You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
k1util.Verify used in Vote.Verify and AggVote.Verify doesn't not check that the s component of the signature is in the lower half order. The openzeppelin ECDSA contract does this, but our k1util currently does not. So validators could submit invalid signatures, which would result in xsubmissions reverting.
Proposed Solution
add a check in k1util.Verify to ensure s is in the lower range, and check all vote extension are valid.
if (s > 0x7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF5D576E7357A4501DDFE92F46681B20A0) {
// error
}
The text was updated successfully, but these errors were encountered:
Align consensus chain vote verification with portal OpenZepellin
verification that does additional ECDSA malleability checks. This
mitigates an attack where consensus chain signatures pass but fail in
portal.
issue: #2432
Problem to Solve
k1util.Verify
used inVote.Verify
andAggVote.Verify
doesn't not check that thes
component of the signature is in the lower half order. The openzeppelin ECDSA contract does this, but ourk1util
currently does not. So validators could submit invalid signatures, which would result in xsubmissions reverting.Proposed Solution
add a check in
k1util.Verify
to ensures
is in the lower range, and check all vote extension are valid.The text was updated successfully, but these errors were encountered: