Merge pull request #27 from zkemail/audit/correct-value-compared-to-d…

…kim-header-length veredise audit fix: wrong value compared to dkim header length
zkemail · Jan 13, 2025 · 18ba92c · 18ba92c
2 parents 52c5bb4 + 6e90b5b
commit 18ba92c
Show file tree

Hide file tree

Showing 10 changed files with 75 additions and 44 deletions.
diff --git a/examples/verify_email_2048_bit_dkim/Prover.toml b/examples/verify_email_2048_bit_dkim/Prover.toml
@@ -0,0 +1,18 @@
+signature = ['0x5779c85587e51cb8de5c29d7fdfeb0', '0xcd7ea8b6119f76f117ecb5042f8fc0', '0xeb7ac32b81d5a87bc2046fa0004e27', '0x62708c43b0c07a8fe8bdc97c479138', '0xc1e90d184f22a80be4a484a6ebd462', '0x39f3ff00e47728aaf74802d2d1d07b', '0x0f39de2cf99bf20dab7b8ae9240acd', '0xf4875cb76ce2538f255d70476136d6', '0xde151a5005ca614d6af7dd01e2a083', '0x6fe12b286f3195cae005fd7d2a1766', '0xd6e43a3060eccc555f2ee1e2929932', '0x0d5fa7cc79c794ae80310b491a1b40', '0x9cff415204cbc05c772ede05903440', '0xe7190ccff38575ae70dd055cd892d2', '0xf34bb777c0c842b0e88738eafdf634', '0x21040437e1e945a201ff58e542be68', '0x12f254fa4a0fb776ffe8759eb9eefa', '0x12']
+body_hash_index = '363'
+
+[header]
+storage = ['102', '114', '111', '109', '58', '114', '117', '110', '110', '105', '101', '114', '46', '108', '101', '97', '103', '117', '101', '115', '46', '48', '106', '64', '105', '99', '108', '111', '117', '100', '46', '99', '111', '109', '13', '10', '99', '111', '110', '116', '101', '110', '116', '45', '116', '121', '112', '101', '58', '116', '101', '120', '116', '47', '112', '108', '97', '105', '110', '59', '32', '99', '104', '97', '114', '115', '101', '116', '61', '117', '115', '45', '97', '115', '99', '105', '105', '13', '10', '109', '105', '109', '101', '45', '118', '101', '114', '115', '105', '111', '110', '58', '49', '46', '48', '32', '40', '77', '97', '99', '32', '79', '83', '32', '88', '32', '77', '97', '105', '108', '32', '49', '54', '46', '48', '32', '92', '40', '51', '55', '51', '49', '46', '53', '48', '48', '46', '50', '51', '49', '92', '41', '41', '13', '10', '115', '117', '98', '106', '101', '99', '116', '58', '72', '101', '108', '108', '111', '13', '10', '109', '101', '115', '115', '97', '103', '101', '45', '105', '100', '58', '60', '56', '70', '56', '49', '57', '68', '51', '50', '45', '66', '54', '65', '67', '45', '52', '56', '57', '68', '45', '57', '55', '55', '70', '45', '52', '51', '56', '66', '66', '67', '52', '67', '65', '66', '50', '55', '64', '109', '101', '46', '99', '111', '109', '62', '13', '10', '100', '97', '116', '101', '58', '83', '97', '116', '44', '32', '50', '54', '32', '65', '117', '103', '32', '50', '48', '50', '51', '32', '49', '50', '58', '50', '53', '58', '50', '50', '32', '43', '48', '52', '48', '48', '13', '10', '116', '111', '58', '122', '107', '101', '119', '116', '101', '115', '116', '64', '103', '109', '97', '105', '108', '46', '99', '111', '109', '13', '10', '100', '107', '105', '109', '45', '115', '105', '103', '110', '97', '116', '117', '114', '101', '58', '118', '61', '49', '59', '32', '97', '61', '114', '115', '97', '45', '115', '104', '97', '50', '53', '54', '59', '32', '99', '61', '114', '101', '108', '97', '120', '101', '100', '47', '114', '101', '108', '97', '120', '101', '100', '59', '32', '100