fixes

src/blsct/building_block/imp_inner_prod_arg.cpp

@@ -142,34 +142,28 @@ void ImpInnerProdArg::LoopWithYPows<Mcl>(
 
 template <typename T>
 std::optional<Elements<typename T::Scalar>> ImpInnerProdArg::GenAllRoundXs(
-    const size_t& num_rounds,
     const Elements<typename T::Point>& Ls,
     const Elements<typename T::Point>& Rs,
-    CHashWriter& fiat_shamir
-) {
+    CHashWriter& fiat_shamir)
+{
     using Scalar = typename T::Scalar;
     using Scalars = Elements<Scalar>;
 
     Scalars xs;
 
-    if (Rs.Size() == Ls.Size()) {
-        for (size_t i = 0; i < std::min(Ls.Size(), num_rounds); ++i) {
-            fiat_shamir << Ls[i];
-            fiat_shamir << Rs[i];
-            GEN_FIAT_SHAMIR_VAR(x, fiat_shamir, retry);
-            xs.Add(x);
-        }
+    for (size_t i = 0; i < Ls.Size(); ++i) {
+        fiat_shamir << Ls[i];
+        fiat_shamir << Rs[i];
+        GEN_FIAT_SHAMIR_VAR(x, fiat_shamir, retry);
+        xs.Add(x);
     }
 
     return xs;
 
 retry:
     return std::nullopt;
 }
-template
-std::optional<Elements<Mcl::Scalar>> ImpInnerProdArg::GenAllRoundXs<Mcl>(
-    const size_t& num_rounds,
+template std::optional<Elements<Mcl::Scalar>> ImpInnerProdArg::GenAllRoundXs<Mcl>(
     const Elements<Mcl::Point>& Ls,
     const Elements<Mcl::Point>& Rs,
-    CHashWriter& fiat_shamir
-);
+    CHashWriter& fiat_shamir);

src/blsct/building_block/imp_inner_prod_arg.h

@@ -57,7 +57,6 @@ struct ImpInnerProdArg {
     // inner product argument from a given hasher
     template <typename T>
     static std::optional<Elements<typename T::Scalar>> GenAllRoundXs(
-        const size_t& num_rounds,
         const Elements<typename T::Point>& Ls,
         const Elements<typename T::Point>& Rs,
         CHashWriter& fiat_shamir

src/blsct/range_proof/bulletproofs/range_proof_logic.cpp

@@ -228,6 +228,8 @@ bool RangeProofLogic<T>::VerifyProofs(
     using Scalars = Elements<Scalar>;
 
     for (const RangeProofWithTranscript<T>& p : proof_transcripts) {
+        if (p.proof.Ls.Size() != p.proof.Rs.Size()) return false;
+
         const range_proof::Generators<T> gens = m_common.Gf().GetInstance(p.proof.token_id);
         G_H_Gi_Hi_ZeroVerifier<T> verifier(max_mn);
 
@@ -370,13 +372,11 @@ AmountRecoveryResult<T> RangeProofLogic<T>::RecoverAmounts(
     // will contain result of successful requests only
     std::vector<range_proof::RecoveredData<T>> xs;
 
-    int i = -1;
-
-    for (const AmountRecoveryRequest<T>& req : reqs) {
+    for (size_t i = 0; i < reqs.size(); ++i) {
+        auto req = reqs[i];
         const range_proof::Generators<T> gens = m_common.Gf().GetInstance(req.token_id);
         Point G = gens.G;
         Point H = gens.H;
-        i++;
 
         // failure if sizes of Ls and Rs differ or Vs is empty
         auto Ls_Rs_valid = req.Ls.Size() > 0 && req.Ls.Size() == req.Rs.Size();
@@ -415,15 +415,14 @@ AmountRecoveryResult<T> RangeProofLogic<T>::RecoverAmounts(
             m_common.Uint64Max(),
             H,
             G,
-            req.Vs[0]
-        );
+            req.Vs[0]);
         if (maybe_msg_amt == std::nullopt) {
             continue;
         }
         auto msg_amt = maybe_msg_amt.value();
 
         auto x = range_proof::RecoveredData<T>(
-            (size_t)i,
+            i,
             msg_amt.amount,
             req.nonce.GetHashWithSalt(100), // gamma for vs[0]
             msg_amt.msg);
@@ -432,8 +431,7 @@ AmountRecoveryResult<T> RangeProofLogic<T>::RecoverAmounts(
     }
     return {
         true,
-        xs
-    };
+        xs};
 }
 template AmountRecoveryResult<Mcl> RangeProofLogic<Mcl>::RecoverAmounts(
     const std::vector<AmountRecoveryRequest<Mcl>>&

src/blsct/range_proof/bulletproofs/range_proof_with_transcript.cpp

@@ -43,11 +43,7 @@ RangeProofWithTranscript<T> RangeProofWithTranscript<T>::Build(const RangeProof<
 
     GEN_FIAT_SHAMIR_VAR(c_factor, fiat_shamir, retry);
 
-    auto num_rounds = range_proof::Common<T>::GetNumRoundsExclLast(
-        proof.Vs.Size()
-    );
     auto maybe_xs = ImpInnerProdArg::GenAllRoundXs<T>(
-        num_rounds,
         proof.Ls,
         proof.Rs,
         fiat_shamir

src/blsct/range_proof/bulletproofs_plus/range_proof_logic.cpp

@@ -386,6 +386,8 @@ bool RangeProofLogic<T>::VerifyProofs(
     using Scalars = Elements<Scalar>;
 
     for (const RangeProofWithTranscript<T>& pt : proof_transcripts) {
+        if (pt.proof.Ls.Size() != pt.proof.Rs.Size()) return false;
+
         range_proof::Generators<T> gens = m_common.Gf().GetInstance(pt.proof.token_id);
 
         auto gs = gens.GetGiSubset(pt.mn);

src/blsct/set_mem_proof/set_mem_proof_prover.cpp

@@ -258,6 +258,8 @@ bool SetMemProofProver<T>::Verify(
 ) {
     using LazyPoint = LazyPoint<T>;
 
+    if (proof.Ls.Size() != proof.Rs.Size()) return false;
+
     size_t n = blsct::Common::GetFirstPowerOf2GreaterOrEqTo(Ys_src.Size());
     if (n > setup.N) {
         throw std::runtime_error(std::string(__func__) + ": # of commitments exceeds the setup maximum");
@@ -320,7 +322,7 @@ bool SetMemProofProver<T>::Verify(
 
         Scalars xs;
         {
-            auto maybe_xs = ImpInnerProdArg::GenAllRoundXs<T>(num_rounds, proof.Ls, proof.Rs, fiat_shamir);
+            auto maybe_xs = ImpInnerProdArg::GenAllRoundXs<T>(proof.Ls, proof.Rs, fiat_shamir);
             if (!maybe_xs.has_value()) goto retry;
             xs = maybe_xs.value();
         }

src/test/blsct/building_block/imp_inner_prod_arg_tests.cpp

@@ -92,7 +92,7 @@ BOOST_AUTO_TEST_CASE(test_gen_all_round_xs_xinvs)
     Rs.Add(g + g + g);
     Rs.Add(g + g + g + g);
 
-    auto res = ImpInnerProdArg::GenAllRoundXs<Mcl>(2, Ls, Rs, fiat_shamir).value();
+    auto res = ImpInnerProdArg::GenAllRoundXs<Mcl>(Ls, Rs, fiat_shamir).value();
     BOOST_CHECK(res.Size() == 2);
     BOOST_CHECK(res[0].GetString(16) == "1549ffc50ba69bf258b57da9e829cf787d7996fb9b6f779667a3d83544f8fac3");
     BOOST_CHECK(res[1].GetString(16) == "198816319c5d3178b6569166c76e75c956e3382487a95fed771d4312686b6e8");