Skip to content

Commit

Permalink
Secp256k1 disable malleability check when verifying
Browse files Browse the repository at this point in the history
  • Loading branch information
@mistermoe @frankhinek
mistermoe authored and frankhinek committed Nov 2, 2023
1 parent aeb2597 commit f251d5d
Showing 1 changed file with 6 additions and 3 deletions.
9 changes: 6 additions & 3 deletions packages/crypto/src/crypto-primitives/secp256k1.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -311,9 +311,12 @@ export class Secp256k1 {
const hashFunction = this.hashAlgorithms[hash];
const digest = hashFunction(data);

// Verify operation.
const isValid = secp256k1.verify(signature, digest, key);
// Verify operation with malleability check disabled. Guaranteed support for low-s
// signatures across languages is unlikely especially in the context of SSI.
// Notable Cloud KMS providers do not natively support it either.
// low-s signatures are a requirement for Bitcoin
const isValid = secp256k1.verify(signature, digest, key, { lowS: false });

return isValid;
}
}
}

0 comments on commit f251d5d

Please sign in to comment.