From b7c901f8b31a9b24ac3864767ef0bd001985df05 Mon Sep 17 00:00:00 2001
From: everbarry <alessandro.preiti@protonmail.com>
Date: Fri, 10 Apr 2026 12:30:01 +0200
Subject: [PATCH] fix fuzz bug

---
 src/credential/bbs.rs | 18 +++++++++++++++++-
 1 file changed, 17 insertions(+), 1 deletion(-)

diff --git a/src/credential/bbs.rs b/src/credential/bbs.rs
index ae96cfe..d9e12cc 100644
--- a/src/credential/bbs.rs
+++ b/src/credential/bbs.rs
@@ -235,6 +235,7 @@ impl Presentation {
 }
 
 /// Server-side: verify a presentation against a public key, expected role_id and epoch.
+/// zkryptium may panic on malformed proofs; that is turned into [`Error::InvalidPresentation`].
 pub fn verify_presentation(
     pk: &IssuerPublicKey,
     presentation: &Presentation,
@@ -246,6 +247,21 @@ pub fn verify_presentation(
         return Err(Error::InvalidPresentation);
     }
 
+    match std::panic::catch_unwind(std::panic::AssertUnwindSafe(|| {
+        verify_presentation_inner(pk, presentation, role_id, epoch, nonce)
+    })) {
+        Ok(r) => r,
+        Err(_) => Err(Error::InvalidPresentation),
+    }
+}
+
+fn verify_presentation_inner(
+    pk: &IssuerPublicKey,
+    presentation: &Presentation,
+    role_id: &[u8; 32],
+    epoch: u64,
+    nonce: &[u8],
+) -> Result<()> {
     let proof = PoKSignature::<CS>::from_bytes(&presentation.proof_bytes)
         .map_err(|e| Error::CredentialError(format!("invalid proof: {e}")))?;
 
@@ -258,7 +274,7 @@ pub fn verify_presentation(
             Some(nonce),
             Some(2), // L = number of issuer messages
             Some(&disclosed_msgs),
-            None, // no disclosed committed messages
+            None,
             Some(&[0, 1]),
             None,
         )