Java/node bindings: Insufficient validation of inputs to verify_aggregate_kzg_proof()

[asn-d6]

The c-kzg public method verify_aggregate_kzg_proof() expects that its blobs and expected_kzg_commitments arguments have length of size n.

This is an undocumented requirement but still real because of the array accessing loop in

c-kzg-4844/src/c_kzg_4844.c

Lines 1290 to 1294 in c72ea8e

	for (size_t i = 0; i < n; i++) {
	ret = poly_from_blob(&polys[i], &blobs[i]);
	if (ret != C_KZG_OK) goto out;
	ret = poly_to_kzg_commitment(&commitments[i], &polys[i], s);
	if (ret != C_KZG_OK) goto out;

However, this is not respected by all bindings:

• The Java bindings do not check that there are count commitments present
• The nodejs bindings assume that there are as many commitments as blobs and then freely copy memory into the short commitments[blob_index] array

I suggest we document this requirement in the core c-kzg library so that bindings know what to expect. We also need to fix the above two cases. We might also need some unittests that check this behavior.

[asn-d6]

For additional context here, the caller of verify_aggregate_kzg_proof() makes sure that commitments and blobs have the same size: https://github.com/ethereum/consensus-specs/blob/dev/specs/eip4844/fork-choice.md#validate_blobs_sidecar

It might be worth highlighting that invariant in the bindings by adding an assert.

[xrchz]

I think this is all done by #68

[xrchz]

Oh maybe the node bindings are still not done?

[dgcoffman]

I can add a check in the Node bindings