diff --git a/.github/workflows/release-package.yml b/.github/workflows/release-package.yml
index 7b62966..097fd0d 100644
--- a/.github/workflows/release-package.yml
+++ b/.github/workflows/release-package.yml
@@ -44,9 +44,13 @@ jobs:
         with:
           folder: docs/book
 
-  publish-gpr:
+  publish:
     needs: ["release"]
     runs-on: ubuntu-latest
+    permissions:
+      packages: write
+      contents: read
+      id-token: write
     steps:
       - uses: actions/checkout@v4
       # Setup .npmrc file to publish to npm
diff --git a/package-lock.json b/package-lock.json
index f20cc62..db3aa42 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,12 +1,12 @@
 {
   "name": "@smoo.th/secp256r1-verify",
-  "version": "0.5.3",
+  "version": "0.5.4",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "@smoo.th/secp256r1-verify",
-      "version": "0.5.3",
+      "version": "0.5.4",
       "license": "MIT",
       "devDependencies": {
         "@smoo.th/secp256r1-computation": "^2.2.0",
diff --git a/package.json b/package.json
index f992929..e38d452 100644
--- a/package.json
+++ b/package.json
@@ -1,7 +1,7 @@
 {
   "name": "@smoo.th/secp256r1-verify",
   "description": "A solidity library to verify a secp256r1 signature",
-  "version": "0.5.3",
+  "version": "0.5.4",
   "contributors": [
     {
       "name": "qd-qd",