', '61', '105', '99', '108', '111', '117', '100', '46', '99', '111', '109', '59', '32', '115', '61', '49', '97', '49', '104', '97', '105', '59', '32', '116', '61', '49', '54', '57', '51', '48', '51', '56', '51', '51', '55', '59', '32', '98', '104', '61', '55', '120', '81', '77', '68', '117', '111', '86', '86', '85', '52', '109', '48', '87', '48', '87', '82', '86', '83', '114', '86', '88', '77', '101', '71', '83', '73', '65', '83', '115', '110', '117', '99', '75', '57', '100', '74', '115', '114', '99', '43', '118', '85', '61', '59', '32', '104', '61', '102', '114', '111', '109', '58', '67', '111', '110', '116', '101', '110', '116', '45', '84', '121', '112', '101', '58', '77', '105', '109', '101', '45', '86', '101', '114', '115', '105', '111', '110', '58', '83', '117', '98', '106', '101', '99', '116', '58', '77', '101', '115', '115', '97', '103', '101', '45', '73', '100', '58', '68', '97', '116', '101', '58', '116', '111', '59', '32', '98', '61', '128', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '14', '192']
+len = '472'
+
+[pubkey]
+modulus = ['0xe5cf995b5ef59ce9943d1f4209b6ab', '0xe0caf03235e91a2db27e9ed214bcc6', '0xafe1309f87414bd36ed296dacfade2', '0xbeff3f19046a43adce46c932514988', '0x324041af8736e87de4358860fff057', '0xadcc6669dfa346f322717851a8c22a', '0x8b2a193089e6bf951c553b5a6f71aa', '0x0a570fe582918c4f731a0002068df2', '0x39419a433d6bfdd1978356cbca4b60', '0x550d695a514d38b45c862320a00ea5', '0x1c56ac1dfbf1beea31e8a613c2a51f', '0x6a30c9f22d2e5cb6934263d0838809', '0x0a281f268a44b21a4f77a91a52f960', '0x5134dc3966c8e91402669a47cc8597', '0x71590781df114ec072e641cdc5d224', '0xa1bc0f0937489c806c1944fd029dc9', '0x911f6e47f84db3b64c3648ebb5a127', '0xd5']
+redc = ['0xa48a824e4ebc7e0f1059f3ecfa57c4', '0x05c1db23f3c7d47ad7e7d7cfda5189', '0x79bb6bbbd8facf011f022fa9051aec', '0x24faa4cef474bed639362ea71f7a21', '0x1503aa50b77e24b030841a7d061581', '0x5bbf4e62805e1860a904c0f66a5fad', '0x5cbd24b72442d2ce647dd7d0a44368', '0x074a8839a4460c169dce7138efdaef', '0x0f06e09e3191b995b08e5b45182f65', '0x51fad4a89f8369fe10e5d4b6e149a1', '0xdc778b15982d11ebf7fe23b4e15f10', '0xa09ff3a4567077510c474e4ac0a21a', '0xb37e69e5dbb77167b73065e4c5ad6a', '0xecf4774e22e7fe3a38642186f7ae74', '0x16e72b5eb4c813a3b37998083aab81', '0xa48e7050aa8abedce5a45c16985376', '0xdd3285e53b322b221f7bcf4f8f8ad8', '0x0132']
+
+[dkim_header_sequence]
+index = '269'
+length = '203'
+
+[body]
+storage = ['72', '101', '108', '108', '111', '44', '13', '10', '13', '10', '72', '111', '119', '32', '97', '114', '101', '32', '121', '111', '117', '63', '13', '10', '128', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '192', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0']
+len = '24'
diff --git a/js/package.json b/js/package.json
@@ -13,8 +13,8 @@
   "dependencies": {
     "@mach-34/noir-bignum-paramgen": "^1.1.0",
     "@noir-lang/backend_barretenberg": "=0.36.0",
-    "@noir-lang/noir_js": "=0.36.0",
-    "@noir-lang/noirc_abi": "^0.36.0",
+    "@noir-lang/noir_js": "=0.38.0",
+    "@noir-lang/noirc_abi": "=0.36.0",
     "@zk-email/helpers": "=6.1.5"
   },
   "devDependencies": {

diff --git a/js/yarn.lock b/js/yarn.lock
@@ -1664,10 +1664,10 @@
     "@nodelib/fs.scandir" "2.1.5"
     fastq "^1.6.0"
 
