From 4abff3453ce3393a303c1c5ea7f076628e6ae820 Mon Sep 17 00:00:00 2001
From: Mario Rugiero <mrugiero@gmail.com>
Date: Tue, 21 Jan 2025 21:35:02 -0300
Subject: [PATCH 1/3] hotfix: overestimate batch size to avoid a DoS

---
 batcher/aligned-batcher/src/lib.rs               | 16 +++++++++++++---
 batcher/aligned-batcher/src/types/batch_queue.rs | 10 ++++++++--
 batcher/aligned-sdk/src/core/constants.rs        |  9 +++++++++
 3 files changed, 30 insertions(+), 5 deletions(-)

diff --git a/batcher/aligned-batcher/src/lib.rs b/batcher/aligned-batcher/src/lib.rs
index 0b6f7c0d85..71dfcb5e3d 100644
--- a/batcher/aligned-batcher/src/lib.rs
+++ b/batcher/aligned-batcher/src/lib.rs
@@ -25,9 +25,9 @@ use std::time::Duration;
 use aligned_sdk::core::constants::{
     ADDITIONAL_SUBMISSION_GAS_COST_PER_PROOF, BATCHER_SUBMISSION_BASE_GAS_COST,
     BUMP_BACKOFF_FACTOR, BUMP_MAX_RETRIES, BUMP_MAX_RETRY_DELAY, BUMP_MIN_RETRY_DELAY,
-    CONNECTION_TIMEOUT, DEFAULT_MAX_FEE_PER_PROOF, ETHEREUM_CALL_BACKOFF_FACTOR,
-    ETHEREUM_CALL_MAX_RETRIES, ETHEREUM_CALL_MAX_RETRY_DELAY, ETHEREUM_CALL_MIN_RETRY_DELAY,
-    GAS_PRICE_PERCENTAGE_MULTIPLIER, PERCENTAGE_DIVIDER,
+    CBOR_ARRAY_MAX_OVERHEAD, CONNECTION_TIMEOUT, DEFAULT_MAX_FEE_PER_PROOF,
+    ETHEREUM_CALL_BACKOFF_FACTOR, ETHEREUM_CALL_MAX_RETRIES, ETHEREUM_CALL_MAX_RETRY_DELAY,
+    ETHEREUM_CALL_MIN_RETRY_DELAY, GAS_PRICE_PERCENTAGE_MULTIPLIER, PERCENTAGE_DIVIDER,
     RESPOND_TO_TASK_FEE_LIMIT_PERCENTAGE_MULTIPLIER,
 };
 use aligned_sdk::core::types::{
@@ -114,6 +114,16 @@ impl Batcher {
         let s3_client = s3::create_client(upload_endpoint).await;
 
         let config = ConfigFromYaml::new(config_file);
+        // Ensure max_batch_bytes_size can at least hold one proof of max_proof_size,
+        // including the overhead introduced by serialization
+        assert!(
+            config.batcher.max_proof_size + CBOR_ARRAY_MAX_OVERHEAD
+                <= config.batcher.max_batch_byte_size,
+            "max_batch_bytes_size ({}) not big enough for one max_proof_size ({}) proof",
+            config.batcher.max_batch_byte_size,
+            config.batcher.max_proof_size
+        );
+
         let deployment_output =
             ContractDeploymentOutput::new(config.aligned_layer_deployment_config_file_path);
 
diff --git a/batcher/aligned-batcher/src/types/batch_queue.rs b/batcher/aligned-batcher/src/types/batch_queue.rs
index a32957a548..5c2056eadb 100644
--- a/batcher/aligned-batcher/src/types/batch_queue.rs
+++ b/batcher/aligned-batcher/src/types/batch_queue.rs
@@ -1,6 +1,9 @@
 use aligned_sdk::{
     communication::serialization::cbor_serialize,
-    core::types::{NoncedVerificationData, VerificationDataCommitment},
+    core::{
+        constants::CBOR_ARRAY_MAX_OVERHEAD,
+        types::{NoncedVerificationData, VerificationDataCommitment},
+    },
 };
 use ethers::types::{Address, Signature, U256};
 use priority_queue::PriorityQueue;
@@ -132,7 +135,10 @@ pub(crate) fn calculate_batch_size(batch_queue: &BatchQueue) -> Result<usize, Ba
     });
 
