Open abacabadabacaba opened 4 years ago
In near-api-js, we use tweetnacl library. This library doesn't check that the value s is canonically encoded, so it may accept invalid signatures. However, it looks like no one uses near-api-js to verify signatures.
@abacabadabacaba how to fix this? Do we need to verify some stuff in signature before sending it to tweetnacl? Can you give pseudocode?
@abacabadabacaba is this issue still relevant?
Yes, nothing has changed so far. As I posted before, this issue is not urgent because we don't depend much on signature verification in near-api-js. In the future, we may want to move away from tweetnacl (for example, to have the code for near/near-wallet#1372 in near-api-js), in which case we can fix this. Or we can add an extra check on top of tweetnacl.
@gtsonevv we should check if this is still the case with noble-curves
This is nearprotocol/nearcore#2700 for near-api-js. See that issue for a long description. The Ed25519 verification function in near-api-js may produce results different from other implementations that we use (in particular, the one we use in nearcore).