ECDSA has, as part of its definition in the sign() and verify() operations, a hashing step on the message. There are very good reasons why this is necessary. Apparently according to Matt Green's recent blog post, this is the code that does sign/verify in metamask (and may well be, many other JS projects):
I notice it does not include that hash step. It won't matter in all but an extremely artificial case, but ...
Also comments like this: (1/2)
⚡️6 years ago today the Lightning Network paper was published.🥳
Also 50 pages long, this is a fucking book, not a paper.
🔊Don't miss our next event!
⚡️Igor Korsakov creator of Blue Wallet will tell us what LN developments he finds interesting:
- Omni bolt protocol, tokens on lightning
In that recent citadel dispatch podcast I mentioned the funny anecdote of being on IRC with gmax when the "Biased Nonce-sense" paper (Breitner, Heninger) came out, and how he in a matter of minutes found the commit that caused the 64 bit nonces. I was pleased to see the latest version of the paper credits him (p. 10 https://eprint.iacr.org/2019/023.pdf ) but also it inspired me to re-look at the offending Ryan X Charles commit: https://github.com/bitpay/bitcore/pull/409/commits/ac4d3186bfbb4df2aee4389d1a51e488df08b52a#diff-43ddc84d45d5af8aad777ce038e2df3c39324481da540437b96a9879c19561d4R114
Why 8 bytes? Look at the PR.
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!