zksync icon indicating copy to clipboard operation
zksync copied to clipboard
verified publisher icon matter-labs

is changePubKey process safe in circuit?

Open mdj33 opened this issue 2 years ago • 0 comments

hi, I studied the changePubKey process of zksync, on process is firstly changing pubkey in L1, then L2 also send a changePubkey tx which signed the pubkey_hash with corresponding L2 private_key and verified in circuit. but it not verify the L1 address. when malicious user signed the wrong L1 address with self L2 private_key, it will result in commitBlock verified failed in L1.

for example. user A first deposit 100ETH in L1 with addr_A address. B sign a change pubkey tx to addr_A, the circuit will verify it success as no verification with addr_A and pubkey_hash_B, however, it will verify failed in L1 when commitBlock submitted to check the changePubkey map.

if there is some wrong ,please let me know, thanks.

mdj33 avatar Mar 07 '23 11:03 mdj33