Skip to content

Commit

Permalink
chore: bump starknet-crypto to v0.6.1
Browse files Browse the repository at this point in the history 
The new version contains a bug fix on ECDSA signature verification.
Previously, the `s` range was incorrectly enforced to be lower than
EC order instead of element bound. While this did not allow invalid
signatures to be used, it was theoretically possible (1 in 2^48
signatures) to have a signature that passes `verify` yet cannot be
proven (due to being out of element bound).
  • Loading branch information
@xJonathanLEI
xJonathanLEI committed Oct 30, 2023
1 parent e6171d6 commit bfaa612
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 14 deletions.
17 changes: 4 additions & 13 deletions Cargo.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion Cargo.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ hex = { version = "0.4.3", default-features = false }
bincode = { version = "2.0.0-rc.3", default-features = false, features = [
"serde",
] }
starknet-crypto = { version = "0.5.0", default-features = false, features = [
starknet-crypto = { version = "0.6.1", default-features = false, features = [
"signature-display",
"alloc",
] }
Expand Down

0 comments on commit bfaa612

Please sign in to comment.