Security company: zkSNARK contract "input pseudonym" vulnerability caused many mine projects to explode, need to update the underlying library

On July 29, according to Ambi Labs, a large number of zero-knowledge proof projects introduced a “Input Aliasing” vulnerability due to the incorrect use of a zkSNARKs contract library, which could lead to forgery proof, double-flowering, replay and other attacks. Occurs, and the cost of attack is extremely low. Many Ethereum community open source projects have been affected, including the three most commonly used zkSNARKs zero-known development libraries snarkjs, ethsnarks, ZoKrates, and the recent three hot coins (anonymous transfer) applications hopper, Heiswap, Miximus. Note: All projects that use the zkSNARKs cryptography contract library should conduct a self-examination immediately to assess whether the impact is affected. The fix is ​​simple. It is only necessary to add a checksum of the input parameter size to the verification function, forcing the input value to be smaller than the q value mentioned above. That is, it is strictly forbidden to "enter the pseudonym" to prevent the use of multiple numbers to represent the same point. Fortunately, the current common zkSNARKs contract library has been updated rapidly, and the "input pseudonym" has been eliminated from the underlying library level.