-
Notifications
You must be signed in to change notification settings - Fork 87
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix carry handling in the g function in blake.ts #344
Comments
A better solution for this issue might be to use the original Blake implementation directly, wrapping it with a TS class. |
Hey, if you need someone to work on this I would be happy to do so and replace the custom implementation with a wrapper over this implementation |
@hannahredler sure, let us know if you'd like to work on this and we'll assign it to you. |
@cedoor Hey ive built a wrapper around the original blake-hash implementation, let me know if i can open a PR for review |
Hi @Arch0125 , of course! I'll assign this issue to you |
…g original blake-hash imp This commit replaces the existing implementation of blake-hash with a TS wrapper over original blake-hash package and exposing required methods along with specified types for each re privacy-scaling-explorations#344
Is there a known set of real inputs which can demonstrate this error? What's the likelihood of this occurring in the wild with non-malicious inputs? Two contexts in which I ask these questions:
|
Incorrect Carry Handling in the
g
FunctionThe
g
function in Implementation inblake.ts
uses~~(lo / 0x0100000000)
to compute the carry from the lower 32 bits of a 64-bit word.Since
lo
can be up to0x2FFFFFFFC
(i.e., approximately 3 times0x0100000000
), the carry can erroneously be 2 or 3.Impact
Recommendation
The text was updated successfully, but these errors were encountered: