Zellic - Audit Reports

Assessment reports Public findings

Back to Zellic siteBack

Assessment reports>Brevis>Low findings>Parsing errors ignored in ,GetHexArray

GeneralOverview

Findings

Low (15)Native Keccak padding and round-index functions incorrect Assumptions made regarding log topics are not correct in full generality Selector not constrained to be Boolean for Select Conversion from Uint248 to Uint521 fails for values wider than 96 bits Prover assignment will fail for custom inputs Function to export Groth16 proofs only works for proofs with exactly one commitment Incorrect constant used in twosComplement Unexpected behavior for decompose-related functions on negative input Mismatch between Uint521 type and its documentation Raw data may be overwritten by index reuse Data might be arranged incorrectly by rawData[T].list Invalid receipts with empty LogField entries may be assigned Parsing errors ignored in GetHexArray Incorrect elliptic curve Proof submission calls callback even if submission fails

Informational (10)

DiscussionVarious possible simplifications and optimizations Additional validation Lack of documentation or comments Minor recommendations Code duplication Consistent usage of named constants Lists and tuples' ambiguous behavior when used recursively Behavior of bits2Bytes and addOutput for circuit variables Incorrect hex string and parsing errors canceling each other out References to MiMC instead of Poseidon Unallocated inputs slots not constrained Keccak padding function pad10*1 Confusing function GroupBy Setup Verification of Poseidon constants Test suite

Audit ResultsAssessment Results

Category: Coding Mistakes

Parsing errors ignored in `GetHexArray`

Low Impact

Low Severity

Low Likelihood

Description

The public GetHexArray function is implemented in common/utils/hex.go as follows:

func GetHexArray(hexStr string, maxLen int) (res []frontend.Variable) {
	for i := 0; i < maxLen; i++ {
		if i < len(hexStr) {
			intValue, _ := strconv.ParseInt(string(hexStr[i]), 16, 64)
			res = append(res, intValue)
		} else {
			res = append(res, 0)
		}
	}
	return
}

When the character being parsed with strconv.ParseInt is not a valid hexadecimal character, an error will be returned, and the value returned will be zero. However, GetHexArray ignores the error and uses the zero value anyway.

Impact

The GetHexArray function will use zero for characters that were not parsable as hexadecimal characters. Users calling GetHexArray likely do not intend this behavior, so this can lead to unintended results.

Recommendations

We recommend to check the returned error and panic if it is not nil.

Remediation

This issue has been acknowledged by Brevis, and a fix was implemented in commit 4b5029f4↗.

Zellic © 2025Back to top ↑