Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ECDSA malleability: low s values are not enforced #4

Open
KasparEtter opened this issue Aug 20, 2021 · 1 comment
Open

ECDSA malleability: low s values are not enforced #4

KasparEtter opened this issue Aug 20, 2021 · 1 comment

Comments

@KasparEtter
Copy link
Contributor

You write at https://teachbitcoin.io/presentations/ecdsa.html#/2 that low s values are enforced. As far as I know, this is not the case. BIP 62 was withdrawn, and BIP 66 specifies only the encoding of the elements without restricting their values. libsecp256k1 generates signatures with a low s value, but this doesn't make it an enforced consensus rule. And since SegWit, signature malleability no longer matters anyway.
@KasparEtter KasparEtter changed the title ECDSA malleability: low s values are note enforced ECDSA malleability: low s values are not enforced Aug 23, 2021
@KasparEtter
Copy link
Contributor Author

Update after some further research: The STANDARD_SCRIPT_VERIFY_FLAGS include SCRIPT_VERIFY_LOW_S, which causes the Script interpreter to require a low s value when enabled. This does make signatures with a high s value non-standard. In order to prevent malleability attacks, however, it would have to be enforced as a consensus rule. "Removes ECDSA malleability: low s values enforced." should not be attributed to BIP 66 and changed to something like "High s values are non-standard (i.e. not relayed by others).".

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@KasparEtter