     if let ControlFlow::Continue(batch_size) = folded_result {
-        Ok(batch_size)
+        // We over-estimate the size of the batch by at most 8 bytes.
+        // This saves us from a scenario where we actually try to send more
+        // than the maximum allowed bytes and get rejected by operators.
+        Ok(CBOR_ARRAY_MAX_OVERHEAD + batch_size)
     } else {
         Err(BatcherError::SerializationError(String::from(
             "Could not calculate size of batch",
diff --git a/batcher/aligned-sdk/src/core/constants.rs b/batcher/aligned-sdk/src/core/constants.rs
index 01d0215952..2b1ff998aa 100644
--- a/batcher/aligned-sdk/src/core/constants.rs
+++ b/batcher/aligned-sdk/src/core/constants.rs
@@ -11,6 +11,15 @@ pub const DEFAULT_MAX_FEE_PER_PROOF: u128 =
     ADDITIONAL_SUBMISSION_GAS_COST_PER_PROOF * 100_000_000_000; // gas_price = 100 Gwei = 0.0000001 ether (high gas price)
 pub const CONNECTION_TIMEOUT: u64 = 30; // 30 secs
 
+// According to:
+// - https://www.rfc-editor.org/rfc/rfc8949.html#section-3.1-2.10
+// - https://www.rfc-editor.org/rfc/rfc8949.html#section-3-3.2
+// - https://www.rfc-editor.org/rfc/rfc8949.html#section-3-3.4
+// 9 bytes are the maximum overhead from aggregating data into an array in CBOR
+// (it may be as little as just 1 byte, but it depends on the number of elements
+// and serialization parameters).
+pub const CBOR_ARRAY_MAX_OVERHEAD: usize = 9;
+
 // % modifiers: (100% is x1, 10% is x0.1, 1000% is x10)
 pub const RESPOND_TO_TASK_FEE_LIMIT_PERCENTAGE_MULTIPLIER: u128 = 250; // fee_for_aggregator -> respondToTaskFeeLimit modifier
 pub const DEFAULT_AGGREGATOR_FEE_PERCENTAGE_MULTIPLIER: u128 = 125; // feeForAggregator modifier

From 2934c7594dbca446afe4505bd207f6bf087b14df Mon Sep 17 00:00:00 2001
From: Urix <43704209+uri-99@users.noreply.github.com>
Date: Mon, 27 Jan 2025 14:00:11 -0300
Subject: [PATCH 2/3] docs: add groth16 1 commit limitation

---
 docs/1_introduction/3_faq.md                 | 2 +-
 docs/2_architecture/0_supported_verifiers.md | 2 +-
 docs/3_guides/0_submitting_proofs.md         | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/docs/1_introduction/3_faq.md b/docs/1_introduction/3_faq.md
index ef95245b47..f121a3647a 100644
--- a/docs/1_introduction/3_faq.md
+++ b/docs/1_introduction/3_faq.md
@@ -100,7 +100,7 @@ Aligned provides recursive proof aggregation as part of its aggregation mode, a
     
 ### What proof systems do you support?
     
-Aligned is designed to support any proof system. We [currently support](../2_architecture/0_supported_verifiers.md) Groth16 and Plonk (gnark), SP1 and Risc0.
+Aligned is designed to support any proof system. We [currently support](../2_architecture/0_supported_verifiers.md) Groth16 (limited to 1 commitment) and Plonk (gnark), SP1 and Risc0.
     
 ### How easy is it to add new proof systems?
     
diff --git a/docs/2_architecture/0_supported_verifiers.md b/docs/2_architecture/0_supported_verifiers.md
index 4e76f0a398..b9adf83e87 100644
--- a/docs/2_architecture/0_supported_verifiers.md
+++ b/docs/2_architecture/0_supported_verifiers.md
@@ -4,7 +4,7 @@ Aligned's support for multiple proof systems is a significant advantage, as it a
 
 The following is the list of the verifiers currently supported by Aligned:
 
-- :white_check_mark: gnark - Groth16 (with BN254) [(v0.10.0)](https://github.com/Consensys/gnark/releases/tag/v0.10.0)
+- :white_check_mark: gnark - Groth16 (with BN254, limited to 1 commitment) [(v0.10.0)](https://github.com/Consensys/gnark/releases/tag/v0.10.0)
 - :white_check_mark: gnark - Plonk (with BN254 and BLS12-381) [(v0.10.0)](https://github.com/Consensys/gnark/releases/tag/v0.10.0)
 - :white_check_mark: SP1 [(v3.0.0)](https://github.com/succinctlabs/sp1/releases/tag/v3.0.0)
 - :white_check_mark: Risc0 [(v1.1.2)](https://github.com/risc0/risc0/releases/tag/v1.1.2)
diff --git a/docs/3_guides/0_submitting_proofs.md b/docs/3_guides/0_submitting_proofs.md
index efbd3d8bbb..e268881bda 100644
--- a/docs/3_guides/0_submitting_proofs.md
+++ b/docs/3_guides/0_submitting_proofs.md
@@ -10,7 +10,7 @@ You can check your submitted proofs on [Mainnet Explorer](https://explorer.align
 