-"@noir-lang/acvm_js@0.52.0":
-  version "0.52.0"
-  resolved "https://registry.yarnpkg.com/@noir-lang/acvm_js/-/acvm_js-0.52.0.tgz#7e028c1a1fdc01e37333e9e04bc2cf147db9448c"
-  integrity sha512-QEREOIbq+jK/Bqs9jk0+XAS/KYmQX7lBEUYhdFMxkNIQf3hDQ3hr9PcelOWQtoxiDn6IJ2sr7t7yeZFdRqCvhg==
+"@noir-lang/acvm_js@0.54.0":
+  version "0.54.0"
+  resolved "https://registry.yarnpkg.com/@noir-lang/acvm_js/-/acvm_js-0.54.0.tgz#0d209e56ed062c92ba540118ef50d66e094acba1"
+  integrity sha512-yUMHXPQ2tlMGhFfAuvkt6HgQwUjlGrpvLMIp4gkwu0/0z1ueoKIOgEsqMcmbjYR+16iEYzv9RVKmNmye1yjr0g==
 
 "@noir-lang/backend_barretenberg@=0.36.0":
   version "0.36.0"
@@ -1678,16 +1678,23 @@
     "@noir-lang/types" "0.36.0"
     fflate "^0.8.0"
 
-"@noir-lang/noir_js@=0.36.0":
-  version "0.36.0"
-  resolved "https://registry.yarnpkg.com/@noir-lang/noir_js/-/noir_js-0.36.0.tgz#63ef02cb8635a8edf6b32243aefcb7fdd4c3ce46"
-  integrity sha512-qMAfqkcWfERxS1IOeAjTssZGVolNLVIQhHI/Ers7iIx3tZYhejHRe30cMFdhgdJ9nfpqJea+TvlsKLsXbEBMfw==
+"@noir-lang/noir_js@=0.38.0":
+  version "0.38.0"
+  resolved "https://registry.yarnpkg.com/@noir-lang/noir_js/-/noir_js-0.38.0.tgz#3940e34d2035e2369943caba272df878acf842af"
+  integrity sha512-9n1WeC9uAwCEkpSirwV+FtkZzCqO5vG8UFbkv1I1QValFWi+GlVKmlbEGTsCBA1HuJqPzOK0zdhagVi7K108vw==
   dependencies:
-    "@noir-lang/acvm_js" "0.52.0"
-    "@noir-lang/noirc_abi" "0.36.0"
-    "@noir-lang/types" "0.36.0"
+    "@noir-lang/acvm_js" "0.54.0"
+    "@noir-lang/noirc_abi" "0.38.0"
+    "@noir-lang/types" "0.38.0"
 
-"@noir-lang/[email protected]", "@noir-lang/noirc_abi@^0.36.0":
+"@noir-lang/[email protected]":
+  version "0.38.0"
+  resolved "https://registry.yarnpkg.com/@noir-lang/noirc_abi/-/noirc_abi-0.38.0.tgz#66ac2b8a34d829d85c087e2b0dd58142a037a41d"
+  integrity sha512-LIE9kha5lv+VW8lbivh2nKyUD2UX0hHPCxmvRS7L/bNfyw6fuIhCs/4/n05Qli+1Ab7srHB+TcG1QIqaC9XO8g==
+  dependencies:
+    "@noir-lang/types" "0.38.0"
+
+"@noir-lang/noirc_abi@=0.36.0":
   version "0.36.0"
   resolved "https://registry.yarnpkg.com/@noir-lang/noirc_abi/-/noirc_abi-0.36.0.tgz#b4bb93897f2ce90e951000139810dc726206e234"
   integrity sha512-xRs13RQArV+m4ehkWpbAB/67z7WBfB/EgFJTJtd2/QMdtJSDWJ+8zcf5oOjX+YpDt38c9qY9d/SRdIzws34m3w==
@@ -1699,6 +1706,11 @@
   resolved "https://registry.yarnpkg.com/@noir-lang/types/-/types-0.36.0.tgz#695f7ae552caf2d9033bdf6964d2d5ba6ac5db39"
   integrity sha512-3A/yJtnbTsn0o3T/D3YPs5b0vPOxYwos6Y5Ko6NhZsE6V31rYPv2a2NYmbfJRYuriwwzFbdE8+ui3UiV5BmvWw==
 
