Context
From audits/chain-exploitability-analysis.md. Not exploitable today; usage-conditioned, and primarily a wormhole-circuit concern (see the separate circuit audit). Tracking umbrella: #64.
Finding
- #79713 — BoolTarget can be minted without any boolean constraint.
BoolTarget::new_unsafe and the derived Default wrap an arbitrary Target without adding assert_bool, so the documented {0,1} invariant is not enforced at construction.
Why it's safe today
The wormhole circuit obtains its booleans from constrained sources: range_check bits, is_equal / and / or / not, and add_virtual_bool_target_safe (which calls assert_bool).
What would make it CRITICAL
Any new circuit code that feeds an unconstrained BoolTarget (via new_unsafe / Default) into a select / conditional / bit gadget lets a malicious prover drive that "bool" with an arbitrary field element → soundness hole.
Action / guardrail
- Prefer
add_virtual_bool_target_safe; reserve new_unsafe for bits already constrained elsewhere, with a comment naming the constraint.
- Audit all
BoolTarget::new_unsafe / Default uses in the wormhole circuit; add assert_bool where the source is not provably boolean.
Related audit category: #58 (Gate & constraint soundness). Lives mainly in the wormhole-circuit audit.
Context
From
audits/chain-exploitability-analysis.md. Not exploitable today; usage-conditioned, and primarily a wormhole-circuit concern (see the separate circuit audit). Tracking umbrella: #64.Finding
BoolTarget::new_unsafeand the derivedDefaultwrap an arbitraryTargetwithout addingassert_bool, so the documented{0,1}invariant is not enforced at construction.Why it's safe today
The wormhole circuit obtains its booleans from constrained sources:
range_checkbits,is_equal/and/or/not, andadd_virtual_bool_target_safe(which callsassert_bool).What would make it CRITICAL
Any new circuit code that feeds an unconstrained
BoolTarget(vianew_unsafe/Default) into aselect/ conditional / bit gadget lets a malicious prover drive that "bool" with an arbitrary field element → soundness hole.Action / guardrail
add_virtual_bool_target_safe; reservenew_unsafefor bits already constrained elsewhere, with a comment naming the constraint.BoolTarget::new_unsafe/Defaultuses in the wormhole circuit; addassert_boolwhere the source is not provably boolean.Related audit category: #58 (Gate & constraint soundness). Lives mainly in the wormhole-circuit audit.