Tag
The p3-challenger rust package is vulnerable to transcript malleability and challenge entropy loss, allowing attackers to craft distinct transcripts that produce identical challenges, breaking the binding property of Fiat-Shamir due to partial-chunk aliasing, non-injective squeeze, and high-bit truncation.