+"@noir-lang/[email protected]":
+  version "0.38.0"
+  resolved "https://registry.yarnpkg.com/@noir-lang/types/-/types-0.38.0.tgz#3baec5955094c62b7fb1ba59e57843e396615abf"
+  integrity sha512-mP2oQQ7iQ8W8ned4kG+oYa0Vg/+arrPzD38Mc1WG1y1uHHb+pXsqUZAer9dqxlv2O3YPyWM+dUNg2zLiY6Wa6w==
+
 "@rtsao/scc@^1.1.0":
   version "1.1.0"
   resolved "https://registry.yarnpkg.com/@rtsao/scc/-/scc-1.1.0.tgz#927dd2fae9bc3361403ac2c7a00c32ddce9ad7e8"

diff --git a/lib/src/dkim.nr b/lib/src/dkim.nr
@@ -1,7 +1,7 @@
-use std::hash::{sha256_var, pedersen_hash};
+use crate::{KEY_LIMBS_1024, KEY_LIMBS_2048, RSA_EXPONENT};
 use bignum::{params::BigNumParams, RuntimeBigNum};
 use rsa::{rsa::verify_sha256_pkcs1v15, types::{RBN1024, RBN2048}};
-use crate::{KEY_LIMBS_1024, KEY_LIMBS_2048, RSA_EXPONENT};
+use std::hash::{pedersen_hash, sha256_var};
 
 pub struct RSAPubkey<let KEY_LIMBS: u32> {
     modulus: [Field; KEY_LIMBS],

diff --git a/lib/src/headers/body_hash.nr b/lib/src/headers/body_hash.nr
@@ -27,22 +27,23 @@ pub fn get_body_hash<let MAX_HEADER_LENGTH: u32>(
     // constrain access to the body hash
     assert(
         body_hash_index > dkim_header_field_sequence.index
-            & body_hash_index < dkim_header_field_sequence.end_index() + 1,
-        "Body hash index accessed outside of DKIM header field",
-    );
-    let bh_prefix: [u8; 5] = comptime { "; bh=".as_bytes() };
-    for i in 0..5 {
-        let character = header.get_unchecked(body_hash_index - 5 + i);
-        assert(character == bh_prefix[i], "No 'bh=' prefix found at asserted bh index");
+            & body_hash_index + BODY_HASH_BASE64_LENGTH < dkim_header_field_sequence.end_index() + 1
+            ,
+            "Body hash index accessed outside of DKIM header field",
+        );
+        let bh_prefix: [u8; 5] = comptime { "; bh=".as_bytes() };
+        for i in 0..5 {
+            let character = header.get_unchecked(body_hash_index - 5 + i);
+            assert(character == bh_prefix[i], "No 'bh=' prefix found at asserted bh index");
+        }
+        let bh_suffix: u8 = comptime { ";".as_bytes()[0] };
+        assert(
+            header.get_unchecked(body_hash_index + BODY_HASH_BASE64_LENGTH) == bh_suffix,
+            "No ';' suffix found at asserted bh index",
+        );
+        // get the body hash
+        get_body_hash_unsafe(header, body_hash_index)
     }
-    let bh_suffix: u8 = comptime { ";".as_bytes()[0] };
-    assert(
-        header.get_unchecked(body_hash_index + BODY_HASH_BASE64_LENGTH) == bh_suffix,
-        "No ';' suffix found at asserted bh index",
-    );
-    // get the body hash
-    get_body_hash_unsafe(header, body_hash_index)
-}
 