 The following is the list of the verifiers currently supported by Aligned:
 
-- :white_check_mark: gnark - Groth16 (with BN254)
+- :white_check_mark: gnark - Groth16 (with BN254, limited to 1 commitment)
 - :white_check_mark: gnark - Plonk (with BN254 and BLS12-381)
 - :white_check_mark: SP1 [(v3.0.0)](https://github.com/succinctlabs/sp1/releases/tag/v3.0.0)
 - :white_check_mark: Risc0 [(v1.1.2)](https://github.com/risc0/risc0/releases/tag/v1.1.2)

From f98afcbd9e42fe534a57ed44b17b4881b588d65f Mon Sep 17 00:00:00 2001
From: MauroFab <maurotoscano2@gmail.com>
Date: Tue, 28 Jan 2025 14:14:13 -0300
Subject: [PATCH 3/3] Restore docs

---
 docs/1_introduction/3_faq.md                 | 2 +-
 docs/2_architecture/0_supported_verifiers.md | 2 +-
 docs/3_guides/0_submitting_proofs.md         | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/docs/1_introduction/3_faq.md b/docs/1_introduction/3_faq.md
index f121a3647a..ef95245b47 100644
--- a/docs/1_introduction/3_faq.md
+++ b/docs/1_introduction/3_faq.md
@@ -100,7 +100,7 @@ Aligned provides recursive proof aggregation as part of its aggregation mode, a
     
 ### What proof systems do you support?
     
-Aligned is designed to support any proof system. We [currently support](../2_architecture/0_supported_verifiers.md) Groth16 (limited to 1 commitment) and Plonk (gnark), SP1 and Risc0.
+Aligned is designed to support any proof system. We [currently support](../2_architecture/0_supported_verifiers.md) Groth16 and Plonk (gnark), SP1 and Risc0.
     
 ### How easy is it to add new proof systems?
     
diff --git a/docs/2_architecture/0_supported_verifiers.md b/docs/2_architecture/0_supported_verifiers.md
index b9adf83e87..4e76f0a398 100644
--- a/docs/2_architecture/0_supported_verifiers.md
+++ b/docs/2_architecture/0_supported_verifiers.md
@@ -4,7 +4,7 @@ Aligned's support for multiple proof systems is a significant advantage, as it a
 
 The following is the list of the verifiers currently supported by Aligned:
 
-- :white_check_mark: gnark - Groth16 (with BN254, limited to 1 commitment) [(v0.10.0)](https://github.com/Consensys/gnark/releases/tag/v0.10.0)
+- :white_check_mark: gnark - Groth16 (with BN254) [(v0.10.0)](https://github.com/Consensys/gnark/releases/tag/v0.10.0)
 - :white_check_mark: gnark - Plonk (with BN254 and BLS12-381) [(v0.10.0)](https://github.com/Consensys/gnark/releases/tag/v0.10.0)
 - :white_check_mark: SP1 [(v3.0.0)](https://github.com/succinctlabs/sp1/releases/tag/v3.0.0)
 - :white_check_mark: Risc0 [(v1.1.2)](https://github.com/risc0/risc0/releases/tag/v1.1.2)
diff --git a/docs/3_guides/0_submitting_proofs.md b/docs/3_guides/0_submitting_proofs.md
index e268881bda..efbd3d8bbb 100644
--- a/docs/3_guides/0_submitting_proofs.md
+++ b/docs/3_guides/0_submitting_proofs.md
@@ -10,7 +10,7 @@ You can check your submitted proofs on [Mainnet Explorer](https://explorer.align
 
 The following is the list of the verifiers currently supported by Aligned:
 
-- :white_check_mark: gnark - Groth16 (with BN254, limited to 1 commitment)
+- :white_check_mark: gnark - Groth16 (with BN254)
 - :white_check_mark: gnark - Plonk (with BN254 and BLS12-381)
 - :white_check_mark: SP1 [(v3.0.0)](https://github.com/succinctlabs/sp1/releases/tag/v3.0.0)
 - :white_check_mark: Risc0 [(v1.1.2)](https://github.com/risc0/risc0/releases/tag/v1.1.2)