Skip to content

Commit

Permalink
Secp256k1 disable malleability check when verifying
Browse files Browse the repository at this point in the history
  • Loading branch information
@mistermoe
mistermoe authored Oct 17, 2023
1 parent f3c7184 commit 16556f1
Showing 1 changed file with 6 additions and 3 deletions.
9 changes: 6 additions & 3 deletions packages/crypto/src/crypto-primitives/secp256k1.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -311,9 +311,12 @@ export class Secp256k1 {
const hashFunction = this.hashAlgorithms[hash];
const digest = hashFunction(data);

// Verify operation.
const isValid = secp256k1.verify(signature, digest, key);
// Verify operation with malleability check disabled. Guaranteed support for low-s
// signatures across languages is unlikely especially in the context of SSI.

Check failure on line 315 in packages/crypto/src/crypto-primitives/secp256k1.ts

View workflow job for this annotation

GitHub Actions / test-with-node 

Trailing spaces not allowed
// Notable Cloud KMS providers do not natively support it either.

Check failure on line 316 in packages/crypto/src/crypto-primitives/secp256k1.ts

View workflow job for this annotation

GitHub Actions / test-with-node 

Trailing spaces not allowed
// low-s signatures are a requirement for Bitcoin
const isValid = secp256k1.verify(signature, digest, key, { lowS: false });

return isValid;
}
}
}

0 comments on commit 16556f1

Please sign in to comment.