Skip to content

[cryptography/dkg] validate players length before cast in deal()#3272

Open
0xAysh wants to merge 1 commit intocommonwarexyz:mainfrom
0xAysh:fix/dkg-deal-players-cast
Open

[cryptography/dkg] validate players length before cast in deal()#3272
0xAysh wants to merge 1 commit intocommonwarexyz:mainfrom
0xAysh:fix/dkg-deal-players-cast

Conversation

@0xAysh
Copy link

@0xAysh 0xAysh commented Feb 28, 2026

Fixes #3062

The issue flagged that deal() was casting players.len() as u32 without validating the upper bound. Values above u32::MAX silently truncate — a set of u32::MAX + 2 players would cast to 1, causing deal() to compute a DKG with n = 1 instead of the real participant count, producing cryptographically invalid shares with no error surfaced to the caller.

The issue decription alos mentioned that Info::new() already solves this exactly using a participant_range guard that covers both the lower bound (empty) and upper bound (overflow) in one check, reusing the existing Error::NumPlayers variant. deal() is a convenience helper that bypasses the full DKG path and had simply missed copying this guard.

The fix mirrors Info::new() directly so the validation pattern is consistent across the file.

Closes #3062

@0xAysh
fix(cryptography/dkg): validate players length before cast in deal()
ab6654d 
  players.len() was cast to u32 without an upper bound check, allowing
  silent truncation on 64-bit systems. Mirror the existing validation
  pattern from Info::new() using the 1..u32::MAX range guard.

  Closes commonwarexyz#3062
@0xAysh 0xAysh mentioned this pull request Feb 28, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[Info] Silent cast of players.len() in deal()

1 participant

@0xAysh