Feat/audit fix 2024 09 (#72)

* Modify email_addr_with_name using reversed_email_addr_with_name * Pass all unit tests * Add range check to each input byte * Update circom_tester version * Add program to test circuits * Add --immutable to github action * Fix circom version in github action * fix circom version to 2.1.9 in github action * Add assumptions to README * Update versions
zkemail · Oct 17, 2024 · 81d0299 · 81d0299
1 parent 28f6858
commit 81d0299
Show file tree

Hide file tree

Showing 90 changed files with 1,474 additions and 953 deletions.
diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml
@@ -20,15 +20,11 @@ jobs:
           components: rustfmt, clippy
       - name: Install wasm-pack
         run: cargo install wasm-pack
-      - name: Download circom v2.1.8 (Linux)
-        run: wget https://github.com/iden3/circom/releases/download/v2.1.8/circom-linux-amd64 -O /usr/local/bin/circom && chmod +x /usr/local/bin/circom
+      - name: Download circom v2.1.9 (Linux)
+        run: wget https://github.com/iden3/circom/releases/download/v2.1.9/circom-linux-amd64 -O /usr/local/bin/circom && chmod +x /usr/local/bin/circom
       - name: Install yarn
         run: npm install -g yarn
       - name: Install dependencies
-        run: yarn
-      # - name: Create build folder
-      #   run: mkdir build
-      # - name: Run Linters
-      #   run: yarn lint
+        run: yarn install  --immutable
       - name: Run tests
         run: yarn test
diff --git a/README.md b/README.md
@@ -173,3 +173,8 @@ Use this bibtex citation.
 
 - [ ] support character class regex grammar (so as to simplify the regular expressions)
 - [ ] better compatibility with regex grammar (will need a set of different tests to assert the compatibility between circuit and regex in languages) -->
+
+## Assumptions
+Some email providers put not only the sender's email address but also their username to the From field.
+ALthough its concrete formats differ among email providers, our FromAddrRegex template assumes that the email address appears at the end of the From field.
+If this assumption does not hold, i.e., the username appears after the email address, an adversary can output an arbitrary email address from that template by including a dummy email address in the username.
diff --git a/packages/apis/Cargo.toml b/packages/apis/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "zk-regex-apis"
-version = "2.1.1"
+version = "2.2.0"
 license = "MIT"
 edition = "2018"
 authors = [

diff --git a/packages/apis/package.json b/packages/apis/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@zk-email/zk-regex-apis",
-  "version": "2.1.1",
+  "version": "2.2.0",
   "description": "apis compatible with [zk-regex](https://github.com/zkemail/zk-regex/tree/main).",
   "contributors": [
     "Javier Su <[email protected]>",

diff --git a/packages/apis/src/decomposed_defs/email_addr_with_name.json b/packages/apis/src/decomposed_defs/email_addr_with_name.json
diff --git a/packages/apis/src/decomposed_defs/from_addr.json b/packages/apis/src/decomposed_defs/from_addr.json
@@ -10,7 +10,7 @@
     },
     {
       "is_public": true,
-      "regex_def": "[A-Za-z0-9!#$%&'*+=?\\-\\^_`{|}~./@]+@[A-Za-z0-9.\\-]+"
+      "regex_def": "[^<>]+"
     },
     {
       "is_public": false,

diff --git a/packages/apis/src/decomposed_defs/to_addr.json b/packages/apis/src/decomposed_defs/to_addr.json
@@ -10,7 +10,7 @@
     },
     {
       "is_public": true,
-      "regex_def": "[A-Za-z0-9!#$%&'*+=?\\-\\^_`{|}~./@]+@[a-zA-Z0-9.\\-]+"
+      "regex_def": "[^<>]+"
     },
     {
       "is_public": false,

diff --git a/packages/apis/src/extract_substrs.rs b/packages/apis/src/extract_substrs.rs
@@ -89,12 +89,12 @@ pub fn extract_email_domain_idxes(
     extract_substr_idxes(input_str, &serde_json::from_str(regex_config).unwrap())
 }
 
