[M-3] Panic on mismatched deferred evaluations length

[this-vishalsingh]

• Context: provekit/verifier/src/whir_r1cs.rs

Description

The verifier asserts on the length of deferred_evals using assert!, causing a panic and potential denial-of-service if the proof yields an unexpected number of deferred evaluations. In the multi-challenge mode, it asserts deferred_evals.len() == offset + 6.

In the single-challenge mode, it asserts deferred_evals.len() == offset + 3 (lines 222-226). A malicious proof could trigger these assertions.

Impact

• Bug type - Security misconfig
• Impacted code:

if self.num_challenges > 0 {
    assert!(
        deferred_evals.len() == offset + 6,
        "Deferred evals length does not match"
    );
} else {
    assert!(
        deferred_evals.len() == offset + 3,
        "Deferred evals length does not match"
    );
}

Recommendation

Replace assert! statements with ensure! or explicit error handling to return a controlled verification error instead of panicking.