8000 Fix Misclassification of ECDSA Signatures in `verifyMultisig()` by valentinfernandez1 · Pull Request #1973 · polkadot-js/common · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

Fix Misclassification of ECDSA Signatures in verifyMultisig() #1973

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community. 10000

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 7 commits into from
Feb 16, 2025
Merged

Fix Misclassification of ECDSA Signatures in verifyMultisig() #1973

merged 7 commits into from
Feb 16, 2025

Conversation

valentinfernandez1
Copy link
Contributor
@valentinfernandez1 valentinfernandez1 commented Jan 31, 2025
edited
Loading

This PR addresses issue #1898 by refining the logic in verifyMultisig() to correctly distinguish between ECDSA, Ed25519, and Sr25519 signatures.

Problem:
Previously, verifyMultisig() misidentified certain ECDSA signatures (65 bytes) as Ed25519 or Sr25519 signatures (64 bytes) when the first byte of the ECDSA signature was 0 or 1. This happened because the function interpreted the first byte as a multisignature prefix rather than part of the ECDSA signature itself.

Solution:

  • Improved signature length handling:

    • If the signature is 66 bytes, it is treated as an ECDSA signature prefixed with a multisiginature prefix byte, so the prefix is removed before verification.
    • If the signature is 65 bytes, it could be:
      • A proper ECDSA signature, which should remain unchanged for verification.
      • An Ed25519/Sr25519 signature (1-byte prefix + 64-byte signature), in which case the prefix is removed before verification.

  • Improved verification order (when the signature starts with 0 or 1 and 65 bytes of lenght):

    • First, attempt Ed25519/Sr25519 verification by removing the prefix.
    • If verification fails, fall back to ECDSA verification using the full 65-byte signature.

    closes Signing and verifying a message using ECDSA sometimes fails #1898

@valentinfernandez1 valentinfernandez1 mentioned this pull request Jan 31, 2025
Closed
10 tasks
TarikGul
TarikGul approved these changes Feb 16, 2025
View reviewed changes
Copy link
Member
@TarikGul TarikGul left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🚀

@TarikGul TarikGul merged commit 2cbea7b into master Feb 16, 2025
4 checks passed
@TarikGul TarikGul deleted the vf/fix-multisig-routing branch February 16, 2025 17:36
@polkadot-js-bot
Copy link

This pull request has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

@polkadot-js polkadot-js locked as resolved and limited conversation to collaborators Feb 18, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@TarikGul TarikGul TarikGul approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Signing and verifying a message using ECDSA sometimes fails
3 participants
@valentinfernandez1 @polkadot-js-bot @TarikGul
0