CVE-2022-29566

Published: Apr 21, 2022

Modified: Aug 3, 2024

PUBLISHED

Description

The Bulletproofs 2017/1066 paper mishandles Fiat-Shamir generation because the hash computation fails to include all of the public values from the Zero Knowledge proof statement as well as all of the public values computed in the proof, aka the Frozen Heart issue.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://blog.trailofbits.com/2022/04/13/part-1-coordinated-disclosure-of-vulnerabilities-affecting-girault-bulletproofs-and-plonk/

x_refsource_MISC

https://eprint.iacr.org/2017/1066

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-29566

Description

Affected Products

References