From 576254423e21da4823e381bf099408f9507c9d83 Mon Sep 17 00:00:00 2001
From: Mark Spanbroek <mark@spanbroek.net>
Date: Tue, 30 Jan 2024 15:02:47 +0100
Subject: [PATCH] Return false when public inputs are invalid

---
 contracts/Groth16Verifier.sol | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/contracts/Groth16Verifier.sol b/contracts/Groth16Verifier.sol
index 0414441..ae2c3e6 100644
--- a/contracts/Groth16Verifier.sol
+++ b/contracts/Groth16Verifier.sol
@@ -139,13 +139,15 @@ contract Groth16Verifier {
     uint[] memory input
   ) public view returns (bool success) {
     require(input.length + 1 == _verifyingKey.ic.length, "verifier-bad-input");
+    // Check that inputs are field elements
+    for (uint i = 0; i < input.length; i++) {
+      if (input[i] >= _Q) {
+        return false;
+      }
+    }
     // Compute the linear combination vkX
     G1Point memory vkX = G1Point(0, 0);
     for (uint i = 0; i < input.length; i++) {
-      require(
-        input[i] < _Q,
-        "verifier-gte-snark-scalar-field"
-      );
       G1Point memory product;
       (success, product) = _multiply(_verifyingKey.ic[i + 1], input[i]);
       if (!success) {