Utilities and base libraries for use across polkadot-js for Polkadot and Substrate. Includes base libraries, crypto helpers and cross-environment helpers.
Apache License 2.0
253
stars
144
forks
source link
keyring->pair->vrfVerify: possibly the wrong public key is used if the pair type is sr25519 #1906
What is the current behavior and expected behavior?
Vrf signature should be checked agains remote public key (passed as signerPublic parameter). But if the pair type is sr25519 then the current pair publicKey is possibly misused for validation.
I'm submitting a bug
What is the current behavior and expected behavior?
Vrf signature should be checked agains remote public key (passed as
signerPublic
parameter). But if the pair type issr25519
then the current pairpublicKey
is possibly misused for validation.https://github.com/polkadot-js/common/blob/6971012f4af62f453ba25d83d0ebbfd12eaf5709/packages/keyring/src/pair/index.ts#L211
Please tell us about your environment:
Version: 12.6.2
Environment:
[x] Node.js
[x] Browser
[x] Other (limited support for other environments)
Language:
[x] JavaScript
[x] TypeScript (include tsc --version)