Add extra checks on party capacity to the MPC protocol

Co-authored-by: Cathie Yun <[email protected]>

Author: hdevalence

src/errors.rs

@@ -39,6 +39,7 @@ impl From<MPCError> for ProofError {
         match e {
             MPCError::InvalidBitsize => ProofError::InvalidBitsize,
             MPCError::InvalidAggregation => ProofError::InvalidAggregation,
+            MPCError::InvalidGeneratorsLength => ProofError::InvalidGeneratorsLength,
             _ => ProofError::ProvingError(e),
         }
     }
@@ -65,6 +66,9 @@ pub enum MPCError {
     /// proof with non-power-of-two aggregation size.
     #[fail(display = "Invalid aggregation size, m must be a power of 2")]
     InvalidAggregation,
+    /// This error occurs when the generators are of the wrong length.
+    #[fail(display = "Invalid generators length, must be equal to n.")]
+    InvalidGeneratorsLength,
     /// This error occurs when the dealer is given the wrong number of
     /// value commitments.
     #[fail(display = "Wrong number of value commitments")]

src/range_proof/dealer.rs

@@ -36,6 +36,12 @@ impl Dealer {
         if !m.is_power_of_two() {
             return Err(MPCError::InvalidAggregation);
         }
+        if gens.gens_capacity < n {
+            return Err(MPCError::InvalidGeneratorsLength);
+        }
+        if gens.party_capacity < m {
+            return Err(MPCError::InvalidGeneratorsLength);
+        }
 
         // At the end of the protocol, the dealer will attempt to
         // verify the proof, and if it fails, determine which party's

src/range_proof/mod.rs

@@ -85,6 +85,9 @@ impl RangeProof {
         if generators.gens_capacity < n {
             return Err(ProofError::InvalidGeneratorsLength);
         }
+        if generators.party_capacity < values.len() {
+            return Err(ProofError::InvalidGeneratorsLength);
+        }
 
         let dealer = Dealer::new(generators, n, values.len(), transcript)?;
 
@@ -150,6 +153,8 @@ impl RangeProof {
         rng: &mut R,
         n: usize,
     ) -> Result<(), ProofError> {
+        let m = value_commitments.len();
+
         // First, replay the "interactive" protocol using the proof
         // data to recompute all challenges.
         if !(n == 8 || n == 16 || n == 32 || n == 64) {
@@ -158,8 +163,9 @@ impl RangeProof {
         if gens.gens_capacity < n {
             return Err(ProofError::InvalidGeneratorsLength);
         }
-
-        let m = value_commitments.len();
+        if gens.party_capacity < m {
+            return Err(ProofError::InvalidGeneratorsLength);
+        }
 
         // XXX check n, m parameters