Validation via the dashboard contains a small bug

[ross-spencer]

Bug Report

Current Behavior

Currently, appending the s field in the signature with data doesn't invalidate the signature.

Expected behavior/code

When validating a signature via the dashboard, editing any part of the signature is supposed to invalidate the signature.

Environment

• https://chroniclelabs.org/dashboard/oracle/BTC/USD?blockchain=ETH&txn=0xb6dff5d2cc55697514460d05c3167f134362fe810623d6d1752b67cfaba3df3b&contract=0xe0f30cb149faadc7247e953746be9bbbb6b5751f

Find the s field, and add data to the end, within the quotation marks.

Additional context

Screenshot of the issue with the fields appending with MY_SECRET_MESSAGE and ANOTHER_MESSAGE:

I am not sure what each of the fields are, so I don't know what impact the s field should have.

NB. apologies if this is the wrong repository to report the issue, I couldn't find a better place.

[pmerkleplant]

Hey, thank you for raising the issue! Can confirm its a bug in the dashboard.

Some more context: The (v, r, s) triplet is the ECDSA signature. Changing any of these fields should always invalidate the signature, ie make the verification fail. Note that r and s are per spec always 32 bytes, which is why the dashboard currently just reads the first 32 bytes and doesn't realize additional data got appended to the string.

Important for other readers: The issue is about a bug in the Chronicle's dashboard and not in the Scribe contract itself!