BIP352: ECDSA verify compare x(R) modulo n to r #1959
pull radik878 wants to merge 1 commits into bitcoin:master from radik878:fix/ecdsa-verify-mod-n-compare changing 1 files +1 −1-
radik878 commented at 7:18 am on September 8, 2025: noneThe signer computes r = x(R) mod n, but the verifier compared the affine x-coordinate directly to r. This could incorrectly reject valid signatures when x(R) ≥ n (rare but possible). Update ECPubKey.verify_ecdsa to check (x(R) % n) == r, aligning verification with ECDSA as defined in SEC1/FIPS 186 and matching our signer’s behavior.
-
BIP352: ECDSA verify compare x(R) modulo n to r ab1ba2b464
-
jonatack assigned RubenSomsen on Sep 10, 2025
-
jonatack added the label Proposed BIP modification on Sep 10, 2025
-
jonatack added the label Pending acceptance on Sep 10, 2025
github-metadata-mirror
This is a metadata mirror of the GitHub repository bitcoin/bips. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2025-09-13 09:10 UTC
This is a metadata mirror of the GitHub repository bitcoin/bips. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2025-09-13 09:10 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me
More mirrored repositories can be found on mirror.b10c.me