fix: incorrect alias check brought from snarkjs. (possible security vulnerability)

[Stumble]

Description

There seems to be a security bug brought by using the new template from snarkjs: the public signal alias checks were incorrectly done against BASE_MODULUS instead of SCALAR_MODULUS.

Previous releases do not have this issue because alias checks were correctly done in Pairing.sol

See iden3/snarkjs#480 for more details.

Related Issue(s)

Other information

Checklist

• My code follows the style guidelines of this project
• I have performed a self-review of my code
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• My changes generate no new warnings
• I have run yarn prettier and yarn lint without getting any errors
• I have added tests that prove my fix is effective or that my feature works
• New and existing unit tests pass locally with my changes
• Any dependent changes have been merged and published in downstream modules

[openzeppelin-code]

fix: incorrect alias check brought from snarkjs. (possible security vulnerability)

Generated at commit: 8e246c48bf34c7d72a5aba8a279002da9a6db501

🚨 Report Summary

	Severity Level	Results
Contracts	Critical High Medium Low Note Total	0 0 0 4 16 20
Dependencies	Critical High Medium Low Note Total	0 0 0 0 0 0

---

For more details view the full report in OpenZeppelin Code Inspector

[Stumble]

Although the nullifier is an enough-random hash value, and (q-r)/r is small (~6.7e-39) is relatively small, when the stake is high, i think it is still possible to be exploited.

[cedoor]

Hey @Stumble, thank you so much!

[gitpoap-bot]

Congrats, your important contribution to this open-source project has earned you a GitPOAP!

GitPOAP: 2024 Semaphore Contributor:

Head to gitpoap.io & connect your GitHub account to mint!

Learn more about GitPOAPs here.