feat: add additional checks

[Thegaram]

1. Purpose or design rationale of this PR

Add additional checks.

2. PR title

Your PR title must follow conventional commits (as we are doing squash merge for each PR), so it must start with one of the following types:

• feat: A new feature

3. Deployment tag versioning

Has the version in params/version.go been updated?

• This PR doesn't involve a new deployment, git tag, docker image tag, and it doesn't affect traces
• Yes

4. Breaking change label

Does this PR have the breaking-change label?

• This PR is not a breaking change
• Yes

Summary by CodeRabbit

• Bug Fixes

  • Improved validation in cryptographic operations to detect and reject invalid public key inputs, including curve points with out-of-range coordinates

• Tests

  • Added test suite for cryptographic operations, covering edge cases such as invalid curve point handling and malformed public key rejection

• Chores

  • Patch version update

[coderabbitai]

📝 Walkthrough

Walkthrough

The PR adds input validation to ECIES key generation and secp256k1 curve operations to prevent processing of invalid public key coordinates. It introduces comprehensive test coverage for these security checks and updates the patch version number.

Changes

Cohort / File(s)	Summary
ECIES and Curve Validation crypto/ecies/ecies.go, crypto/secp256k1/curve.go, crypto/secp256k1/ext.h	Add input validation in GenerateShared and IsOnCurve to reject nil coordinates or values outside the field range; modify secp256k1_ext_scalar_mul to verify scalar loads succeed before proceeding. All changes short-circuit on invalid input.
Test Coverage p2p/rlpx/rlpx_oracle_poc_test.go	Introduces 5 ECIES security test cases: invalid curve oracle, out-of-range coordinates, nil coordinates, invalid curve point import, and a test helper for public key import validation.
Version Update params/version.go	Bumps VersionPatch from 5 to 6.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• bump version to v5.9.5 #1242: Both PRs bump the same VersionPatch constant in params/version.go.
• Feat/debug witness memory issue #1238: Both PRs bump the same VersionPatch constant in params/version.go.

Suggested reviewers

• yiweichi

Poem

🐰 With whiskers twitching, we harden the key,
Validating coordinates for all we can see,
No nil points creeping, no out-of-range fare,
Oracle attacks won't find purchase there! ✨

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Title check	❓ Inconclusive	The title 'feat: add additional checks' is vague and does not clearly convey what specific checks are being added or their purpose, using generic phrasing.	Revise the title to be more specific about the validation checks being added, e.g., 'feat: add ECIES public key and curve validation checks'.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description check	✅ Passed	The PR description follows the required template structure with appropriate conventional commits type and version update confirmation, but the purpose section lacks substantive detail.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

• 📝 Generate docstrings (stacked PR)
• 📝 Generate docstrings (commit on current branch)

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch feat-add-additional-checks

Warning

There were issues while running some tools. Please review the errors and either fix the tool's configuration or disable the tool if it's a critical failure.

🔧 OpenGrep (1.16.3)

crypto/secp256k1/curve.go

┌──────────────┐
│ Opengrep CLI │
└──────────────┘

�[32m✔�[39m �[1mOpengrep OSS�[0m
�[32m✔�[39m Basic security coverage for first-party code vulnerabilities.

�[1m Loading rules from local config...�[0m

crypto/ecies/ecies.go

┌──────────────┐
│ Opengrep CLI │
└──────────────┘

�[32m✔�[39m �[1mOpengrep OSS�[0m
�[32m✔�[39m Basic security coverage for first-party code vulnerabilities.

�[1m Loading rules from local config...�[0m

crypto/secp256k1/ext.h

┌──────────────┐
│ Opengrep CLI │
└──────────────┘

�[32m✔�[39m �[1mOpengrep OSS�[0m
�[32m✔�[39m Basic security coverage for first-party code vulnerabilities.

�[1m Loading rules from local config...�[0m

• 2 others

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

crypto/ecies/ecies.go (1)

121-127: ⚠️ Potential issue | 🔴 Critical

Guard pub before dereferencing it.

GenerateShared(nil, ...) still panics on Line 122 before the new validation runs. Since this method is now the public-key validation gate, please reject pub == nil (and pub.Curve == nil) up front and return ErrInvalidPublicKey instead.

🔧 Proposed fix

 func (prv *PrivateKey) GenerateShared(pub *PublicKey, skLen, macLen int) (sk []byte, err error) {
+	if pub == nil || pub.Curve == nil || pub.X == nil || pub.Y == nil {
+		return nil, ErrInvalidPublicKey
+	}
 	if prv.PublicKey.Curve != pub.Curve {
 		return nil, ErrInvalidCurve
 	}
-	if pub.X == nil || pub.Y == nil || !pub.Curve.IsOnCurve(pub.X, pub.Y) {
+	if !pub.Curve.IsOnCurve(pub.X, pub.Y) {
 		return nil, ErrInvalidPublicKey
 	}

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@crypto/ecies/ecies.go` around lines 121 - 127, The method GenerateShared
currently dereferences pub before validating it; add an up-front guard that
returns ErrInvalidPublicKey if pub == nil or pub.Curve == nil, before any use of
pub or pub.Curve (so this check happens before the existing comparison with
prv.PublicKey.Curve and before pub.X/pub.Y checks); keep the later checks (curve
equality, IsOnCurve, X/Y nil) as-is but ensure the new nil checks are the first
lines in GenerateShared.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@crypto/secp256k1/curve.go`:
- Around line 95-97: The current check only rejects x or y >= BitCurve.P but
allows negative coordinates; update the point-validation logic (the function
that checks x and y against BitCurve.P — e.g., the IsOnCurve / point validation
routine where x and y are compared to BitCurve.P) to also reject negative values
by returning false when x.Sign() < 0 or y.Sign() < 0 (in addition to the
existing x.Cmp(BitCurve.P) >= 0 || y.Cmp(BitCurve.P) >= 0 check), so coordinates
are constrained to the affine field range [0, BitCurve.P).

In `@p2p/rlpx/rlpx_oracle_poc_test.go`:
- Around line 122-126: Add a modulo-equivalent negative test: construct xNeg =
new(big.Int).Sub(key.PublicKey.X, curve.Params().P) and yNeg =
new(big.Int).Sub(key.PublicKey.Y, curve.Params().P) and assert that
curve.IsOnCurve(xNeg, key.PublicKey.Y) and curve.IsOnCurve(key.PublicKey.X,
yNeg) both return false; this ensures IsOnCurve rejects coordinates equivalent
to the real point modulo P (use curve.Params().P, key.PublicKey.X and
key.PublicKey.Y to locate values).

---

Outside diff comments:
In `@crypto/ecies/ecies.go`:
- Around line 121-127: The method GenerateShared currently dereferences pub
before validating it; add an up-front guard that returns ErrInvalidPublicKey if
pub == nil or pub.Curve == nil, before any use of pub or pub.Curve (so this
check happens before the existing comparison with prv.PublicKey.Curve and before
pub.X/pub.Y checks); keep the later checks (curve equality, IsOnCurve, X/Y nil)
as-is but ensure the new nil checks are the first lines in GenerateShared.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 111c9c82-af05-4ced-9b68-a32a3ae37bee

📥 Commits

Reviewing files that changed from the base of the PR and between 7354a17 and 404b88b.

📒 Files selected for processing (5)

• crypto/ecies/ecies.go
• crypto/secp256k1/curve.go
• crypto/secp256k1/ext.h
• p2p/rlpx/rlpx_oracle_poc_test.go
• params/version.go