From 16556f1dbe53820bf87cb94d430d24c130883f9d Mon Sep 17 00:00:00 2001
From: Moe Jangda <moe@tbd.email>
Date: Tue, 17 Oct 2023 03:24:42 -0500
Subject: [PATCH 1/2] `Secp256k1` disable malleability check when verifying

---
 packages/crypto/src/crypto-primitives/secp256k1.ts | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/packages/crypto/src/crypto-primitives/secp256k1.ts b/packages/crypto/src/crypto-primitives/secp256k1.ts
index 2626eb4de..66c75294b 100644
--- a/packages/crypto/src/crypto-primitives/secp256k1.ts
+++ b/packages/crypto/src/crypto-primitives/secp256k1.ts
@@ -311,9 +311,12 @@ export class Secp256k1 {
     const hashFunction = this.hashAlgorithms[hash];
     const digest = hashFunction(data);
 
-    // Verify operation.
-    const isValid = secp256k1.verify(signature, digest, key);
+    // Verify operation with malleability check disabled. Guaranteed support for low-s
+    // signatures across languages is unlikely especially in the context of SSI. 
+    // Notable Cloud KMS providers do not natively support it either. 
+    // low-s signatures are a requirement for Bitcoin
+    const isValid = secp256k1.verify(signature, digest, key, { lowS: false });
 
     return isValid;
   }
-}
\ No newline at end of file
+}

From 267c41588a84bfdf81fb6d7f76c1ac96a4fa78a7 Mon Sep 17 00:00:00 2001
From: Moe Jangda <moe@tbd.email>
Date: Thu, 19 Oct 2023 21:49:01 -0700
Subject: [PATCH 2/2] make linter happy

---
 packages/crypto/src/crypto-primitives/secp256k1.ts | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/packages/crypto/src/crypto-primitives/secp256k1.ts b/packages/crypto/src/crypto-primitives/secp256k1.ts
index 66c75294b..a958210bb 100644
--- a/packages/crypto/src/crypto-primitives/secp256k1.ts
+++ b/packages/crypto/src/crypto-primitives/secp256k1.ts
@@ -312,8 +312,8 @@ export class Secp256k1 {
     const digest = hashFunction(data);
 
     // Verify operation with malleability check disabled. Guaranteed support for low-s
-    // signatures across languages is unlikely especially in the context of SSI. 
-    // Notable Cloud KMS providers do not natively support it either. 
+    // signatures across languages is unlikely especially in the context of SSI.
+    // Notable Cloud KMS providers do not natively support it either.
     // low-s signatures are a requirement for Bitcoin
     const isValid = secp256k1.verify(signature, digest, key, { lowS: false });