Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Transaction Malleablity Possible #95

Open
aleph-v opened this issue Dec 21, 2018 · 1 comment
Open

Transaction Malleablity Possible #95

aleph-v opened this issue Dec 21, 2018 · 1 comment

Comments

@aleph-v
Copy link

aleph-v commented Dec 21, 2018

This issue is being reported as part of the ongoing audit being conducted by Authio for Kyokan.
Severity: Note
The signature library used doesn't throw on signatures which have the form (r, -s mod n), and so accepts the non-canonical signature form. https://eklitzke.org/bitcoin-transaction-malleability is a good reference on signature malleability. We haven't found a case where this problem can be used to have an affect on the application, but given the complexity of the plasma chain system and its extensive use of signatures best practice would be to have the signature library reject the non-canonical form.
Remediation is to include a check that s < n/2 in the ECDSA library.

@hamdiallam
Copy link
Member

Thanks for bringing this up! I wasn't aware of this.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Development

No branches or pull requests

2 participants