
There was a problem hiding this comment.
the API changed, can be found XRPLF/mpt-crypto#24
| "protobuf/6.33.5#d96d52ba5baaaa532f47bda866ad87a5%1774467363.12", | ||
| "openssl/3.6.1#e6399de266349245a4542fc5f6c71552%1774458290.139", | ||
| "nudb/2.0.9#11149c73f8f2baff9a0198fe25971fc7%1774883011.384", | ||
| "mpt-crypto/0.2.0-rc2#2236dfc0cc11be70d84a5fa17a50bfb1%1775853786.434", |
There was a problem hiding this comment.
Both rc1 and rc2 are present in the lock file — rc1 should be removed. Regenerate with conan lock create rather than hand-editing:
"mpt-crypto/0.2.0-rc2#2236dfc0cc11be70d84a5fa17a50bfb1%1775853786.434",
Codecov Report❌ Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## ripple/attackathon-april-2026 #6861 +/- ##
===============================================================
Coverage ? 82.1%
===============================================================
Files ? 1036
Lines ? 78672
Branches ? 7660
===============================================================
Hits ? 64590
Misses ? 14082
Partials ? 0
🚀 New features to boost your workflow:
|
PeterChen13579
left a comment
PeterChen13579
left a comment
There was a problem hiding this comment.
LGTM. I found some dead code in mpt_crypto lib but we can clean it up later
kennyzlei
merged commit a1613e5
into
XRPLF:ripple/attackathon-april-2026
4 participants
This PR is to integrate the new changes from
mpt-cryptoSDKmpt_utility:The
mpt_utilitySDK change can be found here: XRPLF/mpt-crypto#24For reference, the updated proof sizes per transaction are:
ConfidentialMPTConvert: 64 byte.ConfidentialMPTSend: 192 byte compact sigma + 754 byte bullet proof = 946 byte.ConfidentialMPTConvertBack: 128 byte compact sigma + 688 byte bullet proof = 816 byteConfidentialMPTClawback: 64 byte.High Level Overview of Change
Context of Change
API Impact
libxrplchange (any change that may affectlibxrplor dependents oflibxrpl)