 /**
  * Get the body hash from the header without validating the access index

diff --git a/lib/src/headers/email_address.nr b/lib/src/headers/email_address.nr
@@ -1,6 +1,6 @@
 use crate::{
-    Sequence, MAX_EMAIL_ADDRESS_LENGTH, EMAIL_ADDRESS_CHAR_TABLE,
-    headers::constrain_header_field_detect_last_angle_bracket,
+    EMAIL_ADDRESS_CHAR_TABLE, headers::constrain_header_field_detect_last_angle_bracket,
+    MAX_EMAIL_ADDRESS_LENGTH, Sequence,
 };
 
 pub fn get_email_address<let MAX_HEADER_LENGTH: u32, let HEADER_FIELD_NAME_LENGTH: u32>(

diff --git a/lib/src/lib.nr b/lib/src/lib.nr
@@ -1,5 +1,5 @@
-use std::hash::pedersen_hash;
 use crate::dkim::RSAPubkey;
+use std::hash::pedersen_hash;
 
 pub mod dkim;
 pub mod headers;

diff --git a/lib/src/macro.nr b/lib/src/macro.nr
@@ -1,15 +1,15 @@
 use dep::std::{
-    meta::unquote, collections::umap::UHashMap,
-    hash::{BuildHasherDefault, poseidon2::Poseidon2Hasher}, option::Option,
+    collections::umap::UHashMap, hash::{BuildHasherDefault, poseidon2::Poseidon2Hasher},
+    meta::unquote, option::Option,
 };
 
-use dep::std::{
-    collections::bounded_vec::BoundedVec, hash::{sha256_var, pedersen_hash}, panic::panic,
-};
+use crate::{KEY_BYTES_1024, KEY_LIMBS_1024, RSA_EXPONENT};
 use dep::rsa::{
-    bignum::{fields::{Params1024, Params2048}, runtime_bignum::BigNumInstance, BigNum}, types::RSA,
+    bignum::{BigNum, fields::{Params1024, Params2048}, runtime_bignum::BigNumInstance}, types::RSA,
+};
+use dep::std::{
+    collections::bounded_vec::BoundedVec, hash::{pedersen_hash, sha256_var}, panic::panic,
 };
-use crate::{KEY_LIMBS_1024, KEY_BYTES_1024, RSA_EXPONENT};
 
 type BN1024 = BigNum<KEY_LIMBS_1024, Params1024>;
 type RSA1024 = RSA<BN1024, BigNumInstance<KEY_LIMBS_1024, Params1024>, KEY_BYTES_1024>;

diff --git a/lib/src/partial_hash.nr b/lib/src/partial_hash.nr
@@ -1,5 +1,5 @@
-use std::runtime::is_unconstrained;
 use std::hash::sha256_compression;
+use std::runtime::is_unconstrained;
 
 // https://github.com/noir-lang/noir/blob/76eec710ff73e5e45fdddcd41ae2cd74e879cfa5/noir_stdlib/src/hash/sha256.nr#L23
 // Convert 64-byte array to array of 16 u32s

diff --git a/lib/src/tests/test_inputs.nr b/lib/src/tests/test_inputs.nr
@@ -1,6 +1,6 @@
 pub(crate) mod EmailLarge {
 
-    use crate::{Sequence, KEY_LIMBS_2048, dkim::RSAPubkey};
+    use crate::{dkim::RSAPubkey, KEY_LIMBS_2048, Sequence};
 
     // regular inputs
     pub(crate) global EMAIL_LARGE_MAX_HEADER_LENGTH: u32 = 512;
@@ -207,7 +207,7 @@ pub(crate) mod EmailLarge {
 
 pub(crate) mod EmailAddresses {
 
-    use crate::{Sequence, MAX_EMAIL_ADDRESS_LENGTH};
+    use crate::{MAX_EMAIL_ADDRESS_LENGTH, Sequence};
     pub(crate) global ADDRESS: BoundedVec<u8, MAX_EMAIL_ADDRESS_LENGTH> =
         BoundedVec::from_array("[email protected]".as_bytes());
     pub(crate) global ADDRESS_ONLY: [u8; 38] =