This repository has been archived by the owner on Feb 16, 2023. It is now read-only.

Safety check: scalar <= subgroup order #136

Open

bellesmarta opened this issue Oct 3, 2019 · 0 comments

bellesmarta commented Oct 3, 2019

iden3js/src/crypto/babyjub-utils.js

Lines 60 to 62 in c284479

    
           if (scalar >= babyJub.p) { 
        
             throw new Error('scalar generated larger than subgroup'); 
        
           }

If this instruction is checking that the scalar generated is less or equal than the order of the subgroup, then babyjub.p should be replaced by babyjub.subOrder (you can check both parameters at https://github.com/iden3/circomlib/blob/master/src/babyjub.js).

The text was updated successfully, but these errors were encountered:

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.