fix: avoid panic on invalid pub inputs length

MarcosNicolau · MarcosNicolau · commit 6067e8611dbf · 2025-08-29T14:13:44.000-03:00
diff --git a/crates/batcher/go_verifiers_lib/verifier.go b/crates/batcher/go_verifiers_lib/verifier.go
@@ -14,6 +14,7 @@ import "C"
 import (
 	"bytes"
 	"encoding/json"
+	"fmt"
 	"math/big"
 
 	"log"
@@ -123,9 +124,9 @@ func verifyGnarkGroth16Proof(proofBytesRef C.ListRef, pubInputBytesRef C.ListRef
 	return err == nil
 }
 
-func bytesToBigInts32(b []byte) []*big.Int {
+func bytesToBigInts32(b []byte) ([]*big.Int, error) {
 	if len(b)%32 != 0 {
-		panic("pubInputBytes length is not a multiple of 32")
+		return nil, fmt.Errorf("invalid length")
 	}
 
 	inputs := make([]*big.Int, 0, len(b)/32)
@@ -134,7 +135,7 @@ func bytesToBigInts32(b []byte) []*big.Int {
 		bi := new(big.Int).SetBytes(chunk)
 		inputs = append(inputs, bi)
 	}
-	return inputs
+	return inputs, nil
 }
 
 //export VerifyCircomGroth16ProofBN256
@@ -169,7 +170,11 @@ func VerifyCircomGroth16ProofBN256(proofBytesRef C.ListRef, pubInputBytesRef C.L
 		return false
 	}
 
-	inputs := bytesToBigInts32(pubInputBytes)
+	inputs, err := bytesToBigInts32(pubInputBytes)
+	if err != nil {
+		log.Printf("Could not parse pub inputs: %v", err)
+		return false
+	}
 
 	err = verifier.VerifyRaw(vk, parsedProofData, inputs)
 	if err != nil {
diff --git a/operator/pkg/operator.go b/operator/pkg/operator.go
@@ -621,9 +621,9 @@ func (o *Operator) verifyGnarkGroth16Proof(proofBytes []byte, pubInputBytes []by
 
 // verifyCircomGroth16Bn256Proof verifies a Circom Groth16 proof using BN256 curve.
 func (o *Operator) verifyCircomGroth16Bn256Proof(proofBytes []byte, pubInputBytes []byte, verificationKeyBytes []byte) bool {
-	bytesToBigInts32 := func(b []byte) []*big.Int {
+	bytesToBigInts32 := func(b []byte) ([]*big.Int, error) {
 		if len(b)%32 != 0 {
-			panic("pubInputBytes length is not a multiple of 32")
+			return nil, fmt.Errorf("invalid length")
 		}
 
 		inputs := make([]*big.Int, 0, len(b)/32)
@@ -632,7 +632,7 @@ func (o *Operator) verifyCircomGroth16Bn256Proof(proofBytes []byte, pubInputByte
 			bi := new(big.Int).SetBytes(chunk)
 			inputs = append(inputs, bi)
 		}
-		return inputs
+		return inputs, nil
 	}
 
 	proofData := &rapidsnark_types.ProofData{}
@@ -661,7 +661,11 @@ func (o *Operator) verifyCircomGroth16Bn256Proof(proofBytes []byte, pubInputByte
 		return false
 	}
 
-	inputs := bytesToBigInts32(pubInputBytes)
+	inputs, err := bytesToBigInts32(pubInputBytes)
+	if err != nil {
+		log.Printf("Could not parse pub inputs: %v", err)
+		return false
+	}
 
 	err = rapidsnark_verifier.VerifyRaw(vk, parsedProofData, inputs)
 	if err != nil {
