Fix nonce length generation (MystenLabs#18081)

## Description Fixes nonce generation sometimes being off by one byte. ## Test plan How did you test the new or updated feature? --- ## Release notes Check each box that your changes affect. If none of the boxes relate to your changes, release notes aren't required. For each box you select, include information after the relevant heading that describes the impact of your changes that a user might notice and any actions they must take to implement updates. - [ ] Protocol: - [ ] Nodes (Validators and Full nodes): - [ ] Indexer: - [ ] JSON-RPC: - [ ] GraphQL: - [ ] CLI: - [ ] Rust SDK:
endlessgrin · Jun 24, 2024 · 06a900c · 06a900c
1 parent 61a3b97
commit 06a900c
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 3 deletions.
diff --git a/.changeset/flat-ligers-brush.md b/.changeset/flat-ligers-brush.md
@@ -0,0 +1,6 @@
+---
+'@mysten/sui': patch
+'@mysten/zklogin': patch
+---
+
+Fix nonce generation inconsistency
diff --git a/sdk/typescript/src/zklogin/index.ts b/sdk/typescript/src/zklogin/index.ts
@@ -2,7 +2,7 @@
 // SPDX-License-Identifier: Apache-2.0
 
 export { getZkLoginSignature, parseZkLoginSignature } from './signature.js';
-export { toBigEndianBytes } from './utils.js';
+export { toBigEndianBytes, toPaddedBigEndianBytes } from './utils.js';
 export { computeZkLoginAddressFromSeed } from './address.js';
 export { toZkLoginPublicIdentifier, ZkLoginPublicIdentifier } from './publickey.js';
 export type { ZkLoginSignatureInputs } from './bcs.js';
diff --git a/sdk/zklogin/src/nonce.ts b/sdk/zklogin/src/nonce.ts
@@ -3,7 +3,7 @@
 
 import { toHEX } from '@mysten/bcs';
 import type { PublicKey } from '@mysten/sui/cryptography';
-import { toBigEndianBytes } from '@mysten/sui/zklogin';
+import { toPaddedBigEndianBytes } from '@mysten/sui/zklogin';
 import { randomBytes } from '@noble/hashes/utils';
 import { base64url } from 'jose';
 
@@ -29,7 +29,7 @@ export function generateNonce(publicKey: PublicKey, maxEpoch: number, randomness
 	const eph_public_key_0 = publicKeyBytes / 2n ** 128n;
 	const eph_public_key_1 = publicKeyBytes % 2n ** 128n;
 	const bigNum = poseidonHash([eph_public_key_0, eph_public_key_1, maxEpoch, BigInt(randomness)]);
-	const Z = toBigEndianBytes(bigNum, 20);
+	const Z = toPaddedBigEndianBytes(bigNum, 20);
 	const nonce = base64url.encode(Z);
 	if (nonce.length !== NONCE_LENGTH) {
 		throw new Error(`Length of nonce ${nonce} (${nonce.length}) is not equal to ${NONCE_LENGTH}`);