Vulnerability in Proof Validation Allows Claim Exploit

[anarkrypto]

A vulnerability exists in the current implementation of the claim process where an attacker can generate fake proofs and successfully claim multiple times without a wallet in the MerkleMap.

The Airdrop Runtime Module does not validates the message / signer of the nullifier. So while it's created on the client side, nothing ensures the nullifier is valid and unique per sender.

private-airdrop-workshop/packages/chain/src/runtime/modules/airdrop.ts

Lines 86 to 92 in 8ee1fd6

	const isNullifierUsed = await this.nullifiers.get(
	airdropProof.publicOutput.nullifier
	);
	assert(isNullifierUsed.value.not(), "Nullifier has already been used");
	await this.nullifiers.set(airdropProof.publicOutput.nullifier, Bool(true));

The assertion of the commitment also does not guarantee the proof is valid, while the commitment is public, the attacker just needs query it from the module and send withing a fake proof class.

private-airdrop-workshop/packages/chain/src/runtime/modules/airdrop.ts

Lines 78 to 84 in 8ee1fd6

	airdropProof.verify();
	const commitment = await this.commitment.get();
	assert(
	airdropProof.publicOutput.root.equals(commitment.value),
	"Airdrop proof does not contain the correct commitment"
	);

[anarkrypto]

here is the changes I used to exploit: develop...anarkrypto:exploit-private-airdrop-workshop:develop

[anarkrypto]

according to maht0rz, development and sovereign envs still runs it out of the snark context
"protokit isnt production ready, you’d need to wait for us to enable ‘proofs enabled’ to execute all your snarks in our paralelized proving backend"

Feel free to close this