Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
gnark's commitments to private witnesses in Groth16 as implemented break zero-knowledge property
Vulnerability Description
gnark is a fast zk-SNARK library that offers a high-level API to design circuits. Prior to version 0.11.0, commitments to private witnesses in Groth16 as implemented break the zero-knowledge property. The vulnerability affects only Groth16 proofs with commitments. Notably, PLONK proofs are not affected. The vulnerability affects the zero-knowledge property of the proofs - in case the witness (secret or internal) values are small, then the attacker may be able to enumerate all possible choices to deduce the actual value. If the possible choices for the variables to be committed is large or there are many values committed, then it would be computationally infeasible to enumerate all valid choices. It doesn't affect the completeness/soundness of the proofs. The vulnerability has been fixed in version 0.11.0. The patch to fix the issue is to add additional randomized value to the list of committed value at proving time to mask the rest of the values which were committed. As a workaround, the user can manually commit to a randomized value.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
信息暴露
Vulnerability Title
gnark 安全漏洞
Vulnerability Description
gnark是Consensys开源的一个快速的 zk-SNARK 库。供高级 API 来设计电路。 gnark 0.11.0之前版本存在安全漏洞,该漏洞源于Groth16证明中对私有见证者的承诺实现破坏了零知识属性,可能允许攻击者在见证值较小时枚举所有可能的选择以推断实际值。
CVSS Information
N/A
Vulnerability Type
N/A