Merge pull request #765 from EYBlockchain/ilyas/audit_issue_y

Addressing audit Issue Y
EYBlockchain · Jun 22, 2022 · 62a007d · 62a007d
2 parents a1587b2 + 95d70ca
commit 62a007d
Show file tree

Hide file tree

Showing 3 changed files with 19 additions and 18 deletions.
diff --git a/common-files/utils/crypto/number-theory.mjs b/common-files/utils/crypto/number-theory.mjs
@@ -102,13 +102,13 @@ function squareRootModPrime(n, p) {
   // TODO Refactor while loop
   // eslint-disable-next-line no-constant-condition
   while (true) {
-    if (t % p === BigInt(1)) return R;
+    if (((t % p) + p) % p === BigInt(1)) return R;
 
     // Find the smallest i (0 < i < M) such that t^{2^i} = 1
     let u = t;
     let i;
     for (i = BigInt(1); i < M; i++) {
-      u = (u * u) % p;
+      u = (((u * u) % p) + p) % p;
       if (u === BigInt(1)) break;
     }
 
@@ -118,14 +118,14 @@ function squareRootModPrime(n, p) {
     // Set b = c^{2^{M-i-1}}
     let b = c;
     while (i < M) {
-      b = (b * b) % p;
+      b = (((b * b) % p) + p) % p;
       i++;
     }
 
     M = minimumI;
-    R = (R * b) % p;
-    t = (t * b * b) % p;
-    c = (b * b) % p;
+    R = (((R * b) % p) + p) % p;
+    t = (((t * b * b) % p) + p) % p;
+    c = (((b * b) % p) + p) % p;
   }
 }
 

diff --git a/nightfall-client/src/utils/crypto/encryption/elgamal.mjs b/nightfall-client/src/utils/crypto/encryption/elgamal.mjs
@@ -17,10 +17,10 @@ const Fq = JUBJUBE / JUBJUBC;
 
 function isOnCurve(p) {
   const { JUBJUBA: a, JUBJUBD: d } = BABYJUBJUB;
-  const uu = (p[0] * p[0]) % Fp;
-  const vv = (p[1] * p[1]) % Fp;
-  const uuvv = (uu * vv) % Fp;
-  return (a * uu + vv) % Fp === (one + d * uuvv) % Fp;
+  const uu = (((p[0] * p[0]) % Fp) + Fp) % Fp;
+  const vv = (((p[1] * p[1]) % Fp) + Fp) % Fp;
+  const uuvv = (((uu * vv) % Fp) + Fp) % Fp;
+  return (((a * uu + vv) % Fp) + Fp) % Fp === (((one + d * uuvv) % Fp) + Fp) % Fp;
 }
 
 // // is On Montgomery curve By^2 = x^3 + Ax^2 + x

diff --git a/nightfall-client/src/utils/crypto/encryption/elligator2.mjs b/nightfall-client/src/utils/crypto/encryption/elligator2.mjs
@@ -27,7 +27,7 @@ function chi(a) {
 
 // if value > p-1//2, then negative
 function isNegative(value) {
-  return value % Fp > modDivide(Fp - BigInt(1), BigInt(2), Fp);
+  return ((value % Fp) + Fp) % Fp > modDivide(Fp - BigInt(1), BigInt(2), Fp);
 }
 
 // if value == 0 or chi(value) == 1
@@ -38,9 +38,10 @@ function isSquare(value) {
 // r∈Fq :1+ur^2!=0, A^2ur^2!=B(1+ur^2)^2
 function checkR(r) {
   return (
-    (BigInt(1) + ((U * r * r) % Fp)) % Fp !== BigInt(0) &&
-    (MONTA * MONTA * U * r * r) % Fp !==
-      (MONTB * (BigInt(1) + ((U * r * r) % Fp)) * (BigInt(1) + ((U * r * r) % Fp))) % Fp
+    (BigInt(1) + ((((U * r * r) % Fp) + Fp) % Fp)) % Fp !== BigInt(0) &&
+    (((MONTA * MONTA * U * r * r) % Fp) + Fp) % Fp !==
+      (((MONTB * (BigInt(1) + ((U * r * r) % Fp)) * (BigInt(1) + ((U * r * r) % Fp))) % Fp) + Fp) %
+        Fp
   );
 }
 
@@ -53,8 +54,8 @@ export function hashToCurve(r) {
   if (r === BigInt(0)) return [BigInt(0), BigInt(0)];
   if (checkR(r) !== true) throw new Error(`This value can't be hashed to curve using Elligator2`);
   const v = modDivide(-MONTA, one + U * r * r, Fp);
-  const e = chi((v * v * v + MONTA * v * v + MONTB * v) % Fp);
-  const x = ((e * v) % Fp) - modDivide((one - e) * MONTA, BigInt(2), Fp);
+  const e = (chi((v * v * v + MONTA * v * v + MONTB * v) % Fp) + Fp) % Fp;
+  const x = ((((e * v) % Fp) + Fp) % Fp) - modDivide((one - e) * MONTA, BigInt(2), Fp);
   let y2 = squareRootModPrime((x * x * x + MONTA * x * x + MONTB * x) % Fp, Fp);
   // Ensure returned value is the principal root (i.e. sqrt(x) ∈ [0, (Fp -1) / 2] )
   if (y2 > (Fp - BigInt(1)) / BigInt(2)) y2 = Fp - y2;
@@ -66,8 +67,8 @@ export function hashToCurve(r) {
 // square roots is the number for constraint efficiency
 export function hashToCurveYSqrt(r) {
   const v = modDivide(-MONTA, one + U * r * r, Fp);
-  const e = chi((v * v * v + MONTA * v * v + MONTB * v) % Fp);
-  const x = ((e * v) % Fp) - modDivide((one - e) * MONTA, BigInt(2), Fp);
+  const e = (chi((v * v * v + MONTA * v * v + MONTB * v) % Fp) + Fp) % Fp;
+  const x = ((((e * v) % Fp) + Fp) % Fp) - modDivide((one - e) * MONTA, BigInt(2), Fp);
   let y2 = squareRootModPrime((x * x * x + MONTA * x * x + MONTB * x) % Fp, Fp);
   // Ensure returned value is the principal root (i.e. sqrt(x) ∈ [0, (Fp -1) / 2] )
   if (y2 > (Fp - BigInt(1)) / BigInt(2)) y2 = Fp - y2;