From f251d5d4b90dddfa9ecff552565b8677d5b3b8a0 Mon Sep 17 00:00:00 2001
From: Moe Jangda <moe@tbd.email>
Date: Tue, 17 Oct 2023 03:24:42 -0500
Subject: [PATCH] `Secp256k1` disable malleability check when verifying

---
 packages/crypto/src/crypto-primitives/secp256k1.ts | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/packages/crypto/src/crypto-primitives/secp256k1.ts b/packages/crypto/src/crypto-primitives/secp256k1.ts
index 2626eb4de..66c75294b 100644
--- a/packages/crypto/src/crypto-primitives/secp256k1.ts
+++ b/packages/crypto/src/crypto-primitives/secp256k1.ts
@@ -311,9 +311,12 @@ export class Secp256k1 {
     const hashFunction = this.hashAlgorithms[hash];
     const digest = hashFunction(data);
 
-    // Verify operation.
-    const isValid = secp256k1.verify(signature, digest, key);
+    // Verify operation with malleability check disabled. Guaranteed support for low-s
+    // signatures across languages is unlikely especially in the context of SSI. 
+    // Notable Cloud KMS providers do not natively support it either. 
+    // low-s signatures are a requirement for Bitcoin
+    const isValid = secp256k1.verify(signature, digest, key, { lowS: false });
 
     return isValid;
   }
-}
\ No newline at end of file
+}