Add bounded deserialization for CircuitVerifyingKey

[Copilot]

CircuitVerifyingKey::deserialize was vulnerable to unbounded memory allocation when deserializing the circuit_commitments vector, allowing malicious input to exhaust memory.

Changes

• Removed CanonicalDeserialize derive and implemented custom deserialization
• Bounded circuit_commitments to 12 elements (3 matrices × 4 polynomials per Varuna protocol)
• Returns SerializationError::InvalidData when length exceeds bound
• Implemented Valid trait for validation pipeline compatibility
• Added tests verifying bound enforcement and backwards compatibility

Implementation

impl<E: PairingEngine> CanonicalDeserialize for CircuitVerifyingKey<E> {
    fn deserialize_with_mode<R: Read>(
        mut reader: R,
        compress: Compress,
        validate: Validate,
    ) -> Result<Self, SerializationError> {
        let circuit_info = CircuitInfo::deserialize_with_mode(&mut reader, compress, validate)?;
        let len = u64::deserialize_with_mode(&mut reader, compress, validate)?;
        
        const MAX_CIRCUIT_COMMITMENTS: u64 = 12;
        if len > MAX_CIRCUIT_COMMITMENTS {
            return Err(SerializationError::InvalidData);
        }
        
        let mut circuit_commitments = Vec::with_capacity(len as usize);
        for _ in 0..len {
            circuit_commitments.push(sonic_pc::Commitment::deserialize_with_mode(&mut reader, compress, Validate::No)?);
        }
        // ...
    }
}

The bound preserves backwards compatibility—all valid keys (≤12 commitments) deserialize successfully.

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

• esm.ubuntu.com
  • Triggering command: /usr/lib/apt/methods/https /usr/lib/apt/methods/https /struct_type/mod-l ep grep -l s d_script_build-ce321e5ae12df09a.build_script_build.b38a6385c61de7f3-cgu.0.rcgu.o d_script_build-ce321e5ae12df09a.at8745crjbij63ropox62r1ix.rcgu.o s .rs -REDACTED-linux-gnu/lib/libstd-8df6be531efb3fd0.rlib -REDACTED-linux-gnu/lib/libpanic_unwind-e6943c8b7850575a.rlib -REDACTED-linux-gnu/lib/libobject-293bc8e42ad97307.rlib -REDACTED-linux-gnu/lib/libmemchr-4ab95264898e2f40.rlib -REDACTED-linux-gnu/lib/libaddr2line-98301de5f7086436.rlib -REDACTED-linux-gnu/lib/libgimli-c04b364b33261ab8.rlib -REDACTED-linux-gnu/lib/librustc_demangle-7ab55e5a1abede85.rlib -REDACTED-linux-gnu/lib/libstd_detect-f9ea2d02cc19f59b.rlib -REDACTED-linux-gnu/lib/libhashbrown-4b2c04502d3e324b.rlib -REDACTED-linux-gnu/lib/librustc_std_workspace_alloc-1aeb559ec68adac8.rlib (dns block)
• parameters.provable.com
  • Triggering command: /home/REDACTED/work/snarkVM/snarkVM/target/debug/deps/snarkvm_algorithms-fa413e4860477257 /home/REDACTED/work/snarkVM/snarkVM/target/debug/deps/snarkvm_algorithms-fa413e4860477257 snark::varuna cfg(docsrs,test) --check-cfg e-cg�� ons e-cgu.3.rcgu.o e-cgu.4.rcgu.o M/target/debug/bbash e-cgu.6.rcgu.o pointer 8lnh.rcgu.rmeta 1kr1�� ons RL u/13/cc1 nu/lib/librustc_git nu/lib/librustc_add pointer u/13/cc1 (dns block)
• s3.us-west-1.amazonaws.com
  • Triggering command: /home/REDACTED/work/snarkVM/snarkVM/target/debug/deps/snarkvm_algorithms-fa413e4860477257 /home/REDACTED/work/snarkVM/snarkVM/target/debug/deps/snarkvm_algorithms-fa413e4860477257 snark::varuna cfg(docsrs,test) --check-cfg e-cg�� ons e-cgu.3.rcgu.o e-cgu.4.rcgu.o M/target/debug/bbash e-cgu.6.rcgu.o pointer 8lnh.rcgu.rmeta 1kr1�� ons RL u/13/cc1 nu/lib/librustc_git nu/lib/librustc_add pointer u/13/cc1 (dns block)

If you need me to access, download, or install something from one of these locations, you can either:

• Configure Actions setup steps to set up my environment, which run before the firewall is enabled
• Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)

Original prompt

---

This section details on the original issue you should resolve

<issue_title>[Bug] CircuitVerifyingKey unbounded deserialization</issue_title>
<issue_description>## 🐛 Bug Report

In impl<E: PairingEngine> FromBytes for CircuitVerifyingKey<E> {, we should ensure that we don't deserialize more than 12 circuit_commitments, without breaking backwards compatibility.</issue_description>

Comments on the Issue (you are @copilot in this section)

• Fixes [Bug] CircuitVerifyingKey unbounded deserialization #3083

---

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.