From 1640c45a9562845ec4783e372b9bc622648a3693 Mon Sep 17 00:00:00 2001
From: Etan Kissling <etan@status.im>
Date: Wed, 20 Sep 2023 00:13:58 +0200
Subject: [PATCH] reject invalid proofs when validating blobs (#5445)

Currently, passing `0xc00000...` proof seems to pass `verifyProofs`.
Unsure why such a check is not necessary in spec, and also unsure
whether it is correct to reject proof at infinity, or if it could
occur, e.g., for a blob containing all 0 bytes. Weird overall...

* proper fix
---
 beacon_chain/spec/state_transition_block.nim | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/beacon_chain/spec/state_transition_block.nim b/beacon_chain/spec/state_transition_block.nim
index 0c79d19d7..4224ffe8c 100644
--- a/beacon_chain/spec/state_transition_block.nim
+++ b/beacon_chain/spec/state_transition_block.nim
@@ -791,7 +791,10 @@ proc validate_blobs*(expected_kzg_commitments: seq[KzgCommitment],
   if proofs.len != blobs.len:
     return err("validate_blobs: different proof and blob lengths")
 
-  if verifyProofs(blobs, expected_kzg_commitments, proofs).isErr():
+  let res = verifyProofs(blobs, expected_kzg_commitments, proofs).valueOr:
+    return err("validate_blobs: proof verification error")
+
+  if not res:
     return err("validate_blobs: proof verification failed")
 
   ok()