Skip to content

fix(l1): reject non-canonical single-byte RLP in u8 decoding#6958

Draft
kevaundray wants to merge 1 commit into
lambdaclass:mainfrom
kevaundray:fix/rlp-u8-non-canonical-decode
Draft

fix(l1): reject non-canonical single-byte RLP in u8 decoding#6958
kevaundray wants to merge 1 commit into
lambdaclass:mainfrom
kevaundray:fix/rlp-u8-non-canonical-decode

Conversation

@kevaundray

@kevaundray kevaundray commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

Generated by claude: I was experimenting with FV and it spotted this.

Motivation

Canonical RLP requires a single byte in 0x00..=0x7f to be its own encoding; wrapping it in a 1-byte string is non-canonical. #6818 made decode_rlp_item reject this, but the hand-rolled u8 fast path skips those checks, so u8::decode accepted [0x81, 0x01] -> 1 and [0x81, 0x00] -> 0 while u16/u32/u64 reject the same bytes.

Description

Reject a wrapped second byte below 0x80 in the u8 two-byte arm, matching the canonicality rules the general decode path already enforces, and add a regression test.

Checklist

  • Updated STORE_SCHEMA_VERSION (crates/storage/lib.rs) if the PR includes breaking changes to the Store requiring a re-sync.

Closes #issue_number

**Motivation**

Canonical RLP requires a single byte in 0x00..=0x7f to be its own
encoding; wrapping it in a 1-byte string is non-canonical. lambdaclass#6818 made
decode_rlp_item reject this, but the hand-rolled u8 fast path skips
those checks, so u8::decode accepted [0x81, 0x01] -> 1 and
[0x81, 0x00] -> 0 while u16/u32/u64 reject the same bytes.

**Description**

Reject a wrapped second byte below 0x80 in the u8 two-byte arm,
matching the canonicality rules the general decode path already
enforces, and add a regression test.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant