From 1455cd221dcb0849190879911688152669e4ed36 Mon Sep 17 00:00:00 2001
From: SoraSuegami <suegamisora@gmail.com>
Date: Tue, 20 Aug 2024 20:21:17 +0900
Subject: [PATCH] Fix maskedSubject attack vector and timestamp bug

---
 packages/contracts/src/EmailAuth.sol | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/packages/contracts/src/EmailAuth.sol b/packages/contracts/src/EmailAuth.sol
index ae850d42..d0c1c493 100644
--- a/packages/contracts/src/EmailAuth.sol
+++ b/packages/contracts/src/EmailAuth.sol
@@ -221,6 +221,15 @@ contract EmailAuth is OwnableUpgradeable, UUPSUpgradeable {
                 emailAuthMsg.proof.timestamp > lastTimestamp,
             "invalid timestamp"
         );
+        require(
+            bytes(emailAuthMsg.proof.maskedSubject).length <=
+                verifier.SUBJECT_BYTES(),
+            "invalid masked subject length"
+        );
+        require(
+            emailAuthMsg.skipedSubjectPrefix < verifier.SUBJECT_BYTES(),
+            "invalid size of the skiped subject prefix"
+        );
 
         // Construct an expectedSubject from template and the values of emailAuthMsg.subjectParams.
         string memory expectedSubject = SubjectUtils.computeExpectedSubject(
@@ -241,7 +250,9 @@ contract EmailAuth is OwnableUpgradeable, UUPSUpgradeable {
         );
 
         usedNullifiers[emailAuthMsg.proof.emailNullifier] = true;
-        lastTimestamp = emailAuthMsg.proof.timestamp;
+        if (timestampCheckEnabled) {
+            lastTimestamp = emailAuthMsg.proof.timestamp;
+        }
         emit EmailAuthed(
             emailAuthMsg.proof.emailNullifier,
             emailAuthMsg.proof.accountSalt,