From 7ac06dd467c85e9c0c4b3d99957051278ac99f06 Mon Sep 17 00:00:00 2001 From: Jamie Newton <33573418+newtsjamie@users.noreply.github.com> Date: Tue, 7 Apr 2026 17:21:58 +0900 Subject: [PATCH] fix: increase MAX_SIG_STRUCTURE_SIZE from 5120 to 8192 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit CapCut/Bytedance videos have sig_structure of 5241 bytes (RSA-4096 intermediate chain), exceeding the 5120 limit. Increase to 8192 to accommodate RSA-4096 chains and future enterprise 4-cert chains. sha256_var only hashes actual bytes, so unused buffer costs zero constraints — only signers with larger chains pay the extra cost. Co-Authored-By: Claude Opus 4.6 (1M context) --- proof_b/src/main.nr | 10 +++++----- proof_b_es256/src/main.nr | 6 +++--- proof_b_ps256/src/main.nr | 6 +++--- 3 files changed, 11 insertions(+), 11 deletions(-) diff --git a/proof_b/src/main.nr b/proof_b/src/main.nr index 19d6dd0..9aee8a5 100644 --- a/proof_b/src/main.nr +++ b/proof_b/src/main.nr @@ -55,11 +55,11 @@ global RSA_NUM_LIMBS: u32 = 18; /// Maximum size of COSE Sig_structure (CBOR encoded) /// Sig_structure = ["Signature1", protected_headers, external_aad, payload] -/// ChatGPT images have large protected headers (~2000 bytes) containing full cert chain -/// plus claim payload (~700 bytes), totaling ~2700 bytes. -/// Adobe Photoshop images can have larger protected headers (~3400 bytes) with cert chain -/// plus claim payload (~1000 bytes), totaling ~4400 bytes. Use 5120 for safety margin. -global MAX_SIG_STRUCTURE_SIZE: u32 = 5120; +/// Size is dominated by DER-encoded certificate chain in protected headers. +/// Known sizes: ChatGPT ~2700, Adobe ~4400, CapCut ~5241 bytes. +/// 8192 accommodates RSA-4096 chains and 4-cert enterprise chains with headroom. +/// sha256_var only hashes actual bytes, so unused buffer costs zero constraints. +global MAX_SIG_STRUCTURE_SIZE: u32 = 8192; /// Maximum size of C2PA claim (CBOR encoded) global MAX_CLAIM_SIZE: u32 = 2048; diff --git a/proof_b_es256/src/main.nr b/proof_b_es256/src/main.nr index 814284f..a13f53c 100644 --- a/proof_b_es256/src/main.nr +++ b/proof_b_es256/src/main.nr @@ -36,9 +36,9 @@ use dep::poseidon::poseidon2::Poseidon2; global MERKLE_TREE_DEPTH: u32 = 8; /// Maximum size of COSE Sig_structure (CBOR encoded) -/// ES256 images typically have smaller protected headers (~2000 bytes) than RSA -/// but we keep the same size for compatibility -global MAX_SIG_STRUCTURE_SIZE: u32 = 5120; +/// Size is dominated by DER-encoded certificate chain in protected headers. +/// 8192 accommodates RSA-4096 chains and 4-cert enterprise chains with headroom. +global MAX_SIG_STRUCTURE_SIZE: u32 = 8192; /// Maximum size of C2PA claim (CBOR encoded) global MAX_CLAIM_SIZE: u32 = 2048; diff --git a/proof_b_ps256/src/main.nr b/proof_b_ps256/src/main.nr index f882783..f463e10 100644 --- a/proof_b_ps256/src/main.nr +++ b/proof_b_ps256/src/main.nr @@ -42,9 +42,9 @@ global MERKLE_TREE_DEPTH: u32 = 8; global RSA_NUM_LIMBS: u32 = 18; /// Maximum size of COSE Sig_structure (CBOR encoded) -/// Adobe Photoshop images have large protected headers (~3400 bytes) with cert chain -/// plus claim payload (~1000 bytes), totaling ~4400 bytes. Use 5120 for safety margin. -global MAX_SIG_STRUCTURE_SIZE: u32 = 5120; +/// Size is dominated by DER-encoded certificate chain in protected headers. +/// 8192 accommodates RSA-4096 chains and 4-cert enterprise chains with headroom. +global MAX_SIG_STRUCTURE_SIZE: u32 = 8192; /// Maximum size of C2PA claim (CBOR encoded) global MAX_CLAIM_SIZE: u32 = 2048;