CVE-2026-46654
HIGH SEVERITYVulnerability Description
Plonky3 is a toolkit for polynomial IOPs (PIOPs). Prior to versions 0.4.3 and 0.5.3, an attacker controlling prover-side observations can craft distinct transcripts that produce identical challenges, breaking the binding property of Fiat-Shamir. This issue has been patched in versions 0.4.3 and 0.5.3.
Vulnerability Details
Published Date
Last Modified
CWE ID
CWE-345
Source
GitHub
Vendor
rust
Product
p3-challenger
Discussion (0)
Add Comment
No comments yet. Be the first!