AIKIDO-2025-10669
ckzg is vulnerable to Inadequate Encryption Strength
30
Low Risk
This Affects:
ckzgTL;DR
Affected versions of this package are vulnerable to a Weak Fiat-Shamir implementation due to an incorrect commitment processing bug where the deduplicated commitment count (num_commitments) was used with the original, potentially duplicate-containing array (commitments_bytes) for challenge computation, instead of the deduplicated array (unique_commitments). This mismatch could cause the system to generate a cryptographic challenge based on an incorrect subset of data, for example, using [commitment_a, commitment_a] instead of the intended unique set [commitment_a, commitment_b]. An attacker could potentially exploit this by strategically submitting duplicate commitments to manipulate the challenge value, which would allow them to influence the protocol's outcome or compromise its security guarantees, although exploitation is considered difficult.
Who does this affect?
You are affected if you are using a version that falls within the vulnerable range.
Background info
ckzg is vulnerable to Inadequate Encryption Strength in versions 0.0.1 - 2.1.4.
How to fix this
Upgrade the ckzg library to the patch version.
Are You Affected?
Connect your repositories to instantly see whether vulnerable or malicious packages exist in your codebase.
Free. No credit card required.
SOC 2Compliant
ISO 27001Compliant