Switch slice method from index to length

src/CertManager.sol

@@ -176,7 +176,7 @@ contract CertManager {
         );
 
         uint256 end = subjectPubKeyPtr.content() + subjectPubKeyPtr.length();
-        subjectPubKey = certificate.slice(end - 96, end);
+        subjectPubKey = certificate.slice(end - 96, 96);
     }
 
     function _verifyValidity(bytes memory certificate, NodePtr validityPtr) internal view returns (uint256 notAfter) {

src/LibBytes.sol

@@ -8,19 +8,18 @@ library LibBytes {
         }
     }
 
-    function slice(bytes memory b, uint256 from, uint256 to) internal pure returns (bytes memory result) {
-        require(from <= to, "from greater than to");
-        require(to <= b.length, "index out of bounds");
+    function slice(bytes memory b, uint256 offset, uint256 length) internal pure returns (bytes memory result) {
+        require(offset + length <= b.length, "index out of bounds");
 
         // Create a new bytes structure and copy contents
-        result = new bytes(to - from);
+        result = new bytes(length);
         uint256 dest;
         uint256 src;
         assembly {
             dest := add(result, 32)
-            src := add(b, add(32, from))
+            src := add(b, add(32, offset))
         }
-        memcpy(dest, src, result.length);
+        memcpy(dest, src, length);
         return result;
     }
 

src/NitroValidator.sol

@@ -63,7 +63,7 @@ contract NitroValidator {
 
     function decodeAttestationTbs(bytes memory attestation)
         external
-        view
+        pure
         returns (bytes memory attestationTbs, bytes memory signature)
     {
         uint256 offset = 1;
@@ -79,12 +79,10 @@ contract NitroValidator {
         uint256 rawProtectedLength = protectedPtr.content() + protectedPtr.length() - offset;
         uint256 rawPayloadLength =
             payloadPtr.content() + payloadPtr.length() - unprotectedPtr.content() - unprotectedPtr.length();
-        bytes memory rawProtectedBytes = attestation.slice(offset, offset + rawProtectedLength);
-        bytes memory rawPayloadBytes = attestation.slice(
-            unprotectedPtr.content() + unprotectedPtr.length(),
-            unprotectedPtr.content() + unprotectedPtr.length() + rawPayloadLength
-        );
-        signature = attestation.slice(signaturePtr.content(), signaturePtr.content() + signaturePtr.length());
+        bytes memory rawProtectedBytes = attestation.slice(offset, rawProtectedLength);
+        bytes memory rawPayloadBytes =
+            attestation.slice(unprotectedPtr.content() + unprotectedPtr.length(), rawPayloadLength);
+        signature = attestation.slice(signaturePtr.content(), signaturePtr.length());
         attestationTbs =
             _constructAttestationTbs(rawProtectedBytes, rawProtectedLength, rawPayloadBytes, rawPayloadLength);
     }
@@ -141,11 +139,10 @@ contract NitroValidator {
             "invalid nonce"
         );
 
-        bytes memory cert = attestationTbs.slice(ptrs.cert.content(), ptrs.cert.content() + ptrs.cert.length());
+        bytes memory cert = attestationTbs.slice(ptrs.cert.content(), ptrs.cert.length());
         bytes[] memory cabundle = new bytes[](ptrs.cabundle.length);
         for (uint256 i = 0; i < ptrs.cabundle.length; i++) {
-            cabundle[i] =
-                attestationTbs.slice(ptrs.cabundle[i].content(), ptrs.cabundle[i].content() + ptrs.cabundle[i].length());
+            cabundle[i] = attestationTbs.slice(ptrs.cabundle[i].content(), ptrs.cabundle[i].length());
         }
 
         CertManager.CachedCert memory parent = certManager.verifyCertBundle(cert, cabundle);

src/Sha2Ext.sol

@@ -182,7 +182,7 @@ library Sha2Ext {
             paddingLength = 247 - mdi;
         }
         bytes memory padding = new bytes(paddingLength);
-        bytes memory tail = message.slice(offset + length - mdi, offset + length);
+        bytes memory tail = message.slice(offset + length - mdi, mdi);
         return abi.encodePacked(tail, bytes1(0x80), padding, bitLength);
     }