Hello. I believe that I have found a bug with how signatures (and possibly keys) are validated.
I have devised a test where the signature validation will fail 50% on average. I have also confirmed this behavior in two other projects, which caused me to write this test case to figure out what was going on.
For the above code, there are no dependencies besides the built-in webcrypto module and (version 1.7.0) the @noble/secp256k1 library.
I haven't run into this issue until recently, and I suspect it may have something to do with the random data being used for signing, but honestly I'm not sure. The random data will pass the isValidPrivateKey check 100% of the time, but the signature will fail 50% of the time on average.
Hello. I believe that I have found a bug with how signatures (and possibly keys) are validated.
I have devised a test where the signature validation will fail 50% on average. I have also confirmed this behavior in two other projects, which caused me to write this test case to figure out what was going on.
Here is the code I am using to reproduce the bug:
For the above code, there are no dependencies besides the built-in webcrypto module and (version 1.7.0) the @noble/secp256k1 library.
I haven't run into this issue until recently, and I suspect it may have something to do with the random data being used for signing, but honestly I'm not sure. The random data will pass the
isValidPrivateKey
check 100% of the time, but the signature will fail 50% of the time on average.