Skip to content

allow 0 challenge#398

Open
volodymyr-basiuk wants to merge 7 commits intomainfrom
fix/zero-challenge
Open

allow 0 challenge#398
volodymyr-basiuk wants to merge 7 commits intomainfrom
fix/zero-challenge

Conversation

@volodymyr-basiuk
Copy link
Copy Markdown
Collaborator

@volodymyr-basiuk volodymyr-basiuk commented Feb 25, 2026

No description provided.

Copilot AI reviewed Feb 26, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR updates challenge validation so a zero-valued challenge (0 / 0n) is treated as a valid input across auth/on-chain proof generation and circuit input validation.

Changes:

  • Allow 0/0n challenges by replacing falsy checks (if (!challenge)) with explicit null/undefined checks.
  • Add a regression test ensuring an auth proof request with challenge "0" is handled successfully.

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 1 comment.

File Description
tests/handlers/auth.test.ts Extends the auth handler test to include an AuthV3 proof request with a "0" challenge and validates the resulting pub signal.
src/proof/provers/inputs-generator.ts Updates challenge presence checks to accept 0n and avoid rejecting valid zero challenges.
src/circuits/auth-v2.ts Updates circuit input validation to accept challenge = 0n.
src/circuits/atomic-query-v3-on-chain.ts Updates circuit input validation to accept challenge = 0n.
Comments suppressed due to low confidence (1)

src/proof/provers/inputs-generator.ts:257

  • In authPrepareInputs, the new null/undefined check allows empty-string challenges (e.g. ''), which will then fail later at BigInt(challenge) with a SyntaxError and a less actionable message than the current explicit "challenge must be provided…" error. Consider treating empty/whitespace strings as missing (or catching BigInt parsing errors) so invalid challenges still raise a clear, consistent error while keeping 0/0n valid.
    let challenge = params.challenge ?? proofReq.params?.challenge;

    if (challenge === null || challenge === undefined) {
      throw new Error('challenge must be provided for auth circuit');
    }

    challenge = BigInt(challenge);

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread tests/handlers/auth.test.ts
Comment on lines +1170 to 1172
expect(authRes.authResponse.body.scope).to.have.lengthOf(3);
const [onChainProofResp, authProofResp, zeroChallengeResp] = authRes.authResponse.body.scope;
expect(onChainProofResp.circuitId).to.contain(CircuitId.AtomicQueryV3OnChainStable);
Copy link

Copilot AI Feb 26, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This test destructures authRes.authResponse.body.scope by position, which makes it sensitive to any future reordering/filtering of proof responses. To make the test more robust, consider locating responses by id (and/or circuitId) before asserting on pub_signals (e.g., assert the response with id: 3 has challenge 0).

Copilot uses AI. Check for mistakes.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@Kolezhniuk Kolezhniuk Awaiting requested review from Kolezhniuk

@vmidyllic vmidyllic Awaiting requested review from vmidyllic

At least 2 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@volodymyr-basiuk