libplanet
libplanet copied to clipboard
Published
20 hours ago •
planetarium
planetarium
`PublicKey.Verify()` method should fail on high-S signatures
At the moment, PublicKey.Verify() method is agnostic of whether the signature is on the high-S side of the ECDSA curve, or on the low-S side. However, according to BIP-146, only the low-S signature should be used (as there can be two signatures (high-S and low-S) for a given message.) As such, this method should fail to verify the message whenever the high-S signature is used.
For reference:
- Discussion on Discord: https://discord.com/channels/928926944937013338/970554437733073027/1086185911986954280
- #2957, which was an attempt to match the current behavior of
PublicKey.Verify()
This issue has been automatically marked as stale because it has not had recent activity. Thank you for your contributions.
![stale[bot] avatar](https://avatars.githubusercontent.com/in/1724?v=4 "Published by a pub.dev verified publisher"){kind=small}