-pub fn extract_email_addr_with_name_idxes(
-    input_str: &str,
-) -> Result<Vec<(usize, usize)>, ExtractSubstrssError> {
-    let regex_config = include_str!("./decomposed_defs/email_addr_with_name.json");
-    extract_substr_idxes(input_str, &serde_json::from_str(regex_config).unwrap())
-}
+// pub fn extract_email_addr_with_name_idxes(
+//     input_str: &str,
+// ) -> Result<Vec<(usize, usize)>, ExtractSubstrssError> {
+//     let regex_config = include_str!("./decomposed_defs/email_addr_with_name.json");
+//     extract_substr_idxes(input_str, &serde_json::from_str(regex_config).unwrap())
+// }
 
 pub fn extract_from_all_idxes(
     input_str: &str,
@@ -166,20 +166,20 @@ mod test {
         assert_eq!(idxes, vec![(17, 38)]);
     }
 
-    #[test]
-    fn test_email_addr_with_name_valid1() {
-        let input_str = "from:[email protected] <[email protected]>";
-        let idxes = extract_email_addr_with_name_idxes(input_str).unwrap();
-        assert_eq!(idxes, vec![(18, 39)]);
-    }
-
-    #[test]
-    fn test_email_addr_with_name_valid2() {
-        // "末神 奏宙" has 13 bytes.
-        let input_str = "from:\"末神 奏宙\" <[email protected]>";
-        let idxes = extract_email_addr_with_name_idxes(input_str).unwrap();
-        assert_eq!(idxes, vec![(22, 43)]);
-    }
+    // #[test]
+    // fn test_email_addr_with_name_valid1() {
+    //     let input_str = "from:[email protected] <[email protected]>";
+    //     let idxes = extract_email_addr_with_name_idxes(input_str).unwrap();
+    //     assert_eq!(idxes, vec![(18, 39)]);
+    // }
+
+    // #[test]
+    // fn test_email_addr_with_name_valid2() {
+    //     // "末神 奏宙" has 13 bytes.
+    //     let input_str = "from:\"末神 奏宙\" <[email protected]>";
+    //     let idxes = extract_email_addr_with_name_idxes(input_str).unwrap();
+    //     assert_eq!(idxes, vec![(22, 43)]);
+    // }
 
     #[test]
     fn test_email_from_all_valid() {

diff --git a/packages/apis/src/wasm.rs b/packages/apis/src/wasm.rs
@@ -47,12 +47,12 @@ pub fn extractEmailDomainIdxes(inputStr: &str) -> Array {
     extractSubstrIdxes(inputStr, JsValue::from_str(regex_config))
 }
 
-#[wasm_bindgen]
-#[allow(non_snake_case)]
-pub fn extractEmailAddrWithNameIdxes(inputStr: &str) -> Array {
-    let regex_config = include_str!("./decomposed_defs/email_addr_with_name.json");
-    extractSubstrIdxes(inputStr, JsValue::from_str(regex_config))
-}
+// #[wasm_bindgen]
+// #[allow(non_snake_case)]
+// pub fn extractEmailAddrWithNameIdxes(inputStr: &str) -> Array {
+//     let regex_config = include_str!("./decomposed_defs/email_addr_with_name.json");
+//     extractSubstrIdxes(inputStr, JsValue::from_str(regex_config))
+// }
 
 #[wasm_bindgen]
 #[allow(non_snake_case)]

diff --git a/packages/circom/circuits/common/body_hash_regex.circom b/packages/circom/circuits/common/body_hash_regex.circom
@@ -11,6 +11,7 @@ template BodyHashRegex(msg_bytes) {
 	signal in[num_bytes];
 	in[0]<==255;
 	for (var i = 0; i < msg_bytes; i++) {
+		_ <== LessThan(8)([msg[i], 255]);
 		in[i+1] <== msg[i];
 	}
 

diff --git a/packages/circom/circuits/common/email_addr_regex.circom b/packages/circom/circuits/common/email_addr_regex.circom
@@ -11,6 +11,7 @@ template EmailAddrRegex(msg_bytes) {
 	signal in[num_bytes];
 	in[0]<==255;
 	for (var i = 0; i < msg_bytes; i++) {
+		_ <== LessThan(8)([msg[i], 255]);
 		in[i+1] <== msg[i];
 	}
 

diff --git a/packages/circom/circuits/common/email_addr_with_name.json b/packages/circom/circuits/common/email_addr_with_name.json