Assessment reports>Barretenberg Bigfield>Discussion>Maturity of the codebase and lack of specifications

Maturity of the codebase and lack of specifications

The reviewed code of the bigfield component is a low-level component handling arithmetic for non-native fields. The manner in which non-native fields are emulated by bigfield hinge crucially on careful bounds on the data operated on to prevent issues due to overflows and underflows in the bn254 scalar field or other arithmetic types. Ensuring that no overflows or underflows happen requires a careful analysis tracing such bounds through the code.

Given this, we strongly recommend to specify assumptions made for the arguments to each function, together with what that function should then enforce. Additionally, in places where it is not obvious that overflows can not occur or a call to another function satisfies its requirements, we recommend to add comments outlining the reasoning why the assumptions imply that these issues can not occur.

This will help prevent bugs already during development and also make reviewing the code for correctness significantly easier. Fully documenting the interface of the implemented functions that are to be used by callers outside of the bigfield component itself is also important to ensure correct usage by external callers.

The current codebase largely lacks such specifications, and we identified several bugs that might have been prevented by consistently specifying intended behavior as suggested, such as the critical findings in sections ref, ref, and ref.

We strongly recommend to add specifications and comments as described above to the bigfield codebase before a possible second audit.

Zellic © 2025Back to top ↑