You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hello. I believe that I have found a bug with how signatures (and possibly keys) are validated.
I have devised a test where the signature validation will fail 50% on average. I have also confirmed this behavior in two other projects, which caused me to write this test case to figure out what was going on.
For the above code, there are no dependencies besides the built-in webcrypto module and (version 1.7.0) the @noble/secp256k1 library.
I haven't run into this issue until recently, and I suspect it may have something to do with the random data being used for signing, but honestly I'm not sure. The random data will pass the isValidPrivateKey check 100% of the time, but the signature will fail 50% of the time on average.
The text was updated successfully, but these errors were encountered:
Hello. I believe that I have found a bug with how signatures (and possibly keys) are validated.
I have devised a test where the signature validation will fail 50% on average. I have also confirmed this behavior in two other projects, which caused me to write this test case to figure out what was going on.
Here is the code I am using to reproduce the bug:
For the above code, there are no dependencies besides the built-in webcrypto module and (version 1.7.0) the @noble/secp256k1 library.
I haven't run into this issue until recently, and I suspect it may have something to do with the random data being used for signing, but honestly I'm not sure. The random data will pass the
isValidPrivateKey
check 100% of the time, but the signature will fail 50% of the time on average.The text was updated successfully, but these errors were encountered: