AIKIDO-2026-10377
miden-crypto is vulnerable to Denial of Service (DoS)
53
Medium Risk
This Affects:
miden-cryptoTL;DR
In XChaCha::decrypt_bytes_with_associated_data, malformed ciphertext was passed to EncryptedData::read_from_bytes and the result was unwrapped; invalid input causes a panic and denial of service. Deserialization of untrusted data for MMR, MerkleStore, and crypto types could previously trigger OOMs or panics; the release adds budgeted reading and fuzz-hardened validation. NodeIndex::to_scalar_index() used a left shift by depth (up to 64) without checks, causing undefined behavior at depth 64 (panic in debug, wrong value in release). The patch replaces the unwrap with proper error propagation, switches untrusted deserialization to read_from_bytes_with_budget(), and fixes the overflow by using checked arithmetic and returning Result.
Who does this affect?
You are affected if you are using a version that falls within the vulnerable range.
Background info
miden-crypto is vulnerable to Denial of Service (DoS) in versions 0.1.1 - 0.22.6.
How to fix this
Upgrade the miden-crypto library to the patch version.
Get Secure Now
Secure your code, cloud, and runtime environments in one central system. Find and fix vulnerabilities automatically.
No credit card required | Scan results in 32secs.
SOC 2Compliant
ISO 27001Compliant