Join GitHub today
GitHub is home to over 36 million developers working together to host and review code, manage projects, and build software together.Sign up
Check consistency of note commitment and ciphertext in wallet #3897
utACK. Should the commitment be checked every time
That's what we do in Sapling, and I agree, but I don't want to block this PR on that. This is the entry point for the wallet's acceptance of a note and so this is the minimal change needed to remediate.
The same exception is already thrown by the inner decryption routine when it fails to decrypt. edit: further, this is the documented behavior of the
No, I don't think so. That would not be consistent with what we do in Sapling either.
Again, this routine is failing via exception in the same manner that it would had it failed to decrypt the ciphertext in the first place.
Can you clarify what you mean or how that impacts this PR?