Notes

• It allows malicious provers to forge proofs by repeatedly querying the same polynomial at the same evaluation point.
• The vulnerability affects multiple widely used Halo2 versions, including Zcash and PSE.
• Fix methods include detecting and rejecting query collisions in multi-point opening parameters.
• Currently, no known production circuits are affected by this vulnerability.
• The relevant teams have quickly responded and fixed this vulnerability.

• 查询碰撞漏洞允许恶意证明者通过重复查询同一多项式在同一评估点来伪造证明。
• 该漏洞影响多个广泛使用的Halo2版本，包括Zcash和PSE。
• 修复方法包括在多点开放参数中检测并拒绝查询碰撞。
• 目前没有已知的生产电路受到此漏洞的影响。
• 相关团队已经迅速响应并修复了此漏洞。