From 20b914bda128a94e1e60e927cdc47c5bb6493793 Mon Sep 17 00:00:00 2001
From: redshiftzero <jen@penumbralabs.xyz>
Date: Thu, 6 Jun 2024 15:11:18 -0400
Subject: [PATCH] crypto: check ck_d is consistent with d, pk_d provided on a
 note

---
 .../core/component/shielded-pool/src/note.rs   | 18 ++++++++++++++----
 1 file changed, 14 insertions(+), 4 deletions(-)

diff --git a/crates/core/component/shielded-pool/src/note.rs b/crates/core/component/shielded-pool/src/note.rs
index c1575443b6..85224adb60 100644
--- a/crates/core/component/shielded-pool/src/note.rs
+++ b/crates/core/component/shielded-pool/src/note.rs
@@ -108,10 +108,20 @@ pub enum Error {
 
 impl Note {
     pub fn controlled_by(&self, fvk: &FullViewingKey) -> bool {
-        *self.transmission_key()
-            == fvk
-                .incoming()
-                .diversified_public(&self.diversified_generator())
+        if let Some(address_index) = fvk.address_index(&self.address()) {
+            // Get the expected clue key and check it matches what is on the provided note address.
+            let (expected_address, _) = fvk.incoming().payment_address(address_index);
+            let expected_ck_d = expected_address.clue_key();
+
+            let transmission_key_matches = *self.transmission_key()
+                == fvk
+                    .incoming()
+                    .diversified_public(&self.diversified_generator());
+
+            return transmission_key_matches && self.clue_key() == expected_ck_d;
+        } else {
+            false
+        }
     }
 
     /// Obtain a note corresponding to this allocation.