Assessment reportsPublic findings
Back to Zellic site
Assessment reports>Brevis>Informational findings>Reduction ineffective in ,Values, function for ,Uint521
GeneralOverview
Findings
Critical (4)
High (5)
Medium (5)
Low (12)
Informational (9)No domain separation for commitmentsIncorrect specification for MinGeneric and MaxGenericEthereum header length checks for dynamic fields not checking ExtraEndianess for Bytes32Sign bit computed but not enabled in Select for Int248Reduction ineffective in Values function for Uint521Number of limbs of Uint521 not enforcedInconsistency in behavior of type conversionsLow bit widths for Transaction fields
DiscussionVarious possible simplifications and optimizationsAdditional validationLack of documentation or commentsMinor recommendationsCode duplicationConsistent usage of named constantsLists and tuples' ambiguous behavior when used recursivelyBehavior of bits2Bytes and addOutput for circuit variablesIncorrect hex string and parsing errors canceling each other outReferences to MiMC instead of PoseidonUnallocated inputs slots not constrainedKeccak padding function pad10*1Confusing function GroupBySetupVerification of Poseidon constantsTest suite
Audit ResultsAssessment Results
Category: Coding Mistakes

Reduction ineffective in Values function for Uint521

Informational Severity
Informational Impact
N/A Likelihood

Description

In sdk/api_uint521.go of the sdk repository, the Values function for the Uint521 type is implemented as follows:

func (v Uint521) Values() []frontend.Variable {
	u521Field.Reduce(v.Element)
	return v.Limbs
}

The call to Reduce will not change v.Element but only return the reduced value.

Impact

The current implementation does not match the intention to return the reduced limbs.

Recommendations

To return the reduced limbs, the function should be implemented as follows:

func (v Uint521) Values() []frontend.Variable {
	return u521Field.Reduce(v.Element).Limbs
}

Remediation

This issue has been acknowledged by Brevis, and a fix was implemented in commit ea757d48.

Zellic © 2025Back